FinIntrusion Kit / Release Notes. FINFISHER: FinIntrusion Kit 4.0 Release Notes

Similar documents
CONFIGURATION MANUAL. English version

Worldwide Release. Your world, Secured ND-IM005. Wi-Fi Interception System

FinFireWire / Release Notes. FINFISHER: FinFireWire 3.5 Release Notes

Cyber Security & Ethical Hacking Training. Introduction to Cyber Security Introduction to Cyber Security. Linux Operating System and Networking: LINUX

Learn How to Configure EnGenius Wi-Fi Products for Popular Applications

User Manual DIR-850L. Wireless AC1200 Dual Band Gigabit Router.

Ethical Hacking and Prevention

Comptia.Certkey.SY0-401.v by.SANFORD.362q. Exam Code: SY Exam Name: CompTIA Security+ Certification Exam

Release note Tornaborate

Security SSID Selection: Broadcast SSID:

HP Cloud-Managed Networking Solution Release Notes

EC-Council Certified Network Defender (CND) Duration: 5 Days Method: Instructor-Led

WISNETWORKS. WisOS 11ac V /3/21. Software version WisOS 11ac

Wireless-N USB Adapter User s Manual

CAP1750. User Manual / v1.1

Network Security. Thierry Sans

The R25 Robot Series

WF-2402 Quick Installation Guide

Vendor: Microsoft. Exam Code: Exam Name: MTA Security Fundamentals Practice Test. Version: Demo

SETTING UP THE LAB 1 UNDERSTANDING BASICS OF WI-FI NETWORKS 26

DWS-4000 Series DWL-3600AP DWL-6600AP

Configuring the WT-4 for ftp (Infrastructure Mode)

802.11ac Wireless Access Point Model WAC104

McAfee Network Security Platform

WIRELESS EVIL TWIN ATTACK

WISNETWORKS. WisOS 11ac V /3/21. Software version WisOS 11ac

Premiertek AP Mbps Wireless-N Broadband Router Quick Installation Guide

WRE6505 v2. User s Guide. Quick Start Guide. Wireless AC750 Range Extender. Default Login Details. Version 1.00 Edition 1, 10/2016

Procedure: You can find the problem sheet on the Desktop of the lab PCs.

Report Exec Dispatch System Specifications

ECCouncil Certified Ethical Hacker. Download Full Version :

Pulse Secure Desktop Client

A5500 Configuration Guide

EnGenius M2000 Wireless Outdoor Access Point / Client Bridge / Mesh User Manual Version: 1.0

IPS-390U Specification

Oct 2007 Version 1.01

Pulse Secure Desktop Client

AplombTech Smart Router Manual

Activity Configuring and Securing a Wireless LAN in Packet Tracer

WLAN Security. Dr. Siwaruk Siwamogsatham. ThaiCERT, NECTEC

AiM User Manual. Wi-Fi Configuration. Release 1.01

High Power Wireless N. 600mW Smart Repeater LP 9698SR

Quick Start Guide for Standalone EAP

CYBER ATTACKS EXPLAINED: WIRELESS ATTACKS

Configuring Wireless Distribution System (WDS) on the WAP131 and WAP351

OAP1750. User Manual / v1.1

Agile Controller-Campus V100R002C10. Permission Control Technical White Paper. Issue 01. Date HUAWEI TECHNOLOGIES CO., LTD.

Section 4 Cracking Encryption and Authentication

AURA ACADEMY Training With Expertised Faculty Call Us On For Free Demo

Cisco Exam Implementing Advanced Cisco Unified Wireless Security v2.0 Version: 9.0 [ Total Questions: 206 ]

ETHICAL HACKING & COMPUTER FORENSIC SECURITY

AC750GW 750Mbps. Dual band Gigabit Wireless Router. Overview DATA SHEET. Highlights

300Mbps Wireless N Gigabit Ceilling Mount Access Point

Dual Band Long Range Multi-Function Access Point/ Client Bridge. Software Features System Requirement. Status

WRE2206. User s Guide. Quick Start Guide. Wireless N300 Range Extender. Default Details. Version 1.00 Edition 1, 01/2015

4 Enter an IP address and sub-net mask for the ftp server and. 5 Go to the [System and Maintenance] > [Administrative Tools]

On the left hand side of the screen, click on Setup Wizard and go through the Wizard.

1.0 Basic RF Characteristics (15%) 1.1 Describe RF signal characteristics Frequency Amplitude Phase 1.1.

Barracuda Firewall Release Notes 6.6.X

Wireless PTZ Cloud Camera TV-IP851WC (v1.0r)

Wireless Attacks and Countermeasures

What action do you want to perform by issuing the above command?

Wireless Security Setup Guide

Network Manual BGT-100P/102P mpos Thermal Printer Rev. 1.00

WAP3205 v2. User s Guide. Quick Start Guide. Wireless N300 Access Point. Default Login Details. Version 1.00 Edition 2, 12/2012

WisCloud Access Controller V /6/9

SOHO 6 Wireless Installation Procedure Windows XP with Internet Explorer 5.x & 6.0

Network Security Platform 8.1

What is Eavedropping?

Today s challenge on Wireless Networking. David Leung, CISM Solution Consultant, Security Datacraft China/Hong Kong Ltd.

Wireless Network Security

User Guide. Omada Controller Software

BackTrack 5 Wireless Penetration Testing

Stonesoft Management Center. Release Notes Revision A

Ekran System v Program Overview

DV230 Web Based Configuration Troubleshooting Guide

WNRT-627. Data Sheet. Europe/ ETSI: 2.412~2.472GHz (13 Channels) Japan/ TELEC: 2.412~2.484GHz (14 Channels) RF Power.

Added released version binaries for TR-CPQ, TR-SL2, TR-SL5, TR-SL9, TR-6, TR-5a, TR- FDD, TR-4.9, TR-Multi, and TR-90X

Wireless Security Setup Guide

ESCG-Config. Manual. Program Version: ESCG Config Version 3.28a 1. ESCG a / b / g

Vendor: HP. Exam Code: HP2-Z32. Exam Name: Implementing HP MSM Wireless Networks. Version: Demo

Huddle Hub One / Huddle Hub One+ Configuration Guide. Product version 1.21 Manual version 01

300Mbps Wireless N Gigabit Ceilling Mount Access Point

Configuring Wireless Security Settings on the RV130W

3GWIFIMRD. 3.5G plus WLAN Desktop Server Router. Quick Setup Guide. 1 Version 1.0

Attacks on WLAN Alessandro Redondi

User Manual. TOTOLINK Wireless-N Portable AP

WRE6606. User s Guide. Quick Start Guide. Dual-Band Wireless AC1300 Access Point. Default Login Details. Version 1.00 (ABDU.0) Edition 1, 10/2016

Light Mesh AP. User s Guide. 2009/2/20 v1.0 draft

QUICK START GUIDE. Pepwave Express. Quick Start Guide. Pepwave Express. Nov Pepwave

PRODUCT OVERVIEW ECB600

300Mbps Wireless N Ceiling Mount Access Point

PRODUCT OVERVIEW ECB600

VAR11N Datasheet. Shenzhen Houtian Network Communication Technology Co., LTD

Frequently Asked Questions WPA2 Vulnerability (KRACK)

RG-WLAN Series Access Point. Web-Based Configuration Guide, Release 11.1(5)B3

1. Press "Speed Test" to find out your actual uplink and downlink speed.

OSBRiDGE 24XL(i) Configuration Manual. Firmware 2.05b9

User Manual of 5.8G Outdoor CPE

RICOH Unified Communication System. Security White Paper (Ver. 3.5) RICOH Co., Ltd.

Transcription:

1 FINFISHER: FinIntrusion Kit 4.0 Release Notes

2 Copyright 2013 by Gamma Group International, UK Date 2013-07-12 Release information Version Date Author Remarks 1.0 2010-06-29 ht Initial version 2.0 2011-05-26 Pk Changes for FinIntrusion Kit Version 2.0 2.2 2011-09-23 Pk Changes for FinIntrusion Kit Version 2.2 2.3 2011-11-02 PK Changes for FinIntrusion Kit Version 2.3 2.4 2011-11-30 PK Changes for FinIntrusion Kit Version 2.4 3.0 2013-02-08 PK Changes for FinIntrusion Kit Version 3.0 4.0 2013-07-12 PK Changes for FinIntrusion Kit Version 4.0

3 Table of Content 1 Overview... 4 2 ChangeLog... 5 3 Limitations... 6

4 1 OVERVIEW The FinIntrusion Kit is a multi-purpose IT Intrusion kit that has been built specifically for nowadays operations by Law Enforcement and Intelligence Agencies. It can be utilized in a wide-range of operational scenarios like: Breaking into- and monitoring Wireless and Wired Networks Remotely breaking into E-Mail Accounts Performing security assessments of Servers and Networks The full capabilities are shown in several training courses, each focusing on different operational usecases.

5 2 CHANGELOG Version: 4.0 Component Change Description GUI Improvement / Bugfix Some fixes were done to prevent random crashes or freezing of the GUI component. Network & Wireless / Scanner First/Last seen timestamp is added. Network Scanner An OS fingerprinting can be done against a selected dedicated target. Network Configuration MAC Spoofing status will be shown in the adapter configuration details. Wireless Scanner 802.11 Protocol can be chosen. 2.4Ghz and 5Ghz frequency is supported now. WEP Cracking Bug Fix WEP Cracking process can be stopped now and adapter settings will be restored. Wireless Mass Jammer Improvement Display selected channel was improved. Network Sniffer An URL Sniffer for a selected Target was integrated. Wireless Fake Access Point Wireless Fake Access Point Wireless Fake Access Point Wireless WPA Capture Handshake It is possible to setup a fake access point with a hidden SSID. It is possible to setup a fake access point with a WEP encryption. It is possible to limit access to dedicated wireless target systems. Capture only a WPA handshake and export handshake file was integrated. Email Spoofing New Module FITK can be used to send a spoofed email. File Attachment is supported. Dependency Check New Module A new option in FITK is available to check if all dependencies are pre-installed.

6 Version: 3.0 Component Change Description GUI Improvement / Bugfix A new design and some fixes to prevent crashes or freezing of the GUI component. Network / Scanner Update Improved the scan speed by 50% and implemented an optional OS fingerprinting. Network / Scanner Possibility to update Fingerprinting Database to detect newer Operating Systems or Hardware Vendors. Network / Scanner Based on the network mask the possible target range will be automatically detected. In an older version only a class c-network was supported. Network Jammer /Sniffer Bugfix Some gateway settings could trigger a problem with these modules and they stopped working. Wireless / Scanner It is possible to refresh the client list of a selected AP without losing old entries. Wireless / Mass Jammer Wireless / Breaking Encryption New Module Update / Improvement Implement a newer and faster WLAN mass jammer which can disconnect all Wireless Networks on all or dedicated Channels. Blackand white list support is implemented. To increase the possibility to capture more packages or WPA handshakes. Wireless / Multiple Interface Handling Update / Improvement Multiple Wireless Adapter and Process handling is supported now. The change was necessary to run a Wireless Jammer and Fake AP at the same time. Wireless / Fake AP A dedicated channel can be selected, otherwise a random channel will be chosen. Password / Meta Information Password / Hash Finder New Module New Module It is possible to extract hidden metainformation from files and to generate customized password list. This module can be used to search for known hashes and send back the clear-text password. An auto detection of the hash type is implemented. 3 LIMITATIONS This chapter covers current known limitations within the FinIntrusion Kit Software.

7 Feature Backtrack FinIntrusion Kit WEP - Cracking USB Hard-Disk Password Generator from Websites WPA Cracking Wireless Cracking HTTPS emulation Description Backtrack includes a wide-range of publicly available IT Intrusion tools within the Toolset. As most of them are proofof-concept tools, their functionality cannot be guaranteed in every scenario. The software is an approach to automate complex attacks with a simple user interface. Due to the wide-range of different networks and scenarios, the implemented operations cannot be guaranteed to work in all scenarios without more advanced user interaction. The automated WEP cracking technique requires the Access- Point to be vulnerable to the fragmentation attack. The rainbow tables and default word lists provide a selection of possible passwords. It is not guaranteed that the Target s passwords are contained within these lists. Currently the FinIntrusion Kit has no support to crack WPA-PSK with rainbow tables. Only HTTP/HTTPS pages without pre-authentication could be scanned. No Proxy support at the moment. Only pure HTTP Websites are supported. Password List could still have some useless Entries (e.g. script code), which must be removed manually. Only WPA/WPA2-PSK mode could be attacked. WPA/WPA2 in Enterprise mode couldn t be attacked. There is no possibility to identify from outside in which mode the Wireless Network runs (PSK / Enterprise). The success to crack a WPA-PSK depends on the password list and CPU power and could take days / weeks / years. The Wireless environment is highly flexible. It could happen that Wireless Clients / Networks cannot be detected (depends on the channel hopping and the frequency which is used). Some Access-Points have intrusion detection and prevention or make active network / cracking attacks very difficult. Some browser like Google Chrome prevent a HTTPS HTTP

8 break down for their (non-)commercial services e.g. Gmail. These can only be bypassed if the Target is using a different browser. In the case a SSL break down isn t possible, the target system will get a certificate warning! Fake Access Point Setup OS detection Jammer Wireless Client / Network detection. MAC Spoofing ARP Spoofing / Sniffing / Jammer failed Currently we strongly recommend to us a cable network interface as Uplink interface, otherwise the bandwidth / network performance could trigger a lot of packages lost. OS fingerprinting cannot guarantee that the result is the actual OS. In most of the cases a specific fingerprint can only be generated if at least one TCP port is open. If a target is using a personal firewall which blocks all incoming connections, an OS fingerprint cannot be done. An active OS fingerprint can also trigger an alert on target system. Some systems, especially SOHO environment, can be vulnerable for DoS attacks based on jamming the (wireless) network or dedicated connected Clients. In some cases the equipment needs a reboot or must be switched off/on. There exists no indication which helps us to detect it before the attack will be done. If you re not sure, please feel free to contact our support team. Currently we re only supporting 802.11bgn networks which run in a 2.4Ghz frequency. FinIntrusion Kit has support to spoof the MAC address of the current used Network Adapter. This feature is only working for Network Intrusion Attacks. For Wireless Intrusion attacks, the MAC address for a virtual monitoring interface cannot be spoofed and will be all the time the real MAC address of the wireless adapter (even if this MAC address of the wireless adapter is spoofed!). The FinIntrusion Kit tries to do an ARP spoofing attacks for different scenarios. In some cases the default gateway or some firewalls are detecting and blocking ARP spoofing attacks. If the target system or default gateway has static MAC address entries, the attack will also fail. In these cases the Network Sniffer and Jammer will not work.

9 Client Isolation Wireless client devices can be isolated from each other either within an SSID or between 2 SSIDs. In this case all target systems will be listed with one identical MAC address. In these cases the Network Sniffer and Jammer will not work.

10

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback