- The next generation protocol A5/3 is academically broken.
So what is new here?
Actually A5/1 is known to be a weak stream cipher for long time but details were only for closed groups, now it is public, relatively easy, and cheap. The interesting part is that many GSM operators are using this well-known weak encryption.
The moral of the story is ..... keep your mouth shut....
Kismet New-Core comes with a new log format, so all the old tools used to convert kismet logs to Google Earth format is not valid anymore, the only tools I know that work with th new core are GISKismet or netxml2kml
I like the GISKismet tool, as it has some nice features:
- Eliminate duplicate APs, in case you have several log files.
- Filtering AP before exporting logs
- Filtering AP before generating kml file
- It uses a database (sqlite3), giving you great flexability for whatever queries you need, such as top SSID used, Encryption statistics, channels usage distribution,.....etc
WPA Cracker is a new paid service for cracking WPA or WPA2 Pres-Shared Key.
- The service is running on cloud with 400 CPU - Uses dictionaries with 130 million word, tailored for wireless cracking - 2 pricing models 17$ (using CPU half capacity) and 34$ (using full capacity to shorten time) - Require pcap file with WPA handshake - Accept Amazon payments - Cracking the key is not guaranteed.
So are you ready to crack your neighbor's wireless network for 17$??
SHODAN is an interesting search service, this is a banner grabbing search service that could reveal some useful information for interested people. SHODAN is scanning the internet on specific ports and provide the scan results in a searchable way.
I did a simple search using SIP keywork, and easily got web access to lots of voip devices on the internet. The IP ranges I checked randomly are all ADSL ranges, poor end-users!
In Egypt more than 200 Cisco routers have web admin interface enabled, and exposed publicly.
The database has more than 11K IPs in Egypt, 3K IPs in UAE, and 8K IPs in Saudi Arabia.