WiFi client detection software? - Networking

Hi, thanks in advance for help.
I have someone leeching off my Wifi net, who seems to be able to 'break-in' no matter how i secure the WiFi net.
Anyone know of any free Windows Mobile software that will show signal strength of Wifi CLIENTS nearby. Not Access Points, but CLIENTs.
I want to go find this guy.
thanks

Hi there!
If you got an "leecher" on your network I would recommend you to start your search on your router.
You didn't provide any specs, how did you find out that someone is on your network?
Next question, have you changed both, router pass and wlan key?
Are u using weak encryption (wep)?
Whats about your mac-filter?active?
I would guess you've got an dhcp server on your network/router... go there and check the dhcp releases. Any suspicious entrys? You should know all the devices listed there. If you have found a IP you don't know, ping it and check if its alive (those packages can be ignored by the host), try to access it via smb, you could also try a demo of languard and try to read out details like os, user, owner...
I'm almost shure you can't use your wm device to locate a client of a network, unless you can switch your wlancard to ap-mode and he connects to you ^^

Nope, need signal strenght reader if poss.
Thanks for the comment, but I'm pretty security savvy, and have done most of what you recommend.
I actually can't believe he's still getting in when I've locked down so tight.
Anyway, it's a CLIENT signal strengh program that I'm trying to find.

Rogue clients are malicious wireless client devices that either try to gain illegitimate access to your WLAN or try to disrupt normal wireless service by launching attacks. There are numerous ready-to-launch wireless attack tools freely available on the net. Many of them are open sourced and work pretty well with most Wireless client cards. This turns any curious mind to professional hacker in minutes. Many do it simply for the pleasure of being able to disturb someone remotely. All these developments force WLAN administrators to give a second look at any wireless client that is misbehaving.

What means most of that what i recommended?
Did you actually change the router password AND the wlan key?
Sorry, I don't think that you can trace him with your mobile. as long as hes not connected to your mobilephones wireless network (wich requires your mobile wlan device to switch to ap-mode).
Forget about that.
Please tell us, why do you think somebody is on your network, how did you find out... whats the "evidence" for you that there is somebody.
I'd like to help u, but i need some further details to lock him out.
I hope you know that its just a matter of minutes to break a wep key. GPUs are used to decode it, which is damn fast!
So please provide more specs about your network.
Greetings

1: Use WPA instead of WEP.
WEP is crackable in a matter of seconds.
2: Assign access control/MAC filtering
3: Use your network in ad-hoc mode
Well, WPA is crackable too.
The person in question might change his MAC to yours and create collisions anyways

Can you be sure that he has really associated with your router. I have noticed some client/router combinations "apparently" associate but all traffic is blocked because they did not provide the right key.
As others say - use WPA WPA2 and use a strong (non dictionary) passphrase
get a computer that can run airodump or something similar.
run airodump with it set to the channel of you router - not in hopping mode as you will miss lots of packets.
Airodump will tell you the strength of the signal from his computer so if you have this on a laptop you can move around and possibly can an idea roughly where he is

Thank you, i will try Airodump
Thanks in particular Scote.
I didn't list the router config simply becuase I am confident it's pretty secure:
Router is a new Belkin N1
- 63 random char password from grc.com/passwords
- SSID is "netgear" even though its a Belkin : intention to mislead for access URL.
- WPA2-PSK AES encryption
- SSID not broadcasting
I didn't bother with MAC filtering, as I understand a good 'hacker' can spoof it : If this guy can get through WPA2 I would say he can probably MAC spoof.
My 'evidence', is that up to 3 unkown computers turn up on the 'Clients List', around 4 hours after I change the SSID/password : Each time.
I have 2 laptops, so I will try Airodump or maybe Backtrack (suggested elswhere) on these as a 'direction finder' based on signal strength.
Hmmm...I did read somewhere you can set a Kaiser to be an access point...
Thanks all

Yes you can.
Someone found his stolen Wii/mobile phone (don't remember which one) that way.
There was even an article on the net.

Related

HTC Tytn Wifi Drop Connection

Hi,
I experienced some problems wih my HTC Tytn (R 1.03.03.10).
At home I use a wifi connection with WEP 128 bits authentication.
The wifi connection procedure goes ok every time (with regular Ip adderess assigned).
After connection I can normally surf with IE (or use other other applications as MSN) but only for few seconds. In fact after few second it is not possible to surf anymore although it seems to be connected to wifi AP with regular IP address assigned (the icon and the specific menu say me that). After other few seconds It is possible to surf again, and so on..... The connection seems to drop and raise randomly.
I tried to modify some settings (eg. Power save mode) but with any result.
Thank you in advance to anyone could help me to solve this problem.
M.
marmao12 said:
Hi,
I experienced some problems wih my HTC Tytn (R 1.03.03.10).
At home I use a wifi connection with WEP 128 bits authentication.
The wifi connection procedure goes ok every time (with regular Ip adderess assigned).
After connection I can normally surf with IE (or use other other applications as MSN) but only for few seconds. In fact after few second it is not possible to surf anymore although it seems to be connected to wifi AP with regular IP address assigned (the icon and the specific menu say me that). After other few seconds It is possible to surf again, and so on..... The connection seems to drop and raise randomly.
I tried to modify some settings (eg. Power save mode) but with any result.
Thank you in advance to anyone could help me to solve this problem.
M.
Click to expand...
Click to collapse
Couple of routine things you may already have done/tried/checked:
Try best performance setting in the "power mode" in Connections>wireless LAN.
And the range of the wifi is only around 10 to 15 metres are you within this without large obstructions?
Could also set a fixed IP address.
Mike
Thank you Mike,
I've already tried to set power performance to "power mode" and I performed my test near the (2-3 meters) without any obstructions.
Later I'll try to configure a static IP address and/or to deactivate WEP authentication. I could try a mac address based access too, instead of WEP.
I'll inform you later !!!!
M.
marmao12 said:
Thank you Mike,
I've already tried to set power performance to "power mode" and I performed my test near the (2-3 meters) without any obstructions.
Later I'll try to configure a static IP address and/or to deactivate WEP authentication. I could try a mac address based access too, instead of WEP.
I'll inform you later !!!!
M.
Click to expand...
Click to collapse
Ok - can't see problem with WEP though - I use that with 128 encryption without problems.
Mike
I'm facing the exact same problems with my home network.
Connection up and down.
At office network never faced such a behavior.
Since I realize I'm not alone with this problem I'll try to investigate it more.
I've had the same problems at both my home and office. I use WPA-PSK w/ TKIP for security on both devices, though each of the access points are of different manufacturers (home is a Linksys, office is a Cisco 1231). Both routers run compatibility modes for 802.11b backwards compatibility and thats the only thing I can think of that is common to both. My WiFi connection usually associates with the AP but always ends up with a 169.254.x.x IP and the only thing HTC has been able to tell me is that the 8525 only supports 40 bit encryption (which is blantently wrong if it's even detecting the WPA-PSK). Has anyone come up with a solution or even seen the same problem? If needed I can post logs from the Cisco AP that show what occurs when the 8525 tries to associate.
mantrius said:
I've had the same problems at both my home and office. I use WPA-PSK w/ TKIP for security on both devices, though each of the access points are of different manufacturers (home is a Linksys, office is a Cisco 1231). Both routers run compatibility modes for 802.11b backwards compatibility and thats the only thing I can think of that is common to both. My WiFi connection usually associates with the AP but always ends up with a 169.254.x.x IP and the only thing HTC has been able to tell me is that the 8525 only supports 40 bit encryption (which is blantently wrong if it's even detecting the WPA-PSK). Has anyone come up with a solution or even seen the same problem? If needed I can post logs from the Cisco AP that show what occurs when the 8525 tries to associate.
Click to expand...
Click to collapse
Just out of curiosity, when you say backwards compatibility do you mean the router is capable of "g" rather than "b". If so have you tried "g".
Mike
I m having the same problem. I connect to Wifi, i can surf a couple of pages and then i just cannot browse anymore. I have to turn off wifi and then turn on wifi to continue browsing from where I was at.
Any help on this would be greatly appreciated
mikechannon said:
Just out of curiosity, when you say backwards compatibility do you mean the router is capable of "g" rather than "b". If so have you tried "g".
Mike
Click to expand...
Click to collapse
When I say compatibility it means that the radio on the AP can fall back to "b" speeds if necessary. And no, I haven't switched them to only "g" mode as that should not be necessary if the wifi implementation on the Hermes is up to spec.
Same problem here?
I have a Cisco N router, so does that mean its useless for WIFI for my phone?
I also tried to change the settings to Best Performance but it wont allow me to change them? Any suggestions please anyone would be greatly appreciated please? Must I have only a G router? And whats the SSID in current configurations? Should I enter the Routers IP? And where should
I enter it please?

How to hack prepaid wifi network?

Guys.....
I find lot of prepaid wifi network in hotels, restaurants, etc. in order to join the network, I must register with user name & password that will be given by the provider if I paid certain amount of money.
I just wondering is there a way to hack prepaid wifi?
thanks
You will need this l33t t00l: m0n3y.
I remember this was discussed long time ago...
as I recall, you can't do that using WM phone, neither a windows laptop..etc.. you need Linux OS and some special tools...and even though it's possible, it takes very long time 1-2 hour to break the password (according to the encryptions of course)
try to search the forum, you might end up with that thread
I cannot believe how often companies just use the same username and passwords.
You actually crack some networks in 40 mins.
using something like CommView® for WiFi PPC or Airscanner Mobile Sniffer can help in that process.
None of the above techniques will work since the companies use a form of IP Tables.
THE only way is to tunnel with DNS using something like NSTX, but its very alpha. (Easiest way to test if technique works is by trying to ping a website and see if it returns the correct IP address)
The technique is there, just needs a good coder and some time..
Tunneling over DNS. That's clever. But all the commercial hotspots I've ever used resolve every IP address to the login/order form page when you aren't already logged in. That is, you can't tunnel through DNS.
The methods that take "40 minutes" to crack the encryption are talking about something completely different - finding the WEP or WPA keys for a network that has security enabled. It wouldn't be useful for prepaid hotspots, as they generally do not use WEP or WPA encryption. Instead, they let you associate and get an IP quite easily. Then they direct you to the credit card order form.
One method that can be used on some of them is to spoof the MAC address and IP address of an authorized, logged in client. However, you will quite literally steal their internet access, as that client will be knocked off the network. I've done this myself but it doesn't seem to work anymore on any of the big networks like T-Mobile (in Starbucks).
Best bet is trying to find a vulnerability in one of the web applications running on the server. All the layer 2/3 stuff is pretty well locked down.
fluxist
They will resolve but wont actually PING, thats due to IP Routing Tables.
There is no way to crack wifi password for pocket pc and laptop centrino main board. And you need special wirelless hardware. Must be pentium 4 or above.. Airsniffer and other proğrams can helpful. its change on WEP or WAP protocol. WEP is the most hard. You can find how to crack on forums and videos on youtube
^ That is rubbish.
Centrino or not, it has nothing to do with it.
Its all down to the wireless card and whether or not it accepts mode monitor/master.
Its WPA not WAP and WPA is far harder than WEP due to having to be brute forced, unlike WEP which has the well known RC4 weakness.
I think he is referring to the fact that one cannot do promisc mode on PPC, so they can never collect the packets to try and compute a WEP key. And also the fact that on Centrino Wifi cards (2200BG, et al.) the linux drivers cannot due packet injection in promisc mode. However, this limitation is overcome in some recent patched drivers. See the Backtrack linux live cd (www.remote-exploit.org/backtrack.html) for details.
fluxist
I don't think there is a hacking tool for ppc which is too very effective or complete...
All so called cracking tools for ppc are buggy little ****s...
Aircrak ng is best for PCs ... em waiting 4 a version of it on ppc...
Hmmmm.... That would be very interesting if they came out with an application to crack WEP and WPA networks I could see WEP being cracked but not sure about WPA since WEP is extremely easy to crack usually in about 10 minutes or less depending on the strenght of the signal, but WPA is much more difficult since it requires a brute force attack. I'm not so sure that our phones are capable of that.
You are waisting your time thinking of this with a phone as the Colleting of packets will take so long and PPC don't support packet injection and you would be limited to WEP
Get your self a net book that supports CUDA then you stand a chance Google CUDA Brute Force
i can buy a pin to accesses it but i cannot sharing it via hotspot how can i share it

Damn that Wifi connection.

Just bought a HD2. Nice piece. But however 2 things bother me.
The windows market place is just a joke compared to iPhone. Is there any other place where we can source application. Surely there must be more than just those 150 apps ?
Second, I must with humility confess that I have not been able to connect my HD2 to my Wifi at home. He does offer the Wifi. I enter the key but it won't connect. I'm assuming it might be because the IP adress hte phone is using but I have not been able to change.
And on top my wife is having fun because with her IPhone she was able to connect very smoothly.
Can the more experienced elder of this forum guide the new comer that I am. Have to admit that the user manual is a bit short on the technical side.
Thanks...
you dont have to use the marketplace, googling will bring up thousands of apps and games
i agree its a little annoying about the windows marketplace but iphone is a money making tool for apple via itunes! 80% of there apps are total bollox and have been created to make a quick buck for some 14 year old wannabe designer!
Just search via the web and you'll get the apps you want
regarding you wifi it does sound very strange as my phone connects instantly to my router and took me 10 seconds to set up. Please dont be put off by the HTC as i assure you the connection issue will be a simple get around.
Try restarting your router if that fails then go into your router settings and change channel on the wifi signal or just basically have a play around!
WiFi security
Hello,
just an idea:
what security connection have you got on your WiFi router? Mine was WPA2 and it didn't work, changed it to WPA-PSK, TKIP and it works...
I hope I helped!
Michele
whensetting up wifi (this applies to wep encryption, if you are using wpa then ignore this) it is important to know that your routers authentication can be set to "open" key, "open or shared" key, or "shared" key.thing is your phone can only be "open" or "shared" key. in theory if your router is in "open or shared" the phone should be able to be set to "open" or "shared" but in practice I have never seen a winmo connect correctly inn this circumstance.
go start settings menu all settings connections wifi networks and double c check the encryption settings properly match your router settings.
(open key doesn't mean no encryption)

Internet issues with Android devices at school

Hi,
Just got a shiny new Galaxy Note 10.1 last weekend. Yesterday, after receiving my case and keyboard from Amazon, I brought it in to school to start taking advantage of the S-Pen for note taking in classes that keyboards don't quite cut it in. Unfortunately, it revived an issue that I had and ignored on my HTC Rezound from last year... an issue that a WiFi device can't ignore, and unfortunately my phone's battery is not up to using CM10's tether function all day (and it might start running down my monthly data being used 5 days a week, all day).
So, any ideas what might cause this issue? The school primarily has Macs, and my Windows 8 Laptop sometimes has issues, but at least half the time it works fine. It is just Android devices that will not work. They connect, and get great signal strength, but just won't get any actual data. To my knowledge, nobody has ever gotten an Android device to connect. My Rezound is running an unofficial CM10 (4.1 JB) version, and my Note is using whatever the newest official update is (4.1 as well, I believe. Non-rooted). I don't know a whole lot about this type of stuff, but I'm not afraid to tinker around to try and get it working. I've tried a few other suggestions from numerous Google searches, but to no avail so far. The network is unprotected, and run by the school's IT people, so needless to say I have no way to easily change settings for the campus' network. I'd prefer not root the Note just yet, but if I need to, so be it. Any ideas what this might be?
Thanks
Some more Info
Coffeeist said:
[Original Post]
Click to expand...
Click to collapse
Some more info:
I cannot ping the tablet from my laptop (I get no packet loss, but all return 'Destination Host Unreachable'.
Same result if I try pinging my laptop or the router from my tablet using Terminal Emulator.
Sometimes, if set to DHCP, the tablet will give an 'Authentication Error Occured' error (or similar, I don't recall the actual wording). Sometimes it indicates a connection, but just won't work. I've never had a problem connecting using the same info as my laptop (with the IP changed, of course), but again, no internet, no ping.
Thanks
May or may not be the problem, but from what I've noticed, school networks tend to have a lot of blocked ports. I know the main Google Sync Framework uses port 5228. Try shooting an email to a network admin in your school's IT dept, asking about that port or just in general if they're aware that Android devices are unable to connect on their network.
Coffeeist said:
Some more info:
I cannot ping the tablet from my laptop (I get no packet loss, but all return 'Destination Host Unreachable'.
Same result if I try pinging my laptop or the router from my tablet using Terminal Emulator.
Sometimes, if set to DHCP, the tablet will give an 'Authentication Error Occured' error (or similar, I don't recall the actual wording). Sometimes it indicates a connection, but just won't work. I've never had a problem connecting using the same info as my laptop (with the IP changed, of course), but again, no internet, no ping.
Thanks
Click to expand...
Click to collapse
What do you mean by "same info as my laptop" what types of credentials are you referring to? Something you have to change on the laptop in order to get in? The more information regarding this you can provide (safely, mind you, mask/alter any sensitive info), the better we can assist you. If you have to do something like set a VLAN, then you're never going to get an Android device to work as we do not have the capability to use VLAN'd wireless like most PCs and Macs can with the proper configuration changes. If there's some browser catch-all page, then that should work, but based on your statement "with the IP changed" leads me to believe that you're messing with the adapter settings directly. I would be especially keen to helping you with more detailed networking issues like this should you provide me with the information requested. I look forward to your reply. (Yes, I like technical challenges like this, it's why I work VoIP support.)
IP address or no IP address
Coffeeist said:
Some more info:
I cannot ping the tablet from my laptop (I get no packet loss, but all return 'Destination Host Unreachable'.
Same result if I try pinging my laptop or the router from my tablet using Terminal Emulator.
Sometimes, if set to DHCP, the tablet will give an 'Authentication Error Occured' error (or similar, I don't recall the actual wording). Sometimes it indicates a connection, but just won't work. I've never had a problem connecting using the same info as my laptop (with the IP changed, of course), but again, no internet, no ping.
Thanks
Click to expand...
Click to collapse
since you know ping, then did you check the IP address for each device?
Back to basic:
1: ping your device gateway IP
2) if ok, then ping ur device (tablet or laptop)
3) if ok then ping bbc.co.uk (this will check your dns), if failed ping your dns's IP address.
If no IP on android, then check if there is any protection on device. It sound like no IP been allocated for you.
Depends on how good a school's IT dept. I have not seen many school actually put filter to stop non-window device.
I am not sure it has anything to do with VLAN yet. As a simple logon, device does not care VLAN or no VLAN.
The basic for us is 1) get an IP on device. 2) know how to get out (gateway IP) 3) interrept hwere you go (DNS resolution) 4) know how to get to internet (internet router, internet firewall, internet boardband et...)
If you have authentication error, then it is sure you are not going to get an IP address. If this is WiFi then check on security (WEP, WAP...TKIP...)
tinbox134 said:
since you know ping, then did you check the IP address for each device?
Back to basic:
1: ping your device gateway IP
2) if ok, then ping ur device (tablet or laptop)
3) if ok then ping bbc.co.uk (this will check your dns), if failed ping your dns's IP address.
If no IP on android, then check if there is any protection on device. It sound like no IP been allocated for you.
Depends on how good a school's IT dept. I have not seen many school actually put filter to stop non-window device.
I am not sure it has anything to do with VLAN yet. As a simple logon, device does not care VLAN or no VLAN.
The basic for us is 1) get an IP on device. 2) know how to get out (gateway IP) 3) interrept hwere you go (DNS resolution) 4) know how to get to internet (internet router, internet firewall, internet boardband et...)
If you have authentication error, then it is sure you are not going to get an IP address. If this is WiFi then check on security (WEP, WAP...TKIP...)
Click to expand...
Click to collapse
Hello Coffeeist,
Please contact your schools IT department and find out what kind of encryption they use on their APs.
If they use TKIP, then that is whats causing the problem with android devices.
Once TKIP is disabled on the AP you are connecting to, you will be able to reach the internet.
I say this because I had the same problem in the past (setting up Cisco APs), and can confirm that this is the cause of the problem.
TKIP shouldn't be used anyway. They should be using AES. TKIP is too weak.
I guess that last part answered another question that you might of had. (Why TKIP doesn't work with Android?) Android=Secure TKIP=WEAK.... Unacceptable for Android
Also, you mention something about not being able to ping your tablet from your laptop. If I understand this correctly, you have both your laptop and tablet connected to the same AP and you are trying to ping between the two. This wont work in most cases. Reason: "Port-Protection", which if enabled doesn't allow clients on the AP to communicate with each other.
Regards,
Ed
Let us know how it goes.
nasvi said:
Hello Coffeeist,
Please contact your schools IT department and find out what kind of encryption they use on their APs.
If they use TKIP, then that is whats causing the problem with android devices.
Once TKIP is disabled on the AP you are connecting to, you will be able to reach the internet.
I say this because I had the same problem in the past (setting up Cisco APs), and can confirm that this is the cause of the problem.
TKIP shouldn't be used anyway. They should be using AES. TKIP is too weak.
I guess that last part answered another question that you might of had. (Why TKIP doesn't work with Android?) Android=Secure TKIP=WEAK.... Unacceptable for Android
Also, you mention something about not being able to ping your tablet from your laptop. If I understand this correctly, you have both your laptop and tablet connected to the same AP and you are trying to ping between the two. This wont work in most cases. Reason: "Port-Protection", which if enabled doesn't allow clients on the AP to communicate with each other.
Regards,
Ed
Let us know how it goes.
Click to expand...
Click to collapse
With useful posts above the rest is not much left for me to say but a simple advice
Make sure your friends aren't playing a prank on you coz I tend to do it I use arpspoof and aireplay-ng to cause such mayhem
Sent from my A116 using Tapatalk 2
Airplay and Arpspoof wouldn't be possible if MFP is enabled on the AP. Also the OP is stating that it is with all android devices and not 1.
Sent from my HTC One XL using xda app-developers app
responses
First off, thanks for all of the posts, and I apologize for taking so long to respond.
Also, I did check port 5228 with my laptop, and it seemed to indeed be closed. Haven't been able to contact IT yet, but I will need to soon to solve an issue with another, unrelated issue.
Cynagen said:
What do you mean by "same info as my laptop" what types of credentials are you referring to? Something you have to change on the laptop in order to get in? The more information regarding this you can provide (safely, mind you, mask/alter any sensitive info), the better we can assist you. If you have to do something like set a VLAN, then you're never going to get an Android device to work as we do not have the capability to use VLAN'd wireless like most PCs and Macs can with the proper configuration changes. If there's some browser catch-all page, then that should work, but based on your statement "with the IP changed" leads me to believe that you're messing with the adapter settings directly. I would be especially keen to helping you with more detailed networking issues like this should you provide me with the information requested. I look forward to your reply. (Yes, I like technical challenges like this, it's why I work VoIP support.)
Click to expand...
Click to collapse
Just IP/DHCP/DNS (and I've also tried public DNS such as Google). Nothing fancy set up on the laptop (everything should be on Windows default network settings, same with Android on both devices). There is also no catch-all page, assuming I'm interpreting that correctly (as a login page sort of thing, like I'd get at Starbucks or a Hotel).
Glad to provide the challenge... truth be told, underneath the annoyance of lacking connection, I love issues like this because of the fun tricks and such that solving them can teach.
tinbox134 said:
since you know ping, then did you check the IP address for each device?
Back to basic:
1: ping your device gateway IP
2) if ok, then ping ur device (tablet or laptop)
3) if ok then ping bbc.co.uk (this will check your dns), if failed ping your dns's IP address.
If no IP on android, then check if there is any protection on device. It sound like no IP been allocated for you.
Depends on how good a school's IT dept. I have not seen many school actually put filter to stop non-window device.
I am not sure it has anything to do with VLAN yet. As a simple logon, device does not care VLAN or no VLAN.
The basic for us is 1) get an IP on device. 2) know how to get out (gateway IP) 3) interrept hwere you go (DNS resolution) 4) know how to get to internet (internet router, internet firewall, internet boardband et...)
If you have authentication error, then it is sure you are not going to get an IP address. If this is WiFi then check on security (WEP, WAP...TKIP...)
Click to expand...
Click to collapse
1. If I recall, this either had full loss, or Destination Host Unreachable, when pinging the gateway IP from the tablet.
2. Have tried this nonetheless, and I think I made it through once or twice just after turning on the tablet, but after that would only get Dest. Host Unreachable.
3. Had tried with Google, fails across any DNS.
I seem to get an IP, although sometimes I get the authentication error in Android and it won't connect. Whenever I set a static IP, based off of my laptop's IP (not the same, of course), I get connected, just no internet.
nasvi said:
Hello Coffeeist,
Please contact your schools IT department and find out what kind of encryption they use on their APs.
If they use TKIP, then that is whats causing the problem with android devices.
Once TKIP is disabled on the AP you are connecting to, you will be able to reach the internet.
I say this because I had the same problem in the past (setting up Cisco APs), and can confirm that this is the cause of the problem.
TKIP shouldn't be used anyway. They should be using AES. TKIP is too weak.
I guess that last part answered another question that you might of had. (Why TKIP doesn't work with Android?) Android=Secure TKIP=WEAK.... Unacceptable for Android
Also, you mention something about not being able to ping your tablet from your laptop. If I understand this correctly, you have both your laptop and tablet connected to the same AP and you are trying to ping between the two. This wont work in most cases. Reason: "Port-Protection", which if enabled doesn't allow clients on the AP to communicate with each other.
Regards,
Ed
Let us know how it goes.
Click to expand...
Click to collapse
Unless I am totally clueless about this stuff (er, moreso than I though I already was), it uses neither TKIP or AES, being an open and unsecured network.
sak-venom1997 said:
With useful posts above the rest is not much left for me to say but a simple advice
Make sure your friends aren't playing a prank on you coz I tend to do it I use arpspoof and aireplay-ng to cause such mayhem
Sent from my A116 using Tapatalk 2
Click to expand...
Click to collapse
Haha, I doubt it. None of my friends, especially the ones who I think would even try and do something like this, are tech-savvy enough for me to have any suspicion of that. Thanks though
Another piece of info (a pretty weird seeming one at that): Sometimes, I'll turn on my tablet in the middle of the day, and out of the blue there is an email notification there, for recent emails. Of course, if I go into browser, I can't get any pages. Can't think of any other networks that the device could/would connect to on campus, either.
Thanks!
Coffeeist said:
First off, thanks for all of the posts, and I apologize for taking so long to respond.
Also, I did check port 5228 with my laptop, and it seemed to indeed be closed. Haven't been able to contact IT yet, but I will need to soon to solve an issue with another, unrelated issue.
Just IP/DHCP/DNS (and I've also tried public DNS such as Google). Nothing fancy set up on the laptop (everything should be on Windows default network settings, same with Android on both devices). There is also no catch-all page, assuming I'm interpreting that correctly (as a login page sort of thing, like I'd get at Starbucks or a Hotel).
Glad to provide the challenge... truth be told, underneath the annoyance of lacking connection, I love issues like this because of the fun tricks and such that solving them can teach.
1. If I recall, this either had full loss, or Destination Host Unreachable, when pinging the gateway IP from the tablet.
2. Have tried this nonetheless, and I think I made it through once or twice just after turning on the tablet, but after that would only get Dest. Host Unreachable.
3. Had tried with Google, fails across any DNS.
I seem to get an IP, although sometimes I get the authentication error in Android and it won't connect. Whenever I set a static IP, based off of my laptop's IP (not the same, of course), I get connected, just no internet.
Unless I am totally clueless about this stuff (er, moreso than I though I already was), it uses neither TKIP or AES, being an open and unsecured network.
Haha, I doubt it. None of my friends, especially the ones who I think would even try and do something like this, are tech-savvy enough for me to have any suspicion of that. Thanks though
Another piece of info (a pretty weird seeming one at that): Sometimes, I'll turn on my tablet in the middle of the day, and out of the blue there is an email notification there, for recent emails. Of course, if I go into browser, I can't get any pages. Can't think of any other networks that the device could/would connect to on campus, either.
Thanks!
Click to expand...
Click to collapse
Based on your responses, I have a follow up question and comment. The question is as follows: Did you have to register your computer with your IT when you started school in order to be permitted on the wireless network? If this was the case they're likely filtering based on MAC address (which you won't be able to spoof on your Android, but you may be able to spoof on your laptop), get them to re-register your laptop after you spoof the MAC address so you can get both devices on using the same MAC address (though not at the same time of course unless you're fine with stuff randomly not working). The comment is as follows: Yeah, finding the workarounds to get back limitations like this is definitely a fun challenge because when you win, you've definitely learned something new. Oh, and you were right about my question of the gateway authentication page like a hotel wifi login page.
MAC
Cynagen said:
Based on your responses, I have a follow up question and comment. The question is as follows: Did you have to register your computer with your IT when you started school in order to be permitted on the wireless network? If this was the case they're likely filtering based on MAC address (which you won't be able to spoof on your Android, but you may be able to spoof on your laptop), get them to re-register it after you spoof the MAC address so you can get both devices on using the same MAC address (though not at the same time of course). The comment is as follows: Yeah, finding the workarounds to get back limitations like this is definitely a fun challenge because when you win, you've definitely learned something new.
Click to expand...
Click to collapse
Nope, it was up and running just through connecting normally, and has been since (mostly) - no registration or anything like that. Now, the reason that I put 'mostly' in parentheses is that sometimes the computer will be connected, but also have no internet (I don't think this started until I, dare I admit, upgraded to Windows 8). However, this only happens sometimes, whereas the Android devices never get internet access.
However, on the topic of MAC addresses, one post (in fact, I think it was on XDA) I saw awhile back while Google searching this problem was that someone had a similar issue, found to be with their device's MAC address having the letters 'FA' instead of 'FB' or something like that. Being that my Note isn't rooted, I haven't tested it with that, but perhaps I should give that a try with my CM10 Rezound?
(This is the post: HERE)
Thanks!
Coffeeist said:
Nope, it was up and running just through connecting normally, and has been since (mostly) - no registration or anything like that. Now, the reason that I put 'mostly' in parentheses is that sometimes the computer will be connected, but also have no internet (I don't think this started until I, dare I admit, upgraded to Windows 8). However, this only happens sometimes, whereas the Android devices never get internet access.
However, on the topic of MAC addresses, one post (in fact, I think it was on XDA) I saw awhile back while Google searching this problem was that someone had a similar issue, found to be with their device's MAC address having the letters 'FA' instead of 'FB' or something like that. Being that my Note isn't rooted, I haven't tested it with that, but perhaps I should give that a try with my CM10 Rezound?
(This is the post: HERE)
Thanks!
Click to expand...
Click to collapse
That shouldn't be it unless they have corporate level routers that don't recognize the MAC address of any devices manufactured after 2009 (when most of these manufacturers got the MAC addresses assigned to them (this is VERY unlikely)). I would honestly work with IT on campus and advise that it appears not a single Android device is allowed on the network. If they're blocking Android for any reason, check the terms of service for using the WiFi and see if there's any provisions for banning an entire brand of device/OS for whatever reason. If there's only provisions for individual banning, then take it back to them and show them that your record has not been abusive in the least and go from there. Make a case, otherwise draw one up with legal council. *shrugs* I don't believe anyone should ever be punished for the type of device they chose to purchase, that's first amendment choice, but it really comes down to their terms of service which you agree to by using the wifi.
Cynagen said:
That shouldn't be it unless they have corporate level routers that don't recognize the MAC address of any devices manufactured after 2009 (when most of these manufacturers got the MAC addresses assigned to them (this is VERY unlikely)). I would honestly work with IT on campus and advise that it appears not a single Android device is allowed on the network. If they're blocking Android for any reason, check the terms of service for using the WiFi and see if there's any provisions for banning an entire brand of device/OS for whatever reason. If there's only provisions for individual banning, then take it back to them and show them that your record has not been abusive in the least and go from there. Make a case, otherwise draw one up with legal council. *shrugs* I don't believe anyone should ever be punished for the type of device they chose to purchase, that's first amendment choice, but it really comes down to their terms of service which you agree to by using the wifi.
Click to expand...
Click to collapse
I'll give it a shot, thanks.
Coffeeist said:
I'll give it a shot, thanks.
Click to expand...
Click to collapse
Sorry to bump the thread, but seeing as it's my own I figured it would be alright...
I got around to asking the the school IT about the issue, and they said that the deliberately block mobile traffic, which they went on to find out does include Android tablets (I understand phones, but I can't even begin to understand why they target Android tablets... unfortunately, that's not my call). I Google searched a bit, and found that networking devices from a company called Aruba can be set to block traffic from specific types of devices (supposedly Cisco and a few other companies can do similar things too), by checking something with the HTML version, or something like that (I'm by no means a networking expert hehe).
So, I guess I'll make my last effort with this thing, and ask if anyone knows of some legal, non-hacky way of getting by this?
I'm guessing not, but worth asking.
Thanks
Coffeeist said:
Sorry to bump the thread, but seeing as it's my own I figured it would be alright...
I got around to asking the the school IT about the issue, and they said that the deliberately block mobile traffic, which they went on to find out does include Android tablets (I understand phones, but I can't even begin to understand why they target Android tablets... unfortunately, that's not my call). I Google searched a bit, and found that networking devices from a company called Aruba can be set to block traffic from specific types of devices (supposedly Cisco and a few other companies can do similar things too), by checking something with the HTML version, or something like that (I'm by no means a networking expert hehe).
So, I guess I'll make my last effort with this thing, and ask if anyone knows of some legal, non-hacky way of getting by this?
I'm guessing not, but worth asking.
Thanks
Click to expand...
Click to collapse
Before discussing any workarounds, you may need to review the Terms of Service for your wifi on the school premises first, review the consequences for bypassing their security measures, and figure if it's worth the risk to you... At this time, it'll be kind of "hacky" to get around such a block. In order to provide you with a valid workaround though we'll need a little bit of information regarding what's going on when you connect.
First, when you connect to the WiFi with your Android device, do you even receive an IP address? If you don't then we'll stop here, the only way to get around the types of blocks they're employing at this level would require hardware hacking/firmware reprogramming to change the identity of the device itself, which is flat out illegal in just about anywhere I can think of. Here's your checklist, fill out where applicable: (Even if you set static information to accomplish this, that will be a valid Y.)
Get an IP? (If Y, proceed)
Is it a valid IP address on the same network as your PC? (Either way, don't care)
Can you ping the gateway you got from DHCP on Android? (If Y, proceed)
Can you ping the DNS server(s) you got from DHCP on Android? (If Y, proceed)
Can you ping an external server such as Google DNS (8.8.8.8) on Android? (If Y, then we're done here)
It's kind of a bit of a process unfortunately, however, if you pass every single one of these tests with the Android device, there's good news. They're only filtering traffic based on the User-Agent identification of all your applications (and based on the MAC address of your device, denying your DHCP requests), you should be able to bypass this with a VPN tunnel back to your home from your Android (after setting your static IP) in order to encrypt and keep this information from leaking to their systems. However, this will likely set off alarms if they monitor their network heavily. If the school IT asks, then you're "working on projects in-between classes on your computer at home and your family has a home office with VPN already, so you used that to connect back to the house". Either way, they can't say much about it besides cut you off... again. Anywhos, I wouldn't recommend trying to bypass without doing all this research first, and then also evaluating the possible consequences, however the rewards are within themselves. You'll be the only person at school with a working mobile device, (besides those iSuckers). Technically, encrypting your traffic is completely legal (and they can't say anything legally about it), however, setting a static IP address in the same range as your computer at school may be against their TOS which you abide by being on campus. Let us know how everything goes.
Cynagen said:
Get an IP? (If Y, proceed)
Is it a valid IP address on the same network as your PC? (Either way, don't care)
Can you ping the gateway you got from DHCP on Android? (If Y, proceed)
Can you ping the DNS server(s) you got from DHCP on Android? (If Y, proceed)
Can you ping an external server such as Google DNS (8.8.8.8) on Android? (If Y, then we're done here)
Click to expand...
Click to collapse
With Static I set an IP and all other info (Gateway, DNS, etc, except for Network Prefix Length... no clue what that is, left it at 24 default), and could not ping gateway
Dynamic/DHCP I will have to check tomorrow, after downloading stuff for the tablet to get that info (I think I need root to use IfConfig with Terminal Emulator, correct?).
Whatever they use to block me out, it seems to have a slight hole built in... every day, multiple times a day, I will look down at my tablet and see notifications (mainly email, occasionally Facebook, etc) that pushed through on the schools network (I know that for sure, being that often times the emails are messages received during the day, in a time period where the tablet has been nowhere near any other networks). Maybe this hole can be breached?
Thanks!
Coffeeist said:
With Static I set an IP and all other info (Gateway, DNS, etc, except for Network Prefix Length... no clue what that is, left it at 24 default), and could not ping gateway
Dynamic/DHCP I will have to check tomorrow, after downloading stuff for the tablet to get that info (I think I need root to use IfConfig with Terminal Emulator, correct?).
Whatever they use to block me out, it seems to have a slight hole built in... every day, multiple times a day, I will look down at my tablet and see notifications (mainly email, occasionally Facebook, etc) that pushed through on the schools network (I know that for sure, being that often times the emails are messages received during the day, in a time period where the tablet has been nowhere near any other networks). Maybe this hole can be breached?
Thanks!
Click to expand...
Click to collapse
It seems like small gaps where the system doesn't block you long enough to receive some traffic, but that is promising. BTW, you can get your "network prefix" (netmask as we call it) from your computer. If you go into the command prompt on windows and run "ipconfig /all" you'll get 4 useful bits of info we need, IP address (so you can mimic it), the gateway, the subnet mask (usually 255.255.something.something) and the DNS servers. The subnet mask determines what you use, and I HIGHLY doubt they use 24 (that's mainly for home networks, 24 = 254 devices permitted on the DHCP, 16 = 65534 devices (this is WAY more likely)).
Cynagen said:
It seems like small gaps where the system doesn't block you long enough to receive some traffic, but that is promising. BTW, you can get your "network prefix" (netmask as we call it) from your computer. If you go into the command prompt on windows and run "ipconfig /all" you'll get 4 useful bits of info we need, IP address (so you can mimic it), the gateway, the subnet mask (usually 255.255.something.something) and the DNS servers. The subnet mask determines what you use, and I HIGHLY doubt they use 24 (that's mainly for home networks, 24 = 254 devices permitted on the DHCP, 16 = 65534 devices (this is WAY more likely)).
Click to expand...
Click to collapse
Well, I just had a clean connection for about 5 minutes, and had a normal-looking IP based on my PC. Using Terminal Emulator I pinged the gateway after my connection failed, still with no response. I still appeared to have a proper IP on my tablet, but no actual internet connection.
So, perhaps these small windows are something to pursue? Or perhaps sticking with the VPN plan is best?
Thanks!
Coffeeist said:
Well, I just had a clean connection for about 5 minutes, and had a normal-looking IP based on my PC. Using Terminal Emulator I pinged the gateway after my connection failed, still with no response. I still appeared to have a proper IP on my tablet, but no actual internet connection.
So, perhaps these small windows are something to pursue? Or perhaps sticking with the VPN plan is best?
Thanks!
Click to expand...
Click to collapse
You need to make sure your networking information is entered correctly, you still haven't said anything about the netmask in this situation. However, if you're entering this information in correctly then you should have a solid connection until they realize you've forced a device into the network. The only thing you can do beyond that point is during that window, open a VPN connection without using a single browser request so they don't know what the device is unless they check the MAC address. Either way, this is a window that can be used, you just need to avoid identifying your device in any way prior to initiating the VPN connection. Turn off Sync when you connect.

Someone spies on my tethered Wi-Fi

Hi, not sure if this is the right section. If not, please move.
Basically each time I activate my phone's (Samsung S3 4.3 rooted) tethered Wi-Fi, to use the Internet on my iPad, someone can remotely connect and see what I'm doing. Even with WPA2 + strong ass password + MAC filtering. Why I know this is a long story, let's just say I have a stalker and he talks about his exploits to someone who's loyal to me. I'm assuming that it's possible since I've already have had my home Wi-Fi hacked with the WPS exploit.
Is there anything I can do? As in alternatives to stock app of anything else.
raskol9987 said:
Hi, not sure if this is the right section. If not, please move.
Basically each time I activate my phone's (Samsung S3 4.3 rooted) tethered Wi-Fi, to use the Internet on my iPad, someone can remotely connect and see what I'm doing. Even with WPA2 + strong ass password + MAC filtering. Why I know this is a long story, let's just say I have a stalker and he talks about his exploits to someone who's loyal to me. I'm assuming that it's possible since I've already have had my home Wi-Fi hacked with the WPS exploit.
Is there anything I can do? As in alternatives to stock app of anything else.
Click to expand...
Click to collapse
Try https://play.google.com/store/apps/details?id=com.foxfi&hl=en
It is really easy for him to spoof the mac address of your ipad and bypass the mac filtering.
He can also collect your wpa2 handshake and crack it easily with enough time and enough Cuda cores on his gpu.
First, Try a random max character wpa2 password and keep changing it to make him irritated.
Second, go on the offensive with kali linux.
(Put dd-wrt on your router too and disable wps to stop his wpa attack + use strong wpa2 key-no words or phrases)
Third, figure his credentials out and report him to the police.
You could use Kismet to find out his device's mac address and you could use his signal strength to find out what house he lives in then report him to the police.
Lgrootnoob said:
It is really easy for him to spoof the mac address of your ipad and bypass the mac filtering.
He can also collect your wpa2 handshake and crack it easily with enough time and enough Cuda cores on his gpu.
First, Try a random max character wpa2 password and keep changing it to make him irritated.
Second, go on the offensive with kali linux.
(Put dd-wrt on your router too and disable wps to stop his wpa attack + use strong wpa2 key-no words or phrases)
Third, figure his credentials out and report him to the police.
You could use Kismet to find out his device's mac address and you could use his signal strength to find out what house he lives in then report him to the police.
Click to expand...
Click to collapse
Thanks. I'l check this out.
I already secured my home Wi-Fi with DD-WRT, so the big deal is with the tethered connection. For now I've stopped tethering altogether.

Categories

Resources