Kits that crack WEP and guess WPA keys are popular despite hacking laws
Dodgy salesmen in China are making money from long-known weaknesses in a Wi-Fi encryption standard, by selling network key-cracking kits for the average user.
Wi-Fi USB adapters bundled with a Linux operating system, key-breaking software and a detailed instruction book are being sold online and at China's bustling electronics bazaars. The kits, pitched as a way for users to surf the Web for free, have drawn enough buyers and attention that one Chinese auction site, Taobao.com, had to ban their sale last year.
With one of the "network-scrounging cards," or "ceng wang ka" in Chinese, a user with little technical knowledge can easily steal passwords to get online via Wi-Fi networks owned by other people.
To crack a WEP key, the applications exploit weaknesses in the protocol that have been known for years. For WPA, they capture data being transmitted over the wireless network and target it with a brute-force attack to guess the key.
Security researchers said they did not know of similar kits sold anywhere besides China, even though tutorials on how to crack WEP have been online for years.
Depending on many factors, WEP keys can be extracted in a matter of minutes," Muts said. "I believe the record is around 20 seconds."
The brute-force attacks on WPA encryption are less effective. But while WEP is outdated, many people still use it, especially on home routers, said one security researcher in China. That means an apartment building is bound to have WEP networks for a user to attack.
Thursday, May 6, 2010
Social Web Email CloseDigg Slashdot Fark Stumble Reddit
Microsoft acknowledges fixing internally-found flaws without disclosing details
Microsoft silently patched three vulnerabilities last month, two of them affecting enterprise mission-critical Exchange mail servers, without calling out the bugs in the accompanying advisories, a security expert said today.
Two of the three unannounced vulnerabilities, and the most serious of the trio, were packaged with MS10-024 , an update to Exchange and Windows SMTP Service that Microsoft issued April 13 and tagged as "important," its second-highest threat ranking
According to Ivan Arce, the chief technology officer of Core Security Technologies, Microsoft patched the bugs, but failed to disclose that it had done so.
"They're more important than the [two vulnerabilities] that Microsoft did disclose," said Arce. "That means [system] administrators may end up making the wrong decisions about applying the update. They need that information to assess the risk."
Microsoft silently patched three vulnerabilities last month, two of them affecting enterprise mission-critical Exchange mail servers, without calling out the bugs in the accompanying advisories, a security expert said today.
Two of the three unannounced vulnerabilities, and the most serious of the trio, were packaged with MS10-024 , an update to Exchange and Windows SMTP Service that Microsoft issued April 13 and tagged as "important," its second-highest threat ranking
According to Ivan Arce, the chief technology officer of Core Security Technologies, Microsoft patched the bugs, but failed to disclose that it had done so.
"They're more important than the [two vulnerabilities] that Microsoft did disclose," said Arce. "That means [system] administrators may end up making the wrong decisions about applying the update. They need that information to assess the risk."
example of inheretance clas program
// main class
using System;
using System.Collections.Generic;
using System.Text;
namespace inheretence
{
class Program
{
static void Main(string[] args)
{
woman ee = new woman();
ee.eat();
man rr = new man();
rr.eat();
Console.ReadLine();
}
}
}
// inheretance class
using System;
using System.Collections.Generic;
using System.Text;
namespace inheretence
{
abstract class human
{
public abstract void eat();
{
Console.WriteLine("eatinggggggggggggg");
}
}
class man : human
{
public override void eat()
{
Console.WriteLine("man eating");
}
}
class woman : human
{
public override void eat()
{
Console.WriteLine("woman eating");
}
}
}
using System;
using System.Collections.Generic;
using System.Text;
namespace inheretence
{
class Program
{
static void Main(string[] args)
{
woman ee = new woman();
ee.eat();
man rr = new man();
rr.eat();
Console.ReadLine();
}
}
}
// inheretance class
using System;
using System.Collections.Generic;
using System.Text;
namespace inheretence
{
abstract class human
{
public abstract void eat();
{
Console.WriteLine("eatinggggggggggggg");
}
}
class man : human
{
public override void eat()
{
Console.WriteLine("man eating");
}
}
class woman : human
{
public override void eat()
{
Console.WriteLine("woman eating");
}
}
}
Subscribe to:
Posts (Atom)