今天在网上搜wpa_supplicant 以及 AP 的加密方式等资料,发现网上有很多讲破解无线网络的文档,其中提到了破解需要的工具,这里记录一下:
系统: BackTrack
网卡:卡王(台湾Wifly-City的产品)
AP: SMC-WTVG(选用这款的原因是便携,而且功能是非常强大,结合无线路由器(54M)、VoIP网络电话、无线AP、客户端、无线网卡等.)
我还是第一次听说BackTrack 系统,引用 wikipedia(http://en.wikipedia.org/wiki/BackTrack)的说明:
BackTrack is a Linux distribution distributed as a Live CD which resulted from the merger of WHAX (previously Whoppix) and the Auditor Security Collection, which is used for penetration testing.
虽然BackTrack 是Linux 发行版,但是它最大的区别就是它是 Monolithic kernel,翻译成中文是单内核,有空一定要装装看。
1/22/2010
交叉编译 openssl
前段时间做过 WiFi的项目,现在功能基本正常,但是目前只支持WEP,对 WPA1/WPA2等不支持,所以需要考虑后续改进的问题。
对于 WPA1/WPA2,在Linux下一般通过wpa_supplicant 来连接AP,而wpa_supplicant 认证过程使用了openssl 的库,因此需要先交叉编译openssl,这里做个笔记 :)
./Configure --prefix=../openssl-arm os/compiler:arm-none-linux-gnueabi-gcc
make 编译之后如果直接make install 的话会报错:
making install in crypto...
make[1]: Entering directory `/wireless/openssl-0.9.8l/crypto'
cp: cannot create regular file `../openssl-arm/include/openssl/crypto.h': No such file or directory
chmod: cannot access `../openssl-arm/include/openssl/crypto.h': No such file or directory
cp: cannot create regular file `../openssl-arm/include/openssl/tmdiff.h': No such file or directory
...
所以我没有 install,反正编译wpa_supplicant 时只需要openssl 的 libssl.a、 libcrypto.a以及 include/openssl/ 下的头文件
对于 WPA1/WPA2,在Linux下一般通过wpa_supplicant 来连接AP,而wpa_supplicant 认证过程使用了openssl 的库,因此需要先交叉编译openssl,这里做个笔记 :)
./Configure --prefix=../openssl-arm os/compiler:arm-none-linux-gnueabi-gcc
make 编译之后如果直接make install 的话会报错:
making install in crypto...
make[1]: Entering directory `/wireless/openssl-0.9.8l/crypto'
cp: cannot create regular file `../openssl-arm/include/openssl/crypto.h': No such file or directory
chmod: cannot access `../openssl-arm/include/openssl/crypto.h': No such file or directory
cp: cannot create regular file `../openssl-arm/include/openssl/tmdiff.h': No such file or directory
...
所以我没有 install,反正编译wpa_supplicant 时只需要openssl 的 libssl.a、 libcrypto.a以及 include/openssl/ 下的头文件
1/18/2010
1/08/2010
得到原始shortener url
接上一个主题,说说还原shortener url之后的url。现在有很多shortener url的网站,比如goo.gl, bit.ly等等,如果只是想知道原始的url,则这个网站不错http://untr.im,这里还有一个小脚本:
#!/bin/bash
#filename: getfullurl.sh
URL=$1
if test "x$URL" == ""; then
exit
fi
curl -q -d "url=$URL" http://untr.im/api/ajax/api | awk -F 'href="' '{print $3}' | awk -F '" rel="' '{print $1}'
运行:
sh getfullurl.sh http://goo.gl/rz2O
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
192 170 170 170 0 22 56 7 0:00:03 0:00:03 --:--:-- 81
http://wiki.thc.org/gsm
最好得到 http://wiki.thc.org/gsm
#!/bin/bash
#filename: getfullurl.sh
URL=$1
if test "x$URL" == ""; then
exit
fi
curl -q -d "url=$URL" http://untr.im/api/ajax/api | awk -F 'href="' '{print $3}' | awk -F '" rel="' '{print $1}'
运行:
sh getfullurl.sh http://goo.gl/rz2O
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
192 170 170 170 0 22 56 7 0:00:03 0:00:03 --:--:-- 81
http://wiki.thc.org/gsm
最好得到 http://wiki.thc.org/gsm
Use the Google URL Shortener API with Python
原文:http://d.hatena.ne.jp/LaclefYoshi/20091216/1260891200
http://goo.gl 是 Google的URL Shortener 服务,类似的有很多,比如 http://tinyurl.com,不过Google URL Shortener没有对外开放,目前只能通过 Google toolbar 和chromium的扩展程序(goo.gl url shortener)才能使用,但是这位日本的朋友通过分析Google toolbar的xpi中js代码,写出了这段python代码,比较佩服他啊,下面贴出他的代码,其中做了一个小小的改动,使得程序可以接收参数。
#!/usr/bin/python
""" Google URL Shortener
Usage: python goo.gl URL"""
# import struct
import urllib
import simplejson
def usage():
print __doc__
def _c(vals):
l = 0
for val in vals:
l += val & 4294967295
return l
def _d(l):
if l <= 0:
l += 4294967296
m = str(l)
o = 0
n = False
for char in m[::-1]:
q = int(char)
if n:
q *= 2
o += q / 10 + q % 10 # Math.floor(q / 10) + q % 10
else:
o += q
n = not(n)
m = o % 10
o = 0
if m != 0:
o = 10 - m
if len(str(l)) % 2 == 1:
if o % 2 == 1:
o += 9
o /= 2
return str(o) + str(l)
def _e(uri):
m = 5381
for char in uri:
# m = _c([m << 5, m, struct.unpack("B", char)[0]])
m = _c([m << 5, m, ord(char)])
return m
def _f(uri):
m = 0
for char in uri:
# m = _c([struct.unpack("B", char)[0], m << 6, m << 16, -1 * m])
m = _c([ord(char), m << 6, m << 16, -1 * m])
return m
def _make_auth_token(uri):
i = _e(uri)
i = i >> 2 & 1073741823
i = i >> 4 & 67108800 | i & 63
i = i >> 4 & 4193280 | i & 1023
i = i >> 4 & 245760 | i & 16383
h = _f(uri)
k = (i >> 2 & 15) << 4 | h & 15
k |= (i >> 6 & 15) << 12 | (h >> 8 & 15) << 8
k |= (i >> 10 & 15) << 20 | (h >> 16 & 15) << 16
k |= (i >> 14 & 15) << 28 | (h >> 24 & 15) << 24
j = "7" + _d(k)
return j
def get_short_url(uri, user):
if user is None:
user = 'toolbar@google.com'
token = _make_auth_token(uri)
opt = 'user='+user+'&'+urllib.urlencode({'url':uri})+'&auth_token='+token
# print opt
ggl_url = 'http://goo.gl/api/url'
res = urllib.urlopen(ggl_url, opt)
# print res.read()
short_url = simplejson.loads(res.read())['short_url']
return short_url
import sys, os
if __name__ == "__main__":
#print get_short_url("http://www.aida.t.u-tokyo.ac.jp/", None)
if len(sys.argv) == 2:
print get_short_url(sys.argv[1], None)
else:
usage()
http://goo.gl 是 Google的URL Shortener 服务,类似的有很多,比如 http://tinyurl.com,不过Google URL Shortener没有对外开放,目前只能通过 Google toolbar 和chromium的扩展程序(goo.gl url shortener)才能使用,但是这位日本的朋友通过分析Google toolbar的xpi中js代码,写出了这段python代码,比较佩服他啊,下面贴出他的代码,其中做了一个小小的改动,使得程序可以接收参数。
#!/usr/bin/python
""" Google URL Shortener
Usage: python goo.gl URL"""
# import struct
import urllib
import simplejson
def usage():
print __doc__
def _c(vals):
l = 0
for val in vals:
l += val & 4294967295
return l
def _d(l):
if l <= 0:
l += 4294967296
m = str(l)
o = 0
n = False
for char in m[::-1]:
q = int(char)
if n:
q *= 2
o += q / 10 + q % 10 # Math.floor(q / 10) + q % 10
else:
o += q
n = not(n)
m = o % 10
o = 0
if m != 0:
o = 10 - m
if len(str(l)) % 2 == 1:
if o % 2 == 1:
o += 9
o /= 2
return str(o) + str(l)
def _e(uri):
m = 5381
for char in uri:
# m = _c([m << 5, m, struct.unpack("B", char)[0]])
m = _c([m << 5, m, ord(char)])
return m
def _f(uri):
m = 0
for char in uri:
# m = _c([struct.unpack("B", char)[0], m << 6, m << 16, -1 * m])
m = _c([ord(char), m << 6, m << 16, -1 * m])
return m
def _make_auth_token(uri):
i = _e(uri)
i = i >> 2 & 1073741823
i = i >> 4 & 67108800 | i & 63
i = i >> 4 & 4193280 | i & 1023
i = i >> 4 & 245760 | i & 16383
h = _f(uri)
k = (i >> 2 & 15) << 4 | h & 15
k |= (i >> 6 & 15) << 12 | (h >> 8 & 15) << 8
k |= (i >> 10 & 15) << 20 | (h >> 16 & 15) << 16
k |= (i >> 14 & 15) << 28 | (h >> 24 & 15) << 24
j = "7" + _d(k)
return j
def get_short_url(uri, user):
if user is None:
user = 'toolbar@google.com'
token = _make_auth_token(uri)
opt = 'user='+user+'&'+urllib.urlencode({'url':uri})+'&auth_token='+token
# print opt
ggl_url = 'http://goo.gl/api/url'
res = urllib.urlopen(ggl_url, opt)
# print res.read()
short_url = simplejson.loads(res.read())['short_url']
return short_url
import sys, os
if __name__ == "__main__":
#print get_short_url("http://www.aida.t.u-tokyo.ac.jp/", None)
if len(sys.argv) == 2:
print get_short_url(sys.argv[1], None)
else:
usage()
订阅:
博文 (Atom)
博文
