Sep. 18, 2009
Well, it finally bit me in the … Storing sensitive information, such as passwords for encrypted volumes, in the system keychain is a *REALLY* *REALY* bad idea! Why? Well, in contrast to the login keychain that is unlocked by a user’s password (transparently, if the same as the login password) the system keychain is accessible by any administrator on the system. So basically anyone with root access can dump all passwords from the system keychain.
If this wasn’t bad enough you can simply boot the system using the installation DVD and reset any administrator password, login and have instant access to the system keychain. So, well, using the system keychain for passwords to encrypted disks is not a great idea.
I therefore removed the articles referring to how to setup TrueCrypt with the keychain.
Posted by patrik in Security | No Comments
Sep. 15, 2009
UPDATE 2009-10-22: Truecrypt 6.3 has been released, no need for this anymore
UPDATE 2009-09-18-2: Removed ref. to Fink as it requires to be built from source on Snow Leopard
UPDATE 2009-09-18: Added a missing requirement: pkg-config. See “installing pkg-config”
Unfortunately licensing issues prevent me from publishing my pre-compiled versions of TrueCrypt. So the next best thing I can do until there’s a new version of TrueCrypt that supports Snow Leopard, is to publish a “simple” do it your self guide.
In order to compile TrueCrypt for Mac OS X Snow Leopard you need the following:
- XCode (it’s under the Optional folder on the Snow Leopard Install DVD)
- macFUSE
- TrueCrypt and wxWidgets source code
- Header files from the RSA Security Inc. PKCS #11 Cryptographic Token Interface (Cryptoki) 2.20.
- pkg-config
- A patch that modifies the source code so it compiles under Snow Leopard.
Posted by patrik in Security | 33 Comments
Oct. 21, 2008
Having put this project aside for a while I picked it up again after receiving a comment on a previous post. With a little help from the developer Hirte at aircrack my wifi-hacking setup is finally complete. It now works exactly the way I was hoping to get it running even when my MAC address is changed. The last parts were resolved by changing back to the r8187 driver which is available from the aircrack-ng web page here. In order to get rid of the annoying “SKB BUG: Invalid truesize (304) len=226, sizeof(sk_buff)=176″ I made some adjustments to my syslog-ng configuration as suggested on their web page.
When running with a different MAC address, the address should be changed both using ifconfig and then set as parameter when starting airbase-ng with the -a switch. Thanks again Hirte!
Posted by patrik in Security | No Comments
Sep. 5, 2008
So I finally had some great success running airbase-ng as a rogue AP. I ended up buying the Alfa AWUS036H, an excellent 500mw Realtek 8187 based card. I am running a Virtual Gentoo system with the git version of the rtl8187 driver. The SKB BUF error messages from the aircrack-ng version of the driver where too annoying.
All in all I am very pleased with the setup, as it behaves consistantly now (knowing the needed tweaks to get it running). I believe it performs as well as running an AP with the madwifi-ng karma kernel patches from digininja. Well, except for one thing. When changing the MAC address of the wifi card it doesn’t really do such a good job anymore. For some reason most clients fail to associate, some still do but theres a considerable drop in the number of connecting clients.
I have tried to change the MAC using both ifconfig and simply specifying the -a option to airbase-ng. Sniffing the traffic using another wifi card shows a lot of probe requests and responses being re-sent, but no requests to associate. From my initial checks I do not see any difference in the requests or responses apart from the “Frame check sequence” and the MAC of-course. But then again, I haven’t put that much time into it.
ANY insight into why this happens, and if I am missing something REALLY obvious would be great. I will file a bugreport in the aircrack-ng TRAC system once I collect and clean the relevant packet traces.
Posted by patrik in Security | 2 Comments
Aug. 27, 2008
OK so I’ve been able to get things running quite smoothly now. I cracked my Linksys WUSB54GC card open and soldered a pigtail connector to it according to the following photo http://www.josepino.com/other_projects/antenna/usb-antenna.jpg. I also added txPowerTuning=36 as option to the rt73 driver which I believe did make things somewhat better.
What remains in order to get a good solid environment running is a better wifi card with a lot better transmit power, which I’ve ordered from the UK today. Hopefully it will be here by monday so me and my friend can do some more tests over a beer or two.