Sunday, May 3, 2015

AES Protected HTML Page Creator

Hello, I have just created a password protected HTMLfile creator which allow user to encrypt their HTML file using AES Encryption. To create the protected file, you will need to enter an encryption password and insert the source HTML code. Then click on Encrypt..

Layout of the HTML script.


Enter the Password and Source Code, click on Encrypt to encrypt the source data

 Screenshot display the encrypted source and also a HTML loader to decrypt the data

Click on "Download" to download the file for testing.

This is the HTML loader, you will need to enter the correct password in order to open the document.
Script also display the SHA256 hash of the document.

It will display the HTML file if correct password is entered.


This the a case where password is entered wrongly.


File can be downloaded at https://github.com/SYWorks/AES-HTML-Protect or direct download the file HERE



Friday, April 3, 2015

SecureMail (VB.NET) - Source Code

As mentioned in my previous post, I would like to share my Secure Email application source code that I have written in VB.NET (v12). The application allow use to send secured email via web mail (Gmail/Hotmail). It also include features such as checking attachment with VirusTotal for potential malwares. I did this application in a rush for class project so may not be perfect but at least it works. Functions use were asymmetric & symmetric encryption, hashing, compression etc). Refer to manual within the source.

Please help to support my Facebook page ( https://www.facebook.com/syworks ) by liking it.. Thank you..


Monday, March 2, 2015

SecureMail Application (VB.NET)

I have wrote my first VB.NET application on Secure Email. The purpose of this application is to send/receive secure email with free web email account such as Gmail, Outlook or Yahoo. This application also hash the attachment file and check it against VirusTotal database for potential unwanted software or malware. 

The application will be using the built-in encryption services of VB.NET like SymmetricAlgorithm, HashAlgorithm, RSACryptoServiceProvider and SignHash for (Symmetric / Asymmetric encryption, digital signing email content and hashing of files). Different from other email application, this application actually encrypt all messages downloaded from inbox with Rijndael (AES 256) encryption. 


Sending of Email (Application Flow chart)
Sending of Email (Application Flow chart - More technical)


Receiving of Email (Application Flow chart)
 


Receiving of Email (Application Flow chart - More technical)

Below are some other screenshots of the application





Will be releasing my source code of SecureMail soon in dropbox for purpose of learning only. Stay tuned.

Support my page by liking it for encouragement of more free application..

Binary can be downloaded at https://sourceforge.net/projects/securemail-vbnet/files/ (For Windows 7 or above with VB.NET Framework 4.5 



Friday, December 12, 2014

Video Tutorial For WAIDPS Available On YouTube....

I have uploaded several video on Youtube on installation and functionality of WAIDPS ( Wireless Auditing Intrusion Detection & Prevention System).

More will be coming up... stay tuned



https://www.youtube.com/watch?v=aGTQAWoeujA&list=PLrekpjW7JwW-T0CeXP8GwudtJmTJ6KZ8O&index=1

Monday, October 27, 2014

WEP Auditing (Updates)

Two new WEP hacking features have been added to WAIDPS.
·         KoreK Chopchop Attack
·         Fragmentation Attack
Both methods need a wireless client to be present. Detail on both attack can be found on Aircrack-NG page (http://www.aircrack-ng.org/doku.php?id=korek_chopchop & http://www.aircrack-ng.org/doku.php?id=fragmentation)


Example of a KoreK Chopchop Attack
The screenshot below show the selection of the option. Simply press [Enter] while WEP attacking is in progress to bring up the "Auditing Menu". Select [O1]  for KoreK Chopchop attack.


Once the option is entered, it will start to read packets from any Client MAC address. After chosen a packet to use, decryption will begin. It may take up to a minute or more.


Once decryption of ARP packet is completed, a Keystream (XOR) packet will be saved with the AP name. WAIDPS will automatically replay the generated packet shown above. Cracking of the WEP will be as per normal which replaying of the ARP packet till it is cracked.

Example on Replaying of Existing Keystream  (KoreK)
If an existing decrypted ARP packet is found, user do not need to redo the KoreK Chopchop again. User can select the existing decrypted ARP packet to create another new Keystream file as shown below.



Example of a Fragmentation Attack
Cracking using the Fragmentation Attack is similar to the KoreK Chopchop attack. Simply press [Enter] while WEP attacking is in progress to bring up the "Auditing Menu". Select [O2]  for Fragmentation Attack.


Once the 1500 bytes of PRGA (pseudo random generation algorithm) is obtained. It will create a ARP packet and WAIDPS will automatically replay the generated packet shown above. Cracking of the WEP will be as per normal which replaying of the ARP packet till it is cracked.

Example on Replaying of Existing Keystream  (Fragmentation)
Similar to Korek chopchop, if an existing keystream is found, user do not need to launch the Fragmentation attack again. Simply use the existing keystream to generate a ARP packet for replaying.




NOTE: KoreK Chopchop and Fragmentation attack require a client to be connected to the Access Point. It may not be as easy as seem to be.. in most cases, attack failed due to unsupported chipset, improper patch for injection and much more other reason. Refer to Aircrack-NG page for detail.



Please support my page by liking it https://www.facebook.com/syworks
Visit GitHub        - https://github.com/SYWorks/waidps




Friday, October 10, 2014

Intrusion Detection (Updates)

My apology, I was somehow very busy for past few months and did not update on the WAIDPS. Although, there are many new features (New WEP attacking mode, WPS attacking mode enhancement, decrypting and viewing of live packets captured in monitoring module etc) added to the WAIDPS but as mentioned, I am busy, I unable to put all at once.. Below are updates on Intrusion Detection Module.

Intrusion Detection (Updates)

WAIDPS has included the following wireless attacks by MDK3 as shown below.
  • MDK3 Beacon Flooding (Different ESSID)
  • MDK3 Beacon Flooding (Similar ESSID)
  • MDK3 Authentication DoS with multiple clients
  • MDK3 Authentication DoS to multiple Access Points
  • MDK3 Authentication DoS to multiple Access Points with multiple clients
  • MDK3 Basic Probing & ESSID Bruteforcing
  • MDK3 Downgrade Test
  • MDK3 WIDS/WIPS/WDS Confusion

With the inclusion of all the above attacks, WAIDPS can now detect the following wireless attacks
·         Association / Authentication flooding
·         Detect mass deauthentication which may indicate a possible WPA attack for handshake
·         Detect possible WEP attack using the ARP request replay method
·         Detect possible WEP attack using chopchop method
·         Detect possible WPS pin bruteforce attack by Reaver, Bully, etc.
·         Detection of Evil-Twin
·         Detection of Rogue Access Point
·         Beacon Flooding
·         MDK3 Basic Probing & ESSID Bruteforcing
·         MDK3 Downgrade Test
·         MDK3 WIDS/WIPS/WDS Confusion


 Screenshot of a Beacon Flooding by MDK3


Authentication Flooding to targeted AP by MDK3

Authentication DoS to Multiple Access Points by MDK3

MDK3 Basic Probing & ESSID Bruteforce Mode

MDK3 WIDS/WIPS/WDS Confusion attack detection

Wednesday, July 23, 2014

List of Commands for WAIDPS [Wireless Auditing & Intrusion Detection Prevention System]

Having too much functions available in the WAIDPS, below are the list of commands available for WAIDPS for easier viewing. Hit on <Enter> to display [Command Selection Menu] on main screen.

Command Selection Menu
    B    About Application
    C    Application Configuration
          0 / L    Change Regulatory
                      *    Enter Country Code (BO)
          1 / R    Refreshing rate of information
                      *    Refresh detail after number of seconds (30)
          2 / T    Time before removing inactive AP/Station
                      H    Hide AP/Station
                                  *    Number of minutes before hiding inactive AP/Station (1)
                      R    Remove AP/Station
                                  *    Number of minutes before removing inactive AP/Station (120)
          3 / H    Hide inactive Access Point/Station
                      A    Access Point
                                  Y/n    Hide inactive Access Point (Y)
                      S    Station
                                  Y/n    Hide inactive Station (Y)
          4 / B    Beep if alert found
                      Y/n    Beep if alert found (Y)
          5 / S    Sensitivity of IDS (Intrusion Detection System - Detection Sensitivity)
                      0 / D    Display Current Setting
                      1 / H    Highly Sensitive
                      2 / M    Medium Sensitive
                      3 / L    Low Sensitive
                      4 / C   Custom setting of sensitivity
                                  *    Threshold for Data86
                                  *    Threshold for DataARP (ARP)
                                  *    Threshold for Data94
                                  *    Threshold for Data98
                                  *    Threshold for Association
                                  *    Threshold for Disassociation
                                  *    Threshold for Reassociation
                                  *    Threshold for Authentication
                                  *    Threshold for Deauthentication
                                  *    Threshold for Deauthentication (Aircrack-NG)
                                  *    Threshold for EAPOL Protocal
                                  *    Threshold for EAPOL Start
                                  *    Threshold for EAP Communication
                                  *    Threshold for Qos Data
                                  *    Threshold (Only in Analysis)
                                  *    Refresh Timeout Rate
          6 / A    Save Pcap when Attack detected
                      Y/n    To save packets (Pcap) file if IDS detected an attack (Y)
          7 / M    Save Pcap when Monitored MAC/Name seen
                      y/N    To save packets (Pcap) file if Harvestor found the specified MAC or ESSID 
          8 / W    Whitelist Setting (Bypass alert for MAC/Name)
                      1 / M    MAC Address [BSSID/STATION]
                                  A    Add MAC address
                                              $    Specify the MAC Address to monitor (xx:xx:xx:xx:xx)
                                  D    Delete MAC Address
                                              $    Specify the MAC Address to remove from list (xx:xx:xx:xx:xx)
                                  C    Clear all Monitoring Items
                      2 / N    Name of Access Point / Probe Names
                                  A    Add ESSID/Probe Name
                                              $    Enter the Name to Whitelist (Case sensitive)
                                  D    Delete MAC Address
                                              $    Enter the Name to remove from the Whitelist (Case sensitive)
                                  C    Clear all Names from the Whitelist
                      9 / C    Clear all Monitoring Items (MAC address & Names)
          9 / D    Dictionary Detail and Setting
                      1 / A    Add dictionary location
                                  $    Enter the location of the dictionary
                      2 / S    Set default dictionary
                                  $/*    Enter the dictionary to be set as default (For cracking)
                      3 / D    Delete dictionary location
                                  $/*    Enter the dictionary to be remove from dictionary listing
    D    Output Display
          0 / H    Hide both Access Points & Stations Listing Display
          1 / A    Display Access Points Listing Only
          2 / S    Display Station Listing Only
          3 / B    Display Both Access Points & Stations Listiong (Separated View
          4 / P    Advanced View with Probes Request (Merging associated Station with AP)
          5 / O    Advanced View without probing request (Merging associated Stations with AP)
          6 / C    Display one time bar chart of Access Points information
          7 / N    Show Association/Connection Alert (Toggle Yes/No)
          8 / U    Show Suspicious Activity Listing Alert (Toggle Yes/No)
          9 / I     Show Intrusion Detection/Attacks Alert (Toggle Yes/No)
          + / D    Display client which associated with more than one access point
    F    Filter Network Display
          1 / A    Access Point
                      1 / E    Encryption Type
                                  $    Encryption Filter (WPA / WPA2 / WPA* / WEP / OPN / OTH / ALL)
                      2 / S    Signal Range
                                  1 / V    VGood
                                  2 / G    Good
                                  3 / A    Average
                                  4 / P    Poor
                                  5 / U    Unknown
                                  9 / X    Clear Filter
                      3 / C    Channel
                                  *    Enter the Channel to filter
                      4 / N    Client
                                  Y/N    Display of Access Point with Clients (Yes/No)
                      5 / W    WPS
                                  Y/N    Display only Access Point with WPS (Yes/No)
                      6 / I    ESSID
                                  $    Enter the ESSID to filter
                      7 / B    BSSID
                                  $    Enter the BSSID to filter
                      9 / X    Clear Filter
          2 / S    Station / Client
                      1 / P    Probes
                                  Y/N    Display only if station having probe name (Yes/No)
                      2 / S    Signal Range
                                  1 / V    VGood
                                  2 / G    Good
                                  3 / A    Average
                                  4 / P    Poor
                                  5 / U    Unknown
                                  9 / X    Clear Filter
                      3 / A    Associated Station
                                  Y/N    Display on if station associated (Yes/No)
                      4 / U    Unassociated Station
                                  Y/N    Display on if station is not associated (Yes/No)
                      9 / X    Clear Filter
          3 / U    Unassociated Station
                      1 / P    Probes
                                  Y/N    Display only if unassociated station having probe name (Yes/No)
                      2 / S    Signal Range
                                  1 / V    VGood
                                  2 / G    Good
                                  3 / A    Average
                                  4 / P    Poor
                                  5 / U    Unknown
                                  9 / X    Clear Filter
                      9 / X    Clear Filter
    H    History Logs (Displaying Active Logs History)
          1 / C    Association / Connection Alert Log
          2 / S    Display Suspicious Activity Listing
          3 / A    Display Attack Log
          4 / L    Display Combination Logs (All Listing)
    L    Lookup MAC/Name Detail (Lookup BSSID / Station MAC / ESSID / Probes)
          1 / M    MAC Address
                      $    Enter the MAC to lookup for (xx:xx:xx:xx:xx:xx)
          2 / N    Names of Access Point / Probes
                      $    Enter the Name to lookup for
    M    Monitor MAC Address / Names (Adding MAC or Names to be monitoring list)
          1 / M    MAC Address
                      A    Add MAC
                                  $    Enter the MAC to be monitored (xx:xx:xx:xx:xx:xx)
                      D    Delete MAC
                                  $    Enter the MAC to be removed from monitoring list (xx:xx:xx:xx:xx:xx)
                      C    Clear MAC (Remove all MAC addresses from the monitoring list)
          2 / N    Name of Access Point / Probe Names
                      A    Add ESSID / Probe Name
                                  $    Enter the ESSID / Probe Name to be added to the monitoring list
                      D    Delete ESSID / Probe Name
                                  $    Remove the ESSID / Probe Name from the monitoring list
                      C    Clear Name (Remove all names from the monitoring list)
          3 / L    Live Monitoring of Access Point
                      $    Enter the Access Point MAC Address (BSSID) to monitor (xx:xx:xx:xx:xx:xx)
                                  >    Refer to Live Monitoring
          9 / C    Clear all Monitoring Items (MAC addresses & Names)
    O    Operation Options
          0 / R     Shutdown all interfaces and Restart application again
          1 / P     Probe Access Point Name (For probing on Hidden SSID)
                      $    Enter the ESSID to Probe
          2 / N    Refresh Now (Refresh current network harvesting process)
          3 / S    Restart application (All active listing will be cleared)
                      y/N    Active listing will be cleared, are you sure you want to exit ? (N)
          4 / T    Restore all setting (All configuration will be reset, application will restart)
                      y/N    All setting will be removed, are you sure (N)
    A    Auditing Network (Cracking of WEP/WPA/WPS or Live Monitoring of AP)
          >    Refer to Auditing Network
    I    Interactive Mode (Packet Analysis) - IDS
          >    Refer to Interactive Mode
    P    Intrusion Prevention - IPS
          $    Enter the Attacker MAC Address (xx:xx:xx:xx:xx:xx) - Deauthing MAC address once detected trying to associated to access point.
          *    Enter the loopcount before IPS stop (9999999)
          *    Waiting time before sending another deauth signal (1)
    X    Exit Application