http://www.hackingexposedwireless.com/ 2012-02-22T20:56:29+00:00 http://www.hackingexposedwireless.com/ http://www.hackingexposedwireless.com/lib/images/favicon.ico text/html 2010-08-31T23:21:58+00:00 Joshua Wright http://www.hackingexposedwireless.com/doku.php?id=start&rev=1283296918&do=diff [] Welcome to the companion website for Hacking Exposed Wireless, 2nd Edition by Johnny Cache, Joshua Wright and Vincent Liu. In this fully-revised book, we've poured our best tips, tricks, tools and techniques to demonstrate ways to hack wireless networks. Not just limited to 802.11, we've included detailed techniques for exploiting Bluetooth, ZigBee and DECT networks, as well as emerging attack trends against and with wireless client systems. We think you'll find this book demonstrates new … text/html 2010-06-23T12:16:59+00:00 Joshua Wright http://www.hackingexposedwireless.com/doku.php?id=taking_it_all_the_way:bridging_the_airgap_from_os_x&rev=1277295419&do=diff On this page you will find additional resources cited in Chapter 6. * Page XXX: The proof-of-concept exploit by Landon Fuller against Java exploiting the deserialization vulnerability. * Page XXX: Modified Exec.java from the Java deserialization exploit to send a shell back to 802.11mercenary.net (please modify this before use!) * Page XXX: The "callback.sh" script masqueraded as "CrashReporter.sh" in the system cron * Page XXX: The crontab file to launch CrashReporter.sh on the victim,… text/html 2010-06-23T11:59:26+00:00 Joshua Wright http://www.hackingexposedwireless.com/doku.php?id=hacking_802.11_clients&rev=1277294366&do=diff On this page you will find additional resources cited in Chapter 5. * Page XXX: Sample DHCP server configuration file. * Page XXX: Sample Metasploit resource control file for the Karmetasploit attack. * Page XXX: Patch to fix IPPON to accommodate modern wireless interfaces in monitor mode with RadioTap headers. * Page XXX: IPPON targets configuration file configured to exploit the Amazon.com MP3 updater service. * Page XXX: Script to generate a HTML file for brute-forcing the password… text/html 2010-06-20T11:52:16+00:00 Joshua Wright http://www.hackingexposedwireless.com/doku.php?id=errata&rev=1277034736&do=diff No errata has been identified to date. If you think there is an error or otherwise want to point out an issue/concern/question, please let us know - authors[at]hackingexposedwireless[dot]com. Thanks! text/html 2010-06-20T11:50:51+00:00 Joshua Wright http://www.hackingexposedwireless.com/doku.php?id=taking_it_all_the_way:bridging_the_airgap_through_a_windows_client&rev=1277034651&do=diff No companion files are available for this chapter. If you are looking for a resource we cited in the book that is missing, please let us know - authors[at]hackingexposedwireless[dot]com. Thanks! text/html 2010-06-20T11:34:33+00:00 Joshua Wright http://www.hackingexposedwireless.com/doku.php?id=attacking_wpa-protected_802.11_networks&rev=1277033673&do=diff No companion files are available for this chapter. If you are looking for a resource we cited in the book that is missing, please let us know - authors[at]hackingexposedwireless[dot]com. Thanks! text/html 2010-06-20T11:33:02+00:00 Joshua Wright http://www.hackingexposedwireless.com/doku.php?id=scanning_and_enumerating_802.11_networks&rev=1277033582&do=diff No companion files are available for this chapter. If you are looking for a resource we cited in the book that is missing, please let us know - authors[at]hackingexposedwireless[dot]com. Thanks! text/html 2010-06-20T11:32:14+00:00 Joshua Wright http://www.hackingexposedwireless.com/doku.php?id=introduction_to_802.11_hacking&rev=1277033534&do=diff No companion files are available for this chapter. If you are looking for a resource we cited in the book that is missing, please let us know - authors[at]hackingexposedwireless[dot]com. Thanks! text/html 2010-06-20T11:28:03+00:00 Joshua Wright http://www.hackingexposedwireless.com/doku.php?id=scoping_and_information_gathering&rev=1277033283&do=diff No companion files are available for this chapter. If you are looking for a resource we cited in the book that is missing, please let us know - authors[at]hackingexposedwireless[dot]com. Thanks! text/html 2010-06-20T11:17:51+00:00 Joshua Wright http://www.hackingexposedwireless.com/doku.php?id=hack_dect&rev=1277032671&do=diff On this page you will find additional resources cited in Chapter 12. * Page XXX: Sample DECT packet captures with unencrypted audio information. * Page XXX: Patch for dectshark to support DECT6 scanning in North America. If you are looking for a resource we cited in the book that is missing, please let us know - authors[at]hackingexposedwireless[dot]com. Thanks! text/html 2010-06-20T11:10:17+00:00 Joshua Wright http://www.hackingexposedwireless.com/doku.php?id=hack_zigbee&rev=1277032217&do=diff On this page you will find additional resources cited in Chapter 11. * Page XXX: Sample Microchip ZENA Packet captures. * Page XXX: High-resolution image of the GoodFET interfacing with a development ChipCon 2531 board. If you are looking for a resource we cited in the book that is missing, please let us know - authors[at]hackingexposedwireless[dot]com. Thanks! text/html 2010-06-20T10:59:48+00:00 Joshua Wright http://www.hackingexposedwireless.com/doku.php?id=attacking_and_exploiting_bluetooth&rev=1277031588&do=diff On this page you will find additional resources cited in Chapter 10. * Page XXX: A sample packet capture and BD_ADDR information for use in a BTCrack attack to recover the Bluetooth PIN. * Page XXX: A picture from a Motorola PEBL when exploited using the Blueline attack. text/html 2010-06-20T10:52:53+00:00 Joshua Wright http://www.hackingexposedwireless.com/doku.php?id=bluetooth_eavesdropping&rev=1277031173&do=diff On this page you will find additional resources cited in Chapter 9. * Page XXX: A sample Frontline Test Equipment FTS4BT packet capture containing a transferred business card exchange. * Page XXX: Sample Frontline Test Equipment FTS4BT packet captures. * Page XXX: Packet capture file using the GNURadio usrp_rx_cfile.py tool with a USRP and RFX2400 receiver board containing Bluetooth traffic. Use this capture file (after decompressing with bzip2) with btrx to create a packet capture, then…