OverTheWire – Narnia 1

Introduction Narnia a series of reverse engineering puzzles developed by OverTheWire and is an introduction to reverse engineering. Below is the methodology used to solve these puzzles. Login and Execution In the previous level, Narnia 0, we covered the difference between Source Code and Executable Code. All Narnia binaries and Read more…

Guide to wifi hacking using Wifite

Disclaimer: What you do with this information is up to you. You are fully responsible for what you do with this info, and how you use it. HackMethod is not responsible for your actions. Please do not hack Wifi points that you are not allowed to.

NOTE: I do advise having a USB WiFi adapter, and an extra point would be to get a great one like the ALFA AWUS036NHR or AWUS051NH. Although any card would do as long as it supports monitor mode and packet injection.

Introduction

When it comes to the world of WiFi hacking, the possibilities are only limited by your imagination. Skilled hackers can combine attacks together for increased efficiency, and can also judge on which attack is best to use given a particular situation. By the end of this guide you should have an overall idea on the types of attacks that you can use against any WiFi-enabled AP or router.

(more…)

Using LUKS

Linux Unified Key Setup, or LUKS [luhks] as it will be referred to as from here on out, is a widely used method of disk-encryption.  LUKS is proprietary to the Linux Kernel and a device encrypted with LUKS will not mount in a Windows or Apple environment.  LUKS can encrypt entire block devices such as Hard Disks Drives (HDD), Solid-State Devices (SSD) such as USB sticks or Flash drives, partitions, etc.  LUKS is largely recommended for protecting removable storage media, laptop hard-disks or Linux swap files and not recommended for file level encryption.

(more…)

Passive Recon – Hacking with Google Dorking

Google Dorking can technically be defined as a type of hacking by itself. The basic idea of Google Dorking is to used Google’s advanced search features/operators to obtain information about someone, or something.

In general we know that Google Search is a big database of all the webpages that are considered publicly searchable (I’m not going into deep web in this article). Public webpages are websites that googles spider has access to. It is possible to make your website not searchable by telling Google’s search spider that you do not wish for it to crawl and index your website. That being said I think you’ll find that most websites on the internet are intended to be found and as such can be searched using dorks.

(more…)

Homelab: Intro to building a pfSense router/firewall & VMWare ESXi server

A few months back A1ph4byte, hellor00t, and I had a discussion about a project that would be both educational and useful.  Despite being employed in the Network Security world, none of us had tinkered with pfSense in-depth prior to this venture. We mostly relied on the “strict” firewall rules of our SOHO routers.  As enthusiasts not only would this serve as a fun and interesting project for us, but it would also serve as a guide/walk-through to others with our same interests.  In addition, we thought it would be entertaining to VPN our networks together to build a somewhat larger “homelab” to test theories and attempt to mess with each others VMs, but that’s another write-up for a different time. The overall goal of this is to setup a more secure home network.

(more…)

Wireless Hacking Tutorial

Overview

Today we’re going to go over the principals of wireless hacking, an example of a WPA2 hacking and then we will wrap it up with a few troubleshooting tips.

Disclaimer: Before we begin let me preface this. Intrusion into anyone’s network without express permission by the network owner is illegal. I highly recommend you practice these techniques on your own wireless network. I take NO responsibility in what you do with this knowledge.

(more…)