Re: Without Wires

[Mohammad Hosein <mhtajik () gmail com>]

at the risk of being very off-topic i got a question which can be relevant
to SILICA at some points . i've read all sorts of crap about direction
finding of Wifi targets from people who dont know what they are talking
about including changing the direction of antenna and see if signal level
goes up! i've also read the blackhat talk about AOA , which in reality
considering various "real" world factors it simply does not work . question
is , anybody here knows of a product that does TDOA on Wifi or maybe a
wideband DF that specifically Supports Wifi including 802.11n MIMO mode ?
long time ago i accidentally found out about a U.S government contractor who
developed something of this nature for the FBI through one of these GAO
public documents, but i do not remember its name and can not find it now .
altogether i am amazed how thin is the general knowledge and movement toward
target locationing when it comes to stuff like wifi and bluetooth in hacker
community

regards

On Wed, May 4, 2011 at 8:12 PM, dave <dave () immunityinc com> wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> So SILICA has been around for a while - essentially automating wireless
> attacks in
> various ways has always been something on everyone's mind, if for no other
> reason
> than because learning all of aircrack's command line switches seems hard.
>
> But over time, we've noticed that our use of SILICA has changed. Before, it
> was very
> much "click button, get key or not, scan internal network, generate
> report". This is
> a very "assessment oriented" style. But we found more and more that the
> dimension of
> time because important. Instead of getting your results right away, often
> it made
> sense to stick your laptop (everyone runs SILICA as a VM on a MacBook now,
> essentially) somewhere, and then let it do its thing for days.
>
> For example, on lots of "secure" networks, protected by hidden SIDS, there
> is VERY
> little traffic. Maybe once a week in the middle of the night someone logs
> on to check
> some diagnostics. If you're not waiting around for that once-a-week time,
> you miss
> it. Even though you know, theoretically, that the SID is "discoverable",
> there's a
> big difference between knowing it, and showing it.
>
> The same thing is true when cracking WEP or getting WPA handshakes.
> Sometimes
> "Sitting around and waiting" is the most powerful thing you can do. And the
> new
> SILICA does that very well.
>
> The other thing it does is make your life easy - for example, even if you
> have a WPA
> password (mostly they are just phone numbers), it's a pain in the rear to
> look at the
> traffic over the air. Each client has their own negotiated key. But SILICA
> automatically decrypts them all, and sends them over a named pipe to
> Wireshark in
> realtime. So it's as if you're sniffing any other normal network.
>
> Anyways, making wireless hacking fun again is the stated mission of SILICA.
> And it
> does! :>
>
> Repaste of movie link for those who haven't seen it:
> https://www.immunityinc.com/movies/New_Features_SILICA_7.2.mov
>
> Product page, for those of you who forgot we had this product: :>
> http://www.immunityinc.com/products-silica.shtml
>
> - -dave
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.9 (GNU/Linux)
> Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
>
> iEYEARECAAYFAk3Bc/8ACgkQZH6GP9oltEsArgCeLVCySj36Dt690M7o09LgvOOT
> ozgAniPod9BSqSBGx2dBTnQEQTZteQtJ
> =VaFT
> -----END PGP SIGNATURE-----
> _______________________________________________
> Dailydave mailing list
> Dailydave () lists immunityinc com
> https://lists.immunityinc.com/mailman/listinfo/dailydave
_______________________________________________
Dailydave mailing list
Dailydave () lists immunityinc com
https://lists.immunityinc.com/mailman/listinfo/dailydave