Welcome to DigiNinja.org, on this site you will find any tools or patches I've created and released to the security community. If you have any questions, bug reports or comments feel free to get in touch at dninja@gmail.com or occasionally you can catch me on the Hak5 or PaulDotCom IRC channels, nick dninja.
Anyone interested in my pen-testing or software development skills for either web, desktop or any other type of application visit Freedom Software for more information.
Jasager is an implementation of Karma on the Fon with a new web GUI and extra features such as auto-run scripts and easy access tools to play with connections.
Jasager is so big it has its very own section, visit Jasager.
I recently bought an mp3 player but found that a number of the podcasts that I listen to don't have their id3 tags written correctly or they sometimes change from show to show meaning that they jump around in the jukebox menu. I wrote this script so I could syncronise the tags on all the shows so they always appear in the same place.
The script comes with a few sample shows, to add more just create new entries in the show_details array at the top of the script.
To run the script you need the id3lib package installed and the ruby wrapper. I got the package from my distro package manager and installed the ruby wrapper through gem with:
gem install id3lib-rubydownload karma patched madwifi for the eee
These are pre-patched madwifi drivers for the eee pc. They are built on the ones created by the Arch linux distro.
There was recently a question on the PaulDotCom Forums about taking the output from an nmap scan and creating a set of text files with the names of the OS's found, e.g. linux.txt and windows.txt, and containing the IP addresses of machines with those OS's.
I've created a ruby script called os_lister which can do just that. It takes as a piped input the output from nmap -O and creates the files. At the moment it is very limited as it only detects windows and linux machines but it can easily be extended by adding more regular expressions to the case statement.
A whole page dedicated to my Gold Paper, Programming Wireless Security.
Pre-patched Scapy 1.2.0.2
Patch for Scapy 1.2.0.2
As part of a tool I'm writing I've written an EAPOL WPA key dissector for scapy version 1.2.0.2. I've submitted it as a patch to the author but thought I'd share it here as well.
This is based on observations rather than going through the EAPOL spec so may not be 100% accurate but works in all the tests I've tried.
If anyone has any feedback, let me know at the email address above.
Patch for madwifi 0.9.4 svn 3379
I don't usually do patches for svn versions but as a number of people have asked me for this and the madwifi group have changed quite a bit of stuff recently I thought I'd release it.
For anyone in a rush for the patches for madwifi 0.9.4, here they are. I've built these from the 0.9.3.3 patches and I've compiled then but not tested them. I'm still in DC after Shmoocon so I'll give them a good testing when I get home. If anyone has any problems with them let me know.
madwifi_0.9.3.3_karma_bw.tar.bz2
Black and white listing of ssids is now available. The default is an empty blacklist which emulates the existing accept all functionality. See the README in the tar for full instructions.
madwifi_0.9.3.3_karma_iwpriv.tar.bz2
This version of the patches now comes with the ability to enable and disable the karma functionality with the iwpriv command.
The tar file contains a README with full instructions on how to install and use the patches but for those who don't read instructions, build and install as before (see below) and then enable karma by running iwpriv ath0 karma 1. To disable, run iwpriv ath0 karma 0. Note, karma is OFF by default.
New AccessPoint module
This replacement module will allow karma to run in either ad-hoc or master mode. To switch between them edit the parameter in module.xml
Madwifi 0.9.3.3
Patch for Madwifi-ng 0.9.3.3 and 0.9.3.2.
Madwifi 0.9.3.1 Karma patch
Madwifi 0.9.3 Karma patch
Having recently done the SANS Hacker Techniques track I found myself playing with idle scanning and wrote this script as a proof-of-concept for myself. As I feel I've learnt a lot from it I thought I'd put it out to the world for anyone else who is interested to play with. I recommend having wireshark running as you are using it so you can see the actual packets being generated.
Before anyone complains it isn't the best code and isn't optimized, I know. I'm still learning python and it is a POC rather than an in-the-field piece of code. Also, the way I've written it helped me in getting my head around the way the packets were actually generated so I'm deliberately leaving it in this state.
I recently bought a convertor from CardBus to ExpressCard from Addonics and I've had a few people ask how well it works. So here is a quick review...
It works well, I quizzed the sellers before buying and was promised it was just a pass through device which didn't need any extra drivers, that appears to be correct as my Ubiquity card still works fine using it.
The only problem I've had is that it seems to be needed to be plugged in before I boot and does not report the device being ejected properly. That could be the linux distro or my settings so I'm not blaming the device yet. I don't have a windows partition on that machine to test it in windows.
The only other problem is that it sticks miles outside my machine so isn't discrete like the Ubiquity card used to be but you can't have everything. Here are a couple of photos: photo 1, photo 2.
P.S. If you are in the UK, watchout for the shipping, the device was about $60 but the shipping was an extra $40 and I'm expecting the import tax bill in soon. It was here within a couple of days but if you don't need it that fast you may be able to try negotiating on the shipping options.
I've built the package and released it in AUR. You can download the Lorcon package here.
As of version 4.2 Josh has now incorporated my idea into the full version which you can get from Will Hack For Sushi.
