Forum Replies Created
- Posts
1) There are many ctf programs available online where you can build up on your practical skills. Kindly checkout the following:
https://www.ctf.live/2) You can have a look at the ceh course by tim pierson.
It is really hard for me to debug you issue this way. Please take a screenshot of the error message and post it here.
Thank you.
As mentioned in the course requirements you need an external wireless adapter for the cracking lectures 11 to 28, you can do everything else without one though, just make sure you set Kali to use a Nat Network as shown in lecture 5 and skip the part where I add my external wireless card.The built in card is not good for hacking, you need a powerful card that supports monitor mode and packet injection so please checkout the adapters on the following link, they all support monitor mode and packet injection:
https://www.zsecurity.org/shop
If you’re not sure which one to get the checkout the adapters video in the resources of lecture 11, here is a link to it anyway:
https://www.youtube.com/watch?v=0lqRZ3MWPXY
Please don’t hesitate to contact if you need anything else.
Basically there are 2 challenges:
1. Websites that use normal https like zsecurity.org, stackoverflow.com ….etc you should be able to bypass all of these even if accessed directly.
2. Websites that use HSTS like facebook and twitter, these websites will only load over HTTPS if accessed directly because the browser has a list of famous websites that use HSTS, therefore it will only load them over https, the only way around this is to use the custom hstshijack caplet that Zaid provided, this will only work if the user searches for the website using a search engine that does not use HSTS, for example if they use the local google domain such as google.ie to search for facebook / twitter …etc in this case the script will replace the .com at the end with .corn bypassing the list of famous websites that the browser has and allowing us to downgrade these websites to http.
Also please don’t forget to remove the browsing data (cache, history…..etc) before doing the attack, you wouldn’t need to do this in a real life scenario but this happens sometimes when you keep accessing the same website over and over across a very short period of time.
Please don’t hesitate to contact if you need anything else.
Please try airodump-ng instead to discover WPS enabled networks instead of wash, you can do this using the following command:
airodump-ng –wps wlan0
