Skip to content

Commit

Permalink
Updated cheatsheets
Browse files Browse the repository at this point in the history
Updated cheatsheets
  • Loading branch information
1nPr0c committed Sep 14, 2014
1 parent 747e284 commit 54130ce
Show file tree
Hide file tree
Showing 2 changed files with 32 additions and 1 deletion.
6 changes: 6 additions & 0 deletions Cheatsheet_PenTesting.txt
Original file line number Diff line number Diff line change
Expand Up @@ -57,6 +57,12 @@ dig @192.168.100.2 securitymuppets.com -t axfr
host -l securitymuppets.com 192.168.100.2
nslookup / ls -d domain.com.local

[+] Fierce
fierce -dns <domain> -file <output_file>
fierce -dns <domain> -dnsserver <server>
fierce -range <ip-range> -dnsserver <server>
fierce -dns <domain> -wordlist <wordlist>

-------------------------------------------------------------------------- IP Network scanning

[+] ARP Scan
Expand Down
27 changes: 26 additions & 1 deletion Cheatsheet_WirelessTesting.txt
Original file line number Diff line number Diff line change
Expand Up @@ -63,4 +63,29 @@ root@backbox:/home/backbox# iw reg set BO
root@backbox:/home/backbox# ifconfig wlan1 up
root@backbox:/home/backbox# iwconfig wlan1 channel 13
root@backbox:/home/backbox# iwconfig wlan1 txpower 30
root@backbox:/home/backbox# iwconfig wlan1 rate 11M auto
root@backbox:/home/backbox# iwconfig wlan1 rate 11M auto


Wireless Notes
--------------

Wired Equivalent Privacy (WEP)
RC4 stream cipher w/ CRC32 for integrity check
- Attack:
By sniffing an ARP packet, then replaying it to get many encrypted replies with different IVs.
- Remediation:
Use WPA2

Wifi Protected Access (WPA)
Temporal Key Integrity Protocol (TKIP) Message Integrity Check
- Attack:
Uses a four way handshake, and if that handshake can be captured, then a dictionary attack ban be mounted to find the Pairwise Master Key for the Access Point and client Station.
- Remediation:
Use long-keys

Wifi Protected Access 2 (WPA2)
Advanced Encryption Standard (AES)
- Attack:
Uses a four way handshake, and if that handshake can be captured, then a dictionary attack ban be mounted to find the Pairwise Master Key for the Access Point and client Station.
- Remediation:
WPA-Enterprise

0 comments on commit 54130ce

Please sign in to comment.