tag:blogger.com,1999:blog-5554915078212081470.post2316779510705607287..comments2023-07-31T04:22:23.114-05:00Comments on HiR Information Report: Fon presentation and notesAx0nhttp://www.blogger.com/profile/12145109647562469601noreply@blogger.comBlogger2125tag:blogger.com,1999:blog-5554915078212081470.post-55883214738780309702009-03-07T12:43:00.000-06:002009-03-07T12:43:00.000-06:00Also, if you open the Fon, there are solder termin...Also, if you open the Fon, there are solder terminals for a second antenna. You can solder an antenna directly to these pads or use a short pigtail to the connector of your choice (N-Connector, RP-TNC, or NC for example)Ax0nhttps://www.blogger.com/profile/12145109647562469601noreply@blogger.comtag:blogger.com,1999:blog-5554915078212081470.post-67347844551981894992009-03-07T12:41:00.000-06:002009-03-07T12:41:00.000-06:00A few notes:Jasager is a "VERY CAPTIVE PORTAL" - T...A few notes:<BR/>Jasager is a "VERY CAPTIVE PORTAL" - That will listen for Wifi probe requests, then send out a beacon that forces all wireless clients in range to associate with it (as opposed to associating with the access point they thought). This can be used for black-holing wireless access in a secure environment where WiFi is not allowed. If combined with other tools such as <A HREF="http://www.inguardians.com/themiddler.html" REL="nofollow">Middler</A>, <A HREF="http://www.thoughtcrime.org/software/sslstrip/" REL="nofollow">SSLStrip</A> or <A HREF="http://www.metasploit.com/" REL="nofollow">Metasploit</A>, havoc can be wrought by exploiting browser vulnerabilities, using iFrames and DNS spoofing to grab session IDs, or creating a very stealthy man-in-the-middle attack to gather sensitive information that the user expects to be encrypted.<BR/><BR/>Battery-powered hacks:<BR/>A battery pack can be made with the properly-sized barrel connector (center pin is Positive DC voltage) couples to a 4AA or modified 6AA battery clip from Radio Shack. The 6AA pack must be modified to hold 5 AA batteries, so solder some wire between the 6th battery contacts. 6 AA batteries would push 7.2 Volts, enough that it might damage the Fon router. I did not test it with 6 AAs.<BR/><BR/>I ended up using a Modified 6AA battery clip with a built-in 9v-style plug on top and bought some 9V battery clips to go with it, which I soldered to the barrel connector. <A HREF="http://farm4.static.flickr.com/3290/2949490036_c63f428d18_o.jpg" REL="nofollow">Photo here</A>, featuring the 12dBi antenna.<BR/><BR/>A 4AA pack with 2500 mAh Nickel-Metal-Hydride rechargeable cells ran my Fon (with Jasager) for a little over 1 hour. 5 AAs ran it for close to 3 hours. This is because 5 cells actually starts by pushing more volts than the Fon was designed for (don't worry, it can handle it) but it takes much longer for the voltage to drop too low for the Fon to function.<BR/><BR/>The Antenna connector is RP-SMA, so many aftermarket antennae will work great. <A HREF="http://fon.com" REL="nofollow">Fon</A> sells the Fontenna, a large omnidirectional antenna. Larger "<A HREF="http://en.wikipedia.org/wiki/Rubber_Ducky_antenna" REL="nofollow">Rubber Ducky Antennae</A>" are readily available with RP-SMA connectors, as are Waveguide- and yagi-style directional antennae.Ax0nhttps://www.blogger.com/profile/12145109647562469601noreply@blogger.com