Category Archives: brute force

How is WPA2 cracked

Since a while, I have been wanting to get into some wifi hacking. It looks like this is one of the skill that everybody would like to get. Just be able to get any wifi, anywhere you are. Well, maybe that was true some years ago, I am not sure this is still so easy today. Still, I wanted to get into it and try by myself. Mainly, I wanted to understand how it was possible to crack some wifi. By asking your favorite search engine about cracking wifi, you might run into a lot of tutorials showing you which commands to copy and past in kali linux in order to start hoping you might crack some wifi around you. But, beside this empowering feeling you get when learning to hack wifi, what is more interesting is how is it possible to crack a wifi network, and where is the security flaw. What is the magics that the aircrack-ng suite is relying on? Let’s take a look at it. Continue reading

Brute force JSON web token with python

JSON web token (JWT) is a standard defined for the use of secure transmission of information (https://jwt.io/introduction) between parties, using a JSON object. The information transmitted can be trusted since it is digitally signed by the server with a hashing algorithm and a key. JWT is signed using the HMAC algorithm together with a password or a public/private key using RSA. It is used when creating a session, for example, of a client on a web server. Continue reading