A few suggestions reloaded!


#1

Hello Friends!,

It has been a while since I have made my last post.
@palinuro was right about the anonym8 module as it is outdated and depricated. But it looks like to me that the anonsurf mymac module STILL has NOT BEEN fixed in parrot 4.3, I know this might sound strange but the bug is still present. As Advised by my old friend @Nico_Paul, it is best to configure it manually and set the “mac” command to a “macchanger” command instaid. I also Mentioned that hcxtools and hcxdumptool should be included automatically in the distro becuase it is a very advanced WPA Capture tool and uses the new PMKID exploit to crack the hash with hashcat. Another bug I have noticed mentioned by a user STILL has not been fixed in vokoscreen where the recorder is set to /usr/local/bin/ffmpeg or something like that. the solution is to implement the /usr/bin/ffmpeg path instaid. I have also noticed a possible glitch in atom where you change languages and attempt to try and program in python and the application crashes. IDK the exact details but it is something like that. Here is a summary of want I want:

  1. Fix Parrot anonsurf mymac error with output mac command not found to macchanger -s (interface) command
  2. PLEASE PLEASE include hcxdumptool by default in the parrot distro becuase it is a very nice security tool that audits wifi networks
  3. Fix vokoscreen /usr/local/bin/ffmpeg to /usr/bin/ffmpeg
    #####hcxdumptool: https://github.com/ZerBea/hcxdumptool and https://github.com/ZerBea/hcxtools for converting handshakes
    I noticed you guys had a ratelimit on your forum so sorry for cramming all of this into 1 post… :blush:

#2

Here is a website for hcxdumptool’s functions:
http://seclist.us/hcxdumptool-small-tool-to-capture-packets-from-wlan-devices.html


(Nico Paul) #3

Oh if i had to apologize for every long post i made, haha youre in good company! @palinuro i always forget to ask why we dont have those two hcx tools but i know you must have a reasoning or something breaks another tool that is better or does the same thing while not requiring those which makes the build lighter or maybe because its a little too automated (for my taste; along with fern) and tends to draw the wrong crowd etc. anyways back to the post at hand: I really enjoyed hearing that you did your own testing! Now you know a lot more about how they all work and interact when combined et cetera! Is vokoscreen a package? What is it for?


#4

vokoscreen is a screen recorder Paul, It is mean’t to record your screen while you game or do a tutorial on somthing and the /usr/bin/local/ffmpeg path does not exist. The hcx tools only add AT MOST 1 ms of delay to the parrot Distro and it is not automated nor it takes up like ANY space whatsoever. Fern wifi cracker is extreemly outdated and it is about 70% automation. I prefer aircrack-ng or just even a PLAIN PYTHON COLSOLE for doing such attacks :smile: :laughing:


#5

I’m also not too sure if there is ANY tool in Parrot OS that can capture PMKIDs from access points and extended EAPOL, RADIUS and GSM-SIM credentials including usernames and identities from the wlan traffic with plainmasterkeys in a lightweight bash if it wasn’t by the name of hcxdumptool.

Another tool I have found, seems to be quite advanced in Wifi Security:

and

I wish to include by default


(Nico Paul) #6

Lorenzo is pretty beast at being able to make something that originally wanted x number of bytes need only .x number of bites someday when hes koving a little slower ill have a good oppurtunity to ask him a lot about why he does things (ive learned that there are certain special people throught life that you just dont ask why not only because you dont see a need to but because its easier in the longrun and it just plain works, like my local fish guru he is amazing with growing coral and has the wierdest methods) but there are too many to respectfully take his time away from things that i consider important for lots and lots of people that they truly depend on for me to do this right now. Anyways well now im a little selfconcious about this half baked book of mine that ive stopped and started a few times and im just gonna leave this here like this i suppose. #yolo #systemd


#7

Thank you for the motovational lecture :grin: I Think I am running out of posts I can do per day. I Understand that sometimes you need something that works but my point is replacing the old, depricated and unused packages like proxychains and mitmf for something with more support and better maintainence with more practical usage that not only does the job but does the job with QUALITY and has support for future usage along with packages that are usefull for many people who use this to ACTUALY Pentest instaid of only for everyday work. When you are in live mode and you need to capture a pmkid hash to a .pcap file FAST and efficianty, you NEED to install the hcxtools package which takes forever on old hardware and is not fair to not include something like this becuase it consumes 300 kilobytes on disk but takes about 10 min to clone and compile on a live distribution. PLEASE, PLEASE heed my explainations!! I don’t want this ONLY good linux distro for pentesting to turn into an ubuntu workstation!

No Problem @Nico_Paul :smiley:


(Nico Paul) #8

I apologize if i gave the wrong impression i actually agree with you about adding the two packages not only for a wifite etc. but because lots of other people request them lately so its just apparently a strong desire which as long as everything plays nicely justifies it enough in my book (but i may not be thinking of everything) i also wasnt trying to lecture that palinuro Should never be questioned, rather that for me personally i temd to meet “those types” who 99% of the time do things differently than the main group of people and help others have the same successes by using different and often experimental methods. Or at least two.


(Matt) #9

Palinuro’s comment on mac changing in anonsurf:
(Copied from git lab https://dev.parrotsec.org/parrot/anonsurf/issues/5#note_555.)

mac changing feature in anonsurf was rejected because we think anonsurf should only take care of ip and tcp protocols and above.
the mac address is an ethernet specification and it is out of scope in this tool, also because changing mac also implies re-connecting to the network, and this behavior may create unwanted conflicts with network-manager.
additonally, we recognized that the mac changing feature may create a clear behavioral finterprint of anonsurf, as it is pretty easy to monitor a network and notice a mac address disconnection immediately followed by a new device with different mac reconnection (network manager also tries to negotiate for the old ip address) and then a lot of tor traffic.
we strongly prefer to provide anonsurf as a simple and stupid tor+iptables wrapper and nothing more.
in fact network-manager already provides a mac randomization feature and it works pretty well.
people who need to change mac address have to do that before accessing a network, and they can do that from the network manager.


#10

Then REMOVE the mymac function!! Otherwise it is pointless and was pointless creating it in the first place… :expressionless:


(Matt) #11

In current version on anonsurf the “mac” function has been removed. Although the mac|mymac option is still in the switch statement, it has nothing to call.


(Nico Paul) #12

Why is it so important that it not be there? Didn’t you say you prefer to set it manually on a case by case basis for the interface?


#13

oh, then it’s all good :grinning: Just made it so it’s functional again :smile:


(Nico Paul) #14

So I was doing some research on these packages that you requested and I believe I know the general reasoning behind not including them while reading the “hcxtools readme” the first line of the description actually has never caught my eye till now because the last time (the first time I read it) I was looking through it for dependency info, but it says
"multiple stand alone binaries - designed to run on Arch alinux I know enough to know not only could I stop there, palinuro isn’t particularly fond of that phrase… But I continued through the fear of having to report back and have to say that word here…(i tried arch once to see what the fuss was and I thought it was for lack of a better word fat) but it references hash at so I imagine it could have something to do with nvidia as well? @KidKlown has a better answer I’m sure


(Matt) #15

Not used hcxtools, but reading their git quickly, it looks like it captures traffic and converts it to hccapx (as well as a few other conversions). So some reasons for it not being included may be:

  1. There are obviously several application already installed that can capture traffic (Including wpa handshakes).
  2. Hashcat has a tool to convert ‘.cap’ to ‘.hccapx’ already (/usr/share/hashcat-utils/cap2hccapx.bin)

(Nico Paul) #16

That’s what I thought when I looked at the readme it had a lot of hashcat in it. So there you go, palinuro in a way did include this, just not a version configured for an arch system. #debian


#17

I think you are right @KidKlown maybe we can use hashcat, but the n00bz won’t be proud of it :joy:


#18

I’ve been trying different distros for the last 2 months. Been working on Parrot for 3 weeks, and got it installed and fairly stable by myself. (after many failures and re-installs). In my optinion, Parrot could grow, unlike many other new ones. But as long as the n00bs are ignored and looked down on, where you going to get your growth base from? I spent two years gutting windows 7 before I found out I wasn’t going to be able to close the back doors. I’m done with windows. I’d like to use this system, but as long as I can’t get my questions answered, or even replied to, I may have to move on.


(dmknght) #19

In my opinion, no need to maintain new tools if old tools can do all features. BTW, as i know, Parrot team is lacking of human resource so maintaining 3rd party applications will not easy. I have some ideas, like “replacing olly debugger by immunity debugger” or “including radare2-cutter” but it can’t be done right now.


(Mike Snowhill) #20

“Plain Python Console” - could you elaborate please? What exactly are you using (modules, tools, scripts, sites)?

This is something that I am interested in too :slight_smile: