Difference between pages "KisMAC" and "JTAG Forensics"

From Forensics Wiki
(Difference between pages)
Jump to: navigation, search
 
 
Line 1: Line 1:
KisMAC is a free, open source wireless stumbling and security tool for Mac OS X.
+
== Definition ==
 +
=== From Wikipedia ([http://en.wikipedia.org/wiki/Joint_Test_Action_Group http://en.wikipedia.org/wiki/Joint_Test_Action_Group ]): ===
  
== Overview ==
+
Joint Test Action Group (JTAG) is the common name for what was later standardized as the IEEE 1149.1 Standard Test Access Port and Boundary-Scan Architecture. It was initially devised for testing printed circuit boards using boundary scan and is still widely used for this application. Today JTAG is also widely used for IC debug ports. In the embedded processor market, essentially all modern processors support JTAG when they have enough pins. Embedded systems development relies on debuggers talking to chips with JTAG to perform operations like single stepping and breakpointing. Digital electronics products such as cell phones or a wireless access point generally have no other debug or test interfaces.
* Uses monitor mode and passive scanning
+
* KisMAC supports many third party USB devices: Intersil Prism2, Ralink rt2570, rt73, and Realtek rtl8187 chipsets. All of the internal AirPort hardware is supported for scanning
+
  
== Features ==
+
=== Forensic Application ===
  
* Reveals hidden / cloaked / closed SSIDs
+
JTAG forensics is an acquisition procedure which involves connecting to the Standard Test Access Port (TAPs) on a device and instructing the processor to transfer the raw data stored on connected memory chips. Jtagging supported phones can be an extremely effective technique to extract a full physical image from devices that cannot be acquired by other means.
* Shows logged in clients (with MAC Addresses, IP addresses and signal strengths)
+
* Mapping and GPS support
+
* Can draw area maps of network coverage
+
* PCAP import and export
+
* Support for 802.11b/g
+
* Different attacks against encrypted networks
+
* De-authentication attacks
+
* AppleScript-able
+
* Kismet drone support (capture from a Kismet drone)
+
  
== Supported hardware chipsets ==
+
== Tools and Equipment ==
* Apple AirPort and AirPort Extreme (dependent upon Apple's drivers)
+
* Intersil Prism 2, 2.5, 3 USB devices
+
* Ralink rt2570 and rt73 USB devices
+
* Realtek RTL8187L USB (such as the Alfa AWUS036H, which does not work on Mac OS 10.6.7 or later)
+
  
== Crypto support ==
+
* [[JTAG and Chip-Off Tools and Equipment]]
* Bruteforce attacks against LEAP, WPA and WEP
+
* Weak scheduling attack against WEP
+
* Newsham 21-bit attack against WEP
+
  
== Links ==
+
== Procedures ==
* [http://kismac-ng.org/ KisMAC official page]
+
  
[[Category:Network Forensics]]
+
* [[JTAG HTC Wildfire S]]
 +
* [[JTAG LG P930]]
 +
* [[JTAG Samsung Galaxy S4 (SGH-I337)]]

Revision as of 22:23, 17 August 2013

Contents

Definition

From Wikipedia (http://en.wikipedia.org/wiki/Joint_Test_Action_Group ):

Joint Test Action Group (JTAG) is the common name for what was later standardized as the IEEE 1149.1 Standard Test Access Port and Boundary-Scan Architecture. It was initially devised for testing printed circuit boards using boundary scan and is still widely used for this application. Today JTAG is also widely used for IC debug ports. In the embedded processor market, essentially all modern processors support JTAG when they have enough pins. Embedded systems development relies on debuggers talking to chips with JTAG to perform operations like single stepping and breakpointing. Digital electronics products such as cell phones or a wireless access point generally have no other debug or test interfaces.

Forensic Application

JTAG forensics is an acquisition procedure which involves connecting to the Standard Test Access Port (TAPs) on a device and instructing the processor to transfer the raw data stored on connected memory chips. Jtagging supported phones can be an extremely effective technique to extract a full physical image from devices that cannot be acquired by other means.

Tools and Equipment

Procedures