|−|[http://willa-ford-mp3.boom.ru/ | Willa Ford Mp3] |+|
|−|[http://used_ford_truck.chat.ru/ | Used Ford Truck] |+|
|−|[http://used_ford_rang.chat.ru/ | Used Ford Rang] |+|
used_ford_auto. chat. ru/ | Used Ford Auto] |+|
|−|[http://texas- ford-dea. boom.ru/ | Texas Ford Dea] |+|
[http://..-./// . . . .. .
|−|[http:// texas_ford_deale. chat. ru/ | Texas Ford Deale] |+|
|−|[http://senator-john. boom. ru/ | Senator John] |+|
|−|[http://remanufactured_f. chat. ru/ | Remanufactured F] |+|
http://q1997_ford_explo.chat.ru/ | Q1997 Ford Explo] |+|
q1997_ford_esc. chat. ru/ | Q1997 Ford Esc] |+|
|−|[http://q1996_exporer. chat.ru/ | Q1996 Exporer] |+|
[http://..] .. . For [http://..]. .
|−|[http://problem_with_for. chat. ru/ | Problem With For ] |+|
picture-of-henry. boom. ru/ | Picture Of Henry ] |+|
|−|[http://old-ford-truck. boom. ru/ | Old Ford Truck] |+|
|−|[http:// northern_califor. chat.ru/ | Northern Califor] |+|
new-ford-truck. boom. ru/ | New Ford Truck] |+|
|−|[http://model_a_ford. chat. ru/ | Model A Ford] |+|
. . .
|−|[http://melissa_ford_pho.chat.ru/ | Melissa Ford Pho] |+|
|−|[http://john_ford_tennes. chat.ru/ | John Ford Tennes] |+|
: . [http://..-.//.] [http://..-.//.]. .
|−|[http://john_bleakley_fo. chat. ru/ | John Bleakley Fo] |+|
|−|[http://indiana_ford_dea.chat.ru/ | Indiana Ford Dea] |+|
|−|[http: //henry_ford_mus. chat.ru/ | Henry Ford Mus] |+|
henry_ford_hos. chat. ru/ | Henry Ford Hos] |+|
|−|[http://ford- focus-svt.boom. ru/ | Ford Focus Svt] |+|
|−|[http:// ford-explor.chat. ru/ | Ford Explor] |+|
ford-conversion. boom. ru/ | Ford Conversion] |+|
|−|[http://ford- commercial. boom.ru/ | Ford Commercial] |+|
|−|[http:/ /ford-body-part. boom.ru/ | Ford Body Part] |+|
|−|[http://ford-amphitheat. boom. ru/ | Ford Amphitheat] |+|
|−|[http: //ford_windstar_pa. chat.ru/ | Ford Windstar Pa] |+|
|−|[http: //ford_truck_sea. chat.ru/ | Ford Truck Sea] |+|
|−|[http: //ford_truck_recal. chat. ru/ | Ford Truck Recal] |+|
|−|[http://ford_truck_per. chat. ru/ | Ford Truck Per] |+|
|−|[http://ford_tractor. chat.ru/ | Ford Tractor] |+|
http://ford_thunderbi.chat.ru/ | Ford Thunderbi] |+|
. . . . . .
|−|[http://ford_rangers_f.chat. ru/ | Ford Rangers F] |+|
|−|[http://ford_ranger_repa. chat. ru/ | Ford Ranger Repa] |+|
|−|[http://ford_probe_raced. chat. ru/ | Ford Probe Raced] |+|
|−|[http://ford_probe_fo. chat. ru/ | Ford Probe Fo] |+|
|−|[http://ford_pickup_tr. chat. ru/ | Ford Pickup Tr] |+|
|−|[http://ford_part_restor. chat. ru/ | Ford Part Restor] |+|
. . . .
|−|[http://ford_part_onl. chat. ru/ | Ford Part Onl] |+|
|−|[http: //ford_new_hol. chat. ru/ | Ford New Hol] |+|
http: //ford_mustang_par. chat.ru/ | Ford Mustang Par] |+|
http: //ford_mustang_for. chat.ru/ | Ford Mustang For] |+|
http: //ford_mustang_cl. chat.ru/ | Ford Mustang Cl] |+|
http: //ford_mustan.chat.ru/ | Ford Mustan] |+|
|−|[http://ford_motor_recal.chat.ru/ | Ford Motor Recal] |+|
|−|[http://ford_motor_comp.chat.ru/ | Ford Motor Comp] |+|
|−|[http://ford_motor_co.chat.ru/ | Ford Motor Co] |+|
|−|[http://ford_model_part.chat.ru/ | Ford Model Part] |+|
|−|[http://ford_m. chat.ru/ | Ford M] |+|
|−|[http://ford_health_henr. chat.ru/ | Ford Health Henr] |+|
|−|[http://ford_gt_picture.chat.ru/ | Ford Gt Picture] |+|
|−|[http://ford_focus_r.chat.ru/ | Ford Focus R] |+|
|−|[http://ford_falcon_part. chat. ru/ | Ford Falcon Part] |+|
|−|[http://ford_falcon_for.chat. ru/ | Ford Falcon For] |+|
|−|[http://ford_factory_par.chat.ru/ | Ford Factory Par] |+|
|−|[http://ford_f250_diesel. chat.ru/ | Ford F250 Diesel] |+|
|−|[http://ford_f150_truck. chat. ru/ | Ford F150 Truck] |+|
|−|[http://ford_f150_sacra.chat.ru/ | Ford F150 Sacra] |+|
http://ford_f_150_pictu.chat.ru/ | Ford F 150 Pictu] |+|
http: //ford_explorer_r.chat. ru/ | Ford Explorer R] |+|
|−|[http://ford_escort_z.chat.ru/ | Ford Escort Z] |+|
|−|[http://ford_escort_bo.chat.ru/ | Ford Escort Bo] |+|
|−|[http://ford_escape_p.chat.ru/ | Ford Escape P] |+|
|−|[http://ford_dealer_was.chat.ru/ | Ford Dealer Was] |+|
|−|[http://ford_dealer_st.chat.ru/ | Ford Dealer St] |+|
http://ford_dealer_pa.chat.ru/ | Ford Dealer Pa] |+|
http: //ford_dealer_okla.chat.ru/ | Ford Dealer Okla] |+|
|−|[http://ford_dealer_nas.chat.ru/ | Ford Dealer Nas] |+|
|−|[http://ford_dealer_illi.chat.ru/ | Ford Dealer Illi] |+|
|−|[http://ford_dealer_fo.chat.ru/ | Ford Dealer Fo] |+|
http://ford_dealer_denv.chat.ru/ | Ford Dealer Denv] |+|
http: //ford_dealer_b.chat.ru/ | Ford Dealer B] |+|
|−|[http://ford_deale.chat.ru/ | Ford Deale] |+|
http://ford_credit_com.chat.ru/ | Ford Credit Com] |+|
http: //ford_credit_card.chat.ru/ | Ford Credit Card] |+|
|−|[http://ford_contour_svt.chat.ru/ | Ford Contour Svt] |+|
. . .
Notes on lab session
I did not find the Bluetooth Specifications and Profiles Book readily on Google, so for your convenience I put these two documents up here. The profiles book, together with the OBEX specification should be the sources to use when trying to figure out what these vulnerabilities were that Christian was talking about this morning in the lecture. As far as I understand, the mentioned attacks exploit the fact that in some profiles you can use functions which are not specified to be in there, but which were actually defined for other profiles which are more heavily protected. (e.g. you need to connect to the device, pair with it, enter a pin, stuff).
-- Lisa Thalheim
Preparation for the WiLDing session
In order to get the most out of our WiLDing experience, you should have a few tools available and basically set up when we start. For *nix, you should probably get Kismet in version 4.x, since it supports many more chipsets. Also, you should make sure that your WLAN card supports monitor mode, since Kismet works completely passively. For Windows, you might wanna try Netstumbler. In case you have other tools available you feel more comfortable with, please feel free to use those.
You need to install/compile Kismet with ImageMagick support enabled in order to use its map drawing feature. For this you should also get gpsdrive and gpsd, which comes bundled with it.
Kismet creates quite a few files representing discovered networks in different formats, so you might wanna have a seperate directory to keep those. Please also note that Kismet needs to be run suid root in order to switch your card into monitor mode. If Kismet does not support your special chipset, try to do the switch manually or grab another card from the lab or somewhere else.
I will try to get maps for this region to use with the map drawing feature. Hopefully they will be put on our file server. Right now gpsdrive is still bugging me with less verbose error messages.
UPDATE: I got maps which should be about right for us. I got one for a scaling factor of 15000 which should cover most of Aachen aswell as one of the city centre at the scale of 10000. Get those either from the links provided or using gpsdrive directly (take the expedia server). The coordinates I used are:
In case you are going for really strange routes, you might wanna play with the coordinates (just as a reminder: to go north, increase Lat; to go east, increase Long).
You also need mySQL to get Kismet and gpsdrive to play together. Use the provided .sql file (and maybe edit it beforehand) to set up the geoinfo database.
I4 has asked us to provide our results to their research team, so please keep your data (preferrably in csv format) and we can collect them afterwards.
-- Ernest Hammerschmidt
preparations and a discussion
Hm, I haven't done that much during the labsession. I made some slides for the coffee table talk on wednesday
and afterwards had a talk with Christian klein about bluetooth discovery. The idea is to listen on one channel and then sniff some frame. This gives you the mac address of some bluetooth devices and is probably more relialble then the @stake method of bruteforcing. C. told me that he's going to look into this with some special crafted material. Who knows, maybe there's going to be a paper about this.
--- Ilja van Sprundel
Wardriving session I
Alex, Christian (Dietrich) and me were on an exciting adventure on the streets of Aachen. We had a GPS receiver connected to a notebook with WLAN running kismet and gpsdrive.
We soon found many access points and gpsdrive showed us the (nearly) exact locations of all the networks we drove through. Unfortunately, gpsdrive crashed and so we lost the tracking data of that program. At home we had to use the data kismet logged during the wardriving session. We used the kismet tool gpsmap to draw some maps which you will find attached below.
We found 298 access points, 147 with WEP enabled and 152 without WEP!
Here is a list of common SSIDs:
56 access points showed no SSID.
--Boris Leidner 22:10, 28 Sep 2004 (CEST)
Wardriving around Aachen
Samad, Sammy, Jan and me started "war-walking" on the first day (28/9), while we're getting
our equipment and setup to work. At the end of the day, we found 21 wireless access points
using my Centrino laptop with a Garmin GPS receiver, by walking to the bakery and back.
On the second day, we had more success, having gotten Netstumbler and kismet to work on
3 laptops with 2 available GPS receivers. Samad was driving his car for this session. I found a total of 109 APs (after merging my netstumbler logs, cos the program apparently needed to restart frequently before it'll detect new APs).
The map, generated using the facility at www.gpsvisualizer.com is appended.
---Ford L Wong