Easy-Creds is a menu-style cracking tool. The tool allows users to open a wireless network card and can implement a wireless access point attack platform. Easy-Creds can create a spoofed access point and run it as a man-in-the-middle attack type to analyze the user's data flow and account information. It can recover accounts from SSL encrypted data. This section will introduce the use of Easy-Creds tools to attack wireless networks.
Easy-Creds is part of BackTrack5. In Kali, this tool is not installed by default. Therefore, you need to install the Easy-Creds tool before you can use it.
[Example 9-3] Install the Easy-Creds tool. The specific operation steps are as follows.
(2) Unzip the downloaded software package. Execute the command as follows:
root@localhost:~# unzip easy-creds-master.zip
Archive: easy-creds-master.zip
bf9f00c08b1e26d8ff44ef27c7bcf59d3122ebcc
creating: easy-creds-master/
inflating: easy-creds-master/README
inflating: easy-creds-master/definitions.sslstrip
inflating: easy-creds-master/easy-creds.sh
inflating: easy-creds-master/installer.sh
From the output information, you can see that the Easy-Creds package is decompressed into the easy-creds-master file. From the above information, you can see that there is an installer.sh file in the easy-creds-master file, which is used to install the Easy-Creds software package.
(3) Install the Easy-Creds package. Before installing the Easy-Creds package, there are some dependent packages that need to be installed. For these dependent packages, you can refer to the README file in the easy-creds-master file to install related dependent packages. Then, install the Easy-Creds package. Execute the command as follows:
root@kali:~# cd easy-creds/
root@kali:~/easy-creds# ./installer.sh
____ ____ ____ ____ ____ ____ ____ ____ ____ ____
||e|||a |||s |||y |||- |||c |||r |||e |||d |||s ||
||__|||__|||__|||__|||__|||__|||__|||__|||__|||__||
|/__\|/__\|/__\|/__\|/__\|/__\|/__\|/__\|/__\|/__\|
Version 3.7 - Garden of Your Mind
Installer
Please choose your OS to install easy-creds
1\. Debian/Ubuntu and derivatives
2\. Red Hat or Fedora
3\. Microsoft Windows
4\. Exit
Choice:
The above information shows the operating system menu where easy-creds is installed.
(4) Choose to install to Debian/Ubuntu here, enter the number 1, and the following information will be displayed:
Choice: 1
____ ____ ____ ____ ____ ____ ____ ____ ____ ____
||e |||a |||s |||y |||- |||c |||r |||e |||d |||s ||
||__|||__|||__|||__|||__|||__|||__|||__|||__|||__||
|/__\|/__\|/__\|/__\|/__\|/__\|/__\|/__\|/__\|/__\|
Version 3.7 - Garden of Your Mind
Installer
Please provide the path you'd like to place the easy-creds folder. [/opt] : #选择安装位置,本例中使用默认设置
[*] Installing pre-reqs for Debian/Ubuntu…
[*] Running 'updatedb'
[-] cmake is not installed, will attempt to install…
[+] cmake was successfully installed from the repository.
[+] I found gcc installed on your system
[+] I found g++ installed on your system
[+] I found subversion installed on your system
[+] I found wget installed on your system
[+] I found libssl-dev installed on your system
[+] I found libpcap0.8 installed on your system
[+] I found libpcap0.8-dev installed on your system
[+] I found libssl-dev installed on your system
[+] I found aircrack-ng installed on your system
[+] I found xterm installed on your system
[+] I found sslstrip installed on your system
[+] I found ettercap installed on your system
[+] I found hamster installed on your system
[-] ferret is not installed, will attempt to install…
[*] Downloading and installing ferret from SVN
……
[*] Installing the patched freeradius server…
……
make[4]: Leaving directory `/tmp/ec-install/freeradius-server-2.1.11/doc/rfc'
make[3]: Leaving directory `/tmp/ec-install/freeradius-server-2.1.11/doc'
make[2]: Leaving directory `/tmp/ec-install/freeradius-server-2.1.11/doc'
make[1]: Leaving directory `/tmp/ec-install/freeradius-server-2.1.11'
[+] The patched freeradius server has been installed
[+] I found asleap installed on your system
[+] I found metasploit installed on your system
[*] Running 'updatedb' again because we installed some new stuff
…happy hunting!
The above information shows the detailed process of installing the Easy-Creds package. During this process, it will detect whether all the dependent packages of easy-creds have been installed. If not installed, it will be installed during this process. After the Easy-Creds package is installed, the happy hunting! information.
[Example 9-4] Use the Easy-Creds tool to crack the wireless network. The specific operation steps are as follows.
(1) Start the Easy-Creds tool. Execute the command as follows:
root@localhost:~/easy-creds-master#./easy-creds.sh
____ ____ ____ ____ ____ ____ ____ ____ ____ ____
||e |||a |||s |||y |||- |||c |||r |||e |||d |||s ||
||__|||__|||__|||__|||__|||__|||__|||__|||__|||__||
|/__\|/__\|/__\|/__\|/__\|/__\|/__\|/__\|/__\|/__\|
Version 3.8-dev - Garden of New Jersey
At any time, ctrl+c to cancel and return to the main menu
1\. Prerequisites & Configurations
2\. Poisoning Attacks
3\. FakeAP Attacks
4\. Data Review
5\. Exit
q. Quit current poisoning session
Choice:
The above output shows the attack menu of the Easy-Creds tool.
(2) Select False AP attack here, and enter number 3. The information shown below will be displayed:
Choice: 3
____ ____ ____ ____ ____ ____ ____ ____ ____ ____
||e |||a |||s |||y |||- |||c |||r |||e |||d |||s ||
||__|||__|||__|||__|||__|||__|||__|||__|||__|||__||
|/__\|/__\|/__\|/__\|/__\|/__\|/__\|/__\|/__\|/__\|
Version 3.8-dev - Garden of New Jersey
At any time, ctrl+c to cancel and return to the main menu
1\. FakeAP Attack Static
2\. FakeAP Attack EvilTwin
3\. Karmetasploit Attack
4\. FreeRadius Attack
5\. DoS AP Options
6\. Previous Menu
Choice:
The above output shows the methods available for fake AP attack.
(3) Choose to use static fake AP attack here, and enter number 1. The information shown below will be displayed:
After setting the above information, some programs will be started automatically. After a few seconds, several active windows will open, as shown in Figure 9.34.
Figure 9.34 Valid window
(4) When a user connects to the Wifi access point, Easy-Creds will automatically assign an IP address to the client and be able to access the Internet. If a secure URL is accessed on the Internet, the tool will remove SSL and delete the secure connection and run in the background. Therefore, it is possible to read the user name and password of the client to log in to a certain website. As shown in Figure 9.34, a user name and password for logging in to the http://www.live.com website are captured. Its username is [email protected], and its password is qwert.
(5) At this time, select data recovery in the main menu of Easy-Creds, and enter the number 4, as shown below:
At any time, ctrl+c to cancel and return to the main menu
1\. Prerequisites & Configurations
2\. Poisoning Attacks
3\. FakeAP Attacks
4\. Data Review
5\. Exit
q. Quit current poisoning session
Choice: 4
(6) After selecting data recovery, the following information will be displayed:
____ ____ ____ ____ ____ ____ ____ ____ ____ ____
||e |||a |||s |||y |||- |||c |||r |||e |||d |||s ||
||__|||__|||__|||__|||__|||__|||__|||__|||__|||__||
|/__\|/__\|/__\|/__\|/__\|/__\|/__\|/__\|/__\|/__\|
Version 3.8-dev - Garden of New Jersey
At any time, ctrl+c to cancel and return to the main menu
1\. Parse SSLStrip log for credentials
2\. Parse dsniff file for credentials
3\. Parse ettercap eci file for credentials
4\. Parse freeradius attack file for credentials
5\. Previous Menu
Choice: 3
The above information shows the methods of available certificates.
(7) Choose to analyze the Ettercap eci file here, enter the number 3, and the following information will be displayed:
||e |||a |||s |||y |||- |||c |||r |||e |||d |||s ||
||__|||__|||__|||__|||__|||__|||__|||__|||__|||__||
|/__\|/__\|/__\|/__\|/__\|/__\|/__\|/__\|/__\|/__\|
Version 3.8-dev - Garden of New Jersey
At any time, ctrl+c to cancel and return to the main menu
Ettercap logs in current log folder:
/root/easy-creds-master/easy-creds-2014-07-24-1722/ettercap2014-07-24-1724.eci
Enter the full path to your ettercap.eci log file:
From the output, you can see where the Ettercap log files are saved.
(8) At this time, enter the full path of the ettercap.eci log file. This is done simply by copying and pasting the entire Ettercap path provided. As follows:
Enter the full path to your ettercap.eci log file: /root/easy-creds-master/easy-creds-2014-07-24-1722/ettercap2014-07-24-1724.eci
After entering the following path, the interface shown in Figure 9.35 will be displayed.
Figure 9.35 Recovered data
(9) From this interface, you can clearly see the intercepted client user information and the logged-in website.
CSDN spree: "Hacker & Network Security Introduction & Advanced Learning Resource Pack" free sharing