Need some cool hacking devices?
Here are the best products and this post explains their function in detail!
Let’s get started!
- 1 Need to be rich to hack?
- 2 The Top 8 Hacking Gadgets
- 2.1 #1 Devilish, harmless USB stick – Duck-USB
- 2.2 #2 Wifi password was yesterday – Wifi hacking antennas
- 2.3 #3 Old School Hacking is underestimated – Bug
- 2.4 #4 Welcome to the future – Dangerous cables
- 2.5 #5 Dangerous acquaintance – Rouge Wifi AP
- 2.6 #6 Overcoming big hurdles easily – Raspberry Pi
- 2.7 #7 Compare easily – RainbowTables hard drives
- 2.8 #8 Please do not change anything! – Write Blocker
Need to be rich to hack?
Hacking is a field in IT which you can do on your 14-year-old cucumber (e.g. your old laptop). You usually don’t need a lot of hardware, memory or CPU power, as long as you don’t do any brute forcing. Nevertheless, I would like to introduce you to 8 hacking gadgets that complete your setup!
Please only hack your own systems or systems of others from whom you have written permission. This activity is called pentesting, is a highly respected profession and very well payed!
The Top 8 Hacking Gadgets
#1 Devilish, harmless USB stick – Duck-USB
If you’ve been studying IT security for a while, you know that you should never put an unknown USB stick into your computer.
It could be dangerous malware on the USB stick which you could run “unintentionally”. Normally, Windows warns you of such an execution today and with Linux you have to enable the execution by command first.
What if the USB stick is not a normal USB stick, but simulates a keyboard that performs thousands of keystrokes in a few seconds fully automatically? As a rule, our systems are not armed against such attacks.
Most operating systems recognise a normal keyboard immediately, allow interaction and do not assume any danger. As an attacker, you have to programme the keystrokes into the device in advance. It’s stupid only if the script doesn’t work on this computer at the first attempt.
#2 Wifi password was yesterday – Wifi hacking antennas
Streaming without using mobile data?
That’s possible with W-LAN hacking.
The security of your WLAN is only as good as your password! You can crack simple passwords with a strong GPU, a W-LAN antenna and software. Only a handful of W-LAN antennas still allow hacking, because these antennas force a “re-authentication” from other devices. In this process, the antenna grabs the authentication packets out of the air.
Normally, “re-authentication” does not happen that often. You can use the obtained packets to start the brute force attack. For this, you need a powerful GPU or GPU cluster at a cloud provider.
If you want to test WLAN hacking, the WLAN hacking guide will help you!
#3 Old School Hacking is underestimated – Bug
Greetings from James Bond!
Hacking doesn’t just include the classic spying on computer systems, but also employees talking about secret things in meeting rooms and offices.
For 99.99% of hackers, it is easier to plant a bug than to hack the telecom to listen in on the conversation.
Over the decades, camera and microphone technology has shrunk to grain size, so they can fit in furniture or other technology.
#4 Welcome to the future – Dangerous cables
A USB cable is harmless if there’s nothing attached to the other end, right? Unfortunately, no.
Hacking microcomputers have been fitting into the “end” of a USB plug for a few years now. The NSA demonstrated the power of the technology ($20 000 each), which other private manufacturers later produced commercially for under $200. The system works like the presented Duck USB stick. You can also use such cables as keyloggers:
The cable not only forwards the signals from the keyboard, but also captures them. The keylogger in the cable (at one of the ends) stores the signal and sends it via Wifi to the attacker’s computer. Other models store the content locally and allow the passwords to be read later.
#5 Dangerous acquaintance – Rouge Wifi AP
Public WLANs are popular, but not safe.
You can never be 100% sure who is providing the public Wi-Fi. You can sit down in a café with a very strong wireless access point in your pocket and rename the SSID, the W-LAN name to “city café”.
Every smartphone that has already connected to the real WLAN of the city café will connect to yours instead. The smartphones will preferentially select the access point with the lowest reduction.
#6 Overcoming big hurdles easily – Raspberry Pi
Many companies try as hard as possible to protect the data traffic between the internal company network and the Internet.
Admins use firewalls, IPS and SIEM and SOARs to keep attackers out and detect dangerous traffic.
The internal network is a different story. Most companies do not check which devices are on the internal network, but allow access by default. Often you will find servers that exchange data unencrypted because it is “more convenient”.
If you walk in as a visitor and plug a Raspberry PI into an unused LAN port in an empty office when you go to the toilet, then you have cleared the most difficult hurdle. You don’t have to outsmart a firewall or escape the IPS.
Most servers trust the PI rather than a computer from the Internet. The PI has full visibility on the internal network
#7 Compare easily – RainbowTables hard drives
Passwords are stored by secure software and operating systems not in plain text, but as a hash.
A hash is a sequence of 0s and 1s of a certain fixed length. The hash algorithm compresses the file to the hash length and serves like a fingerprint for recognition. No algorithm can calculate the password back from the hash.
A hacker stores all conceivable passwords as a hash beforehand and compares the hashes with each other. This way you can crack computers with less effort.
Hash tables are called Rainbow Tables, which you can buy ready-made. You attach these hard disks to your computer and start a comparison process. The Salt and Pepper functions can make your plan more difficult. Read this hash tutorial.
#8 Please do not change anything! – Write Blocker
Are deleted files deleted?
No, you can restore them in the recycle bin!
And if they are deleted in the recycle bin, then they are really deleted!
Also no. The computer wants to save hard disks and does not delete the entire memory area, but only the entry in the “table of contents”. However, the deleted file is still fully intact.
The computer can now overwrite this location at any time because it is marked as free for the system. You can find these ghost files with a forensic software.
Unfortunately, you can’t just copy all the contents on the hard drive, you have to make a bit-by-bit copy. The ghost file would not show up on the other hard drive with a normal (logical) copy.
The host blocker comes into play here. To guarantee that no write / change command is sent to the examining HDD, you clamp a write blocker in between, which stops every write process. This way you can copy without worry and analyse the working copy.
