Wifislax 4.0 beta is a GNU/Linux distribution focused on security auditing, particularly wireless security, network vulnerability, and pentesting. It includes numerous tools for auditing, such as Kismet, Aircrack-ng, and Wireshark, along with support for various wireless chipsets and the ability to run as a live CD/DVD/USB. The distribution aims to improve wireless security practices and promote new security standards while being user-friendly for those less familiar with Linux.

1. WiFiSlax 4.0 beta
Advances and improvements
Congreso de Seguridad ~ Rooted CON’2010

2. What was?
• Focused on Wireless Audit
• Latest tools for Wireless Audit
• Drivers of the most common chipsets in our
laptops (innovating with packet injection support)
• Ease of use for the uninitiated in GNU/Linux
• Launchers and GUI tools
• Basic help in spanish
Congreso de Seguridad ~ Rooted CON’2010 2

3. WiFiSlax 4.0 beta
Congreso de Seguridad ~ Rooted CON’2010 3

4. What?
• GNU/Linux distribution
• Debian Stable based
• Nowadays, not only Wireless Security:
/NETWORK VULNERABILITY & PENTESTING
/BLUETOOTH /RFID /IRDA /SERIAL PORT /CRACKING
/REVERSING /FORENSIC
• Compatible with other system
• GRUB as boot loader
Congreso de Seguridad ~ Rooted CON’2010 4

5. What?
• Live CD/DVD/USB
• Kernel 2.6.32.5 SMP
• KDE 3.5.10|¿KDE 4?
– Compiz Fusion included
– Drivers ATI / Drivers NVIDIA
• Automount new drives
– RO/RW over NTFS, HFS and NAS
• Automount new devices
– Wireless devices / mouse / etc
Congreso de Seguridad ~ Rooted CON’2010 5

6. Which support?
• Ease of use regardless of driver
• Launch GUI:
– Broadcom bcm43xx
– Intel IPW2200, IPW3945, IPW4965
– Ralink rt2570, rt73
– Prism, Prism2
– Realtek rt8180/rt8185, rt8187
– Atheros mode managed, monitor, master
• Problems with your chipset?
– usbview, lsusb, lspci, dmesg, etc...
Congreso de Seguridad ~ Rooted CON’2010 6

7. Which support?
 Prism54
 IPW2100
 Madwifi-ng
 IPW2200
 Wlan-ng
 IPW3945
 HostAP
 IPW4965
 Ralink rt2570
 Intel WiFi Link 5X000
 Ralink rt61
 Zydas ZD1201
 Ralink rt73
 Zydas ZD1211rw
 Ralink rt2X00
 Zydas ZD1211b
 Ralink rt2860
 Realtek rtl8180
 Ralink rt2870
 Realtek rtl8185
 Ralink rt8187
 Realtek rtl8187B/L
 Ralink rt3070
 Atheros AR5007EG
 Broadcom
Congreso de Seguridad ~ Rooted CON’2010 7

8. What included?
• Konqueror 3.5.9
• Iceweasel 3.6
– NoScript
– Live HTTP headers
– ShowIP
– Tamper Data
– Firebug
– HackBar
– etc
Congreso de Seguridad ~ Rooted CON’2010 8

9. What include?
• Audit & security tools
• Wireless chipsets for auditing & pentesting
• Wireless tools
– Kismet, machanger, aircrack-ng, aircrack-ptw, etc
• Cryptanalysis tools (WEP/WPA/WPA2, cookie
entropy, etc)
Congreso de Seguridad ~ Rooted CON’2010 9

10. What included?
• Wi-Spy
– Channels spectrum analyzer
Congreso de Seguridad ~ Rooted CON’2010 1
0

11. Aircrack-ng-patch
• Anticipating the next speaker:
• WiFiSlax 4.0 is the only distribution that is not
vulnerable to 0-day of Airodump-ng 1.0
[No more details, yet]
– Thanks to Iñaki L. ;-)
Congreso de Seguridad ~ Rooted CON’2010 1
1

12. What included?
• More audit tools:
– Zenmap
– Wireshark
– ettercap
– asleap
– Scapy
– Etc.
Congreso de Seguridad ~ Rooted CON’2010 1
2

13. What included?
• wesside-ng
– Automatic cracking WEP
• WifiZoo v1.3
– WEP/WPA support (only in WiFiSlax 4)
Congreso de Seguridad ~ Rooted CON’2010 1
3

14. Other attacks
• Karma
• Airbase-ng
• Fake APs (MitM and hirte attack) auto-connect for
Windows & MacOS clients & ¿mobile devices? ;-)
Congreso de Seguridad ~ Rooted CON’2010 1
4

15. What included?
• Bluetooth support:
• airotooth.sh
• Bluetooth Sniffing
• BTSniff for chipsets CSR BC4 Flash/RAM
• BTCrack for Linux
Congreso de Seguridad ~ Rooted CON’2010 1
5

16. What included?
• RFID tools: • IrDA & Serial port:
• 3-G support:
• Vodafone 
• Yoigo 
• Movistar ?
Congreso de Seguridad ~ Rooted CON’2010 1
6

17. What included?
• Cracking: • Reversing:
Congreso de Seguridad ~ Rooted CON’2010 1
7

18. What included?
• Forensic:
Congreso de Seguridad ~ Rooted CON’2010 1
8

19. What included?
• Recomposition of TCP sessions:
• airdecap-ng
• Form Fields without SSL encryption
• Uncipher, WEP, WPA, WPA2 connections
• Xplico
– Data mining and network forensic
• Wireshark
• Uncipher, WEP and WPA connections
• VoIP
Congreso de Seguridad ~ Rooted CON’2010 1
9

20. What included?
• Karmetasploit
• Rogue AP attacks for e-mail and web password
interception, cookie stealing and insecure services
(POP3, FTP, SMB, etc)
• Lorcon
• Packet injection library for IEEE 802.11
• Lorcon2
• Packet and shellcode injection with Metasploit
Congreso de Seguridad ~ Rooted CON’2010 2
0

21. What included?
• Network security & Information gathering:
Congreso de Seguridad ~ Rooted CON’2010 2
1

22. What included?
• DNS: • WEB:
…and DioNiSio
Congreso de Seguridad ~ Rooted CON’2010 2
2

23. What do you expect?
• For n-th time:
WEP IS INSECURE BY DESING!
– Vendors such as Ubiquiti don’t support
• Forget poorly implemented ciphers
– Don't exist strong passwords
– Security must be transparent for the user
Congreso de Seguridad ~ Rooted CON’2010 2
3

24. What do you expect?
• Efficient alternative to another distributions
• Abandon WEP and WPA
• Improving wireless security
• Automate and collect audit tools
• Promote new security standards
• Fostering interest in security
Congreso de Seguridad ~ Rooted CON’2010 2
4

25. Updates?
• Update packages :
– apt-get / aptitude
• WiFiSlax 4.0 repository:
– Valid for all Debian
Congreso de Seguridad ~ Rooted CON’2010 2
5

26. Who?
• Staff elhacker.net ?
• Staff Seguridadwireless.net ?
pers
ve l o g s
of de thin
roup make and
ght g w to
ry ti ho
A ve know se, effe ctive
•
who r, conci
clea ient.
effic
Congreso de Seguridad ~ Rooted CON’2010 2
6

27. Where?
• WiFiSlax.com
Oficial Webpage: http://www.wifislax.com/
• WiFiSlax @ LinkedIn
Oficial Group:
http://www.linkedin.com/groups?gid=2066315
Congreso de Seguridad ~ Rooted CON’2010 2
7

28. Questions?
• Thanks to:
– SeguridadWireless.net
– BrutalSec.net
– …anyone wishing to include
their tools! 
Congreso de Seguridad ~ Rooted CON’2010 2
8

29. www.wifislax.com
Sergio González
Congreso de Seguridad ~ Rooted CON’2010