Category Archives: WiFi

IT Security Brothers (

Hi guys, I would like to present you our new project IT Security Brothers
We provide pentest, consultations and IT outsourcing services.
Feel free to hire us for IT jobs.

Howto hack WPS in wi-fi networks

Install reaver from here

Install air crack tools here

Or install it from standard repo, in ubuntu like

apt-get install aircrack-ng

for the next type

find your wireless interface, in ubuntu like wlan0.
ifconfig wlan0 up

Next command airmon-ng start wlan0. It will make new interface mon0 for monitor mode.

airodump-ng -i mon0
View all around wifi networks and choose one to hack. Remember channel and mac address.

./reaver -b -c -vv

Then wait for program will find needed wpa key with pin.
It will be bruted not longer than 20 hours.

dir-320 dd-wrt link speed

Standard in the firmware dd-wrt is a function of changes in link speed (10/100 mb/s) that shit is not working!
Because with this had to search a suitable solution is found:


The only utility audit port for dir-320, which fully works. It is possible to disable / enable the ports individually, translate the port in different modes (none | disable | block | listen | learn | forward), tagging, and velocity of the interface. Similar utilities such as ethtool and mII-tooles fail (stupidly did not work).

simple usage

./robocfg port 3 media 10FD

thats make port 3 to 10 mbs. how its so easy. I'm using it because my cabble in not good.

1km link dir-320 2x

This article — the continuation of the previous how to connect two points via wifi channel.

In a previous article, there are pictures showing the two points where the approximate distance of 1 km in the line of sight. Antenna design can look in the preceding article, as well as all tehinformatsiyu.

This article will describe how to configure these 2 points on the dir-320 for the organization we need the network structure.

We need to configure the network interface to bridge between the LAN and WLAN on both routers, mk we want to organize a «local» network between 2 points. Sorts nat and others we do not need, so wan port routers dir-320 we absolutely will not need it in the firmware dd-wrt you can safely disable.

Well and, accordingly, ethernet cable will be inserted into the LAN ports of points.

Next, you need to log into the web for both routers.

On the ground. We turn to the section wifi.

Type of wireless network -> Access Point

Wireless Mode -> Mixed

Wireless Network Name (SSID) -> any

Mark — in the bridge!

Next section wifi -> expose the necessary security encryption settings of the channel.

On the second. We turn to the section wifi.

All settings are the same, except for the type of wireless network -> Repeater Bridge.

Now in the Status -> System Information can observe in the table radio connection settings, and in "Access Point & Clients quality and channel settings.

I rose up to 24 megabits.

I want to note that the signal strength in milliwatts can be increased, which will increase the signal is done in section wifi -> Advanced -> Transmitter power. Do not put more than 140 — is not very stable, I have put up 100.

So far so if something else has come up with — to supplement article!

Wi-fi or two dir-320 and nokia e51

In general, topic — the result of field tests of the relationship between the two routers, and my phone Nokia E51. The task was to establish communication at a distance of 1 km on the roofs of houses on the line of sight, before those tested in the field, maybe, to climb on theroofs of desire was not there. 

Were taken two brand routers dir-320 from MTS. However, they absolutely do not differ from those that lie on the shelves except for a white body coated with these emblems of MTS special firmware from the developers of MTS for external usb 3G modem with the distribution of wifi ...
However firmware was pulled down and installed fairly well-known dd-wrt. (
All settings are standard on both, except that the first point, acting as an access point (A), second (B) is configured as a client to the first point, so that the client connects to A and B were all on the same LAN .

One of the most important moments of entogo — Antennas.
As the antenna was chosen because of ease of Double Biquad production availability of all necessary materials.
Needed: (one antenna)
 — List of bilateral PCB 220×110
 — Copper tube 4 cm (inner diameter slightly greater than the incoming cable into it)
 — Copper wire 70 cm section of 1.5 mm
 — Cable 70 ohm, 50 cm
 — Any change in the form of plastic ties, tubes for securing the PCB design.
Manufacturing technology will not spread, it is here (
The result should this:


In this case, they made it two for two routers.
Incidentally ... a small problem faced by the majority — connectors antennas to the router. I solved this problem ... so take a piece of wire from UTP. Bare and wound onto neogolennuyu chat turn to turn in a single layer ... it should be 6.5 turns ... now this «spiral» can be worn in the preload on the «nail» in size sockets router. the second piece of wire just pulls the top slot on the router. As a result, these two pieces of wire touches the cable from the antenna.

In field tests, point A was installed in the roof, the antenna is directed toward «the most distant woods.» The second point with the same antenna and MOBILE in a field.
Raises another problem — the power point, which is with itself. For meals were taken ordinary penlight batteries 4 pcs. Nutrition is just 1.5Vh4 = 6V when necessary 5B.
Next, what I would like to achieve — to go to such a distance in the line of sight to my Nokia on could catch the signal. What's most amazing and ridiculous for me it turned out — at a distance, I could not go right, maybe more was only the forest ...
Signal for a mobile phone on it showed the very same about 5-10 SNR. When you turn on the point, it successfully connects to another, even if the lapel antenna 90 degrees ... but why then the signal shows all the time in 92 SNR that is to say the noise signal is -92 dB to 0 dB ... cannot seem to testimony ... A fully test results have not been because of not the name of the laptop to connect directly into the router ...
Now it remains for the installation and testing in the city ... ... ... ...

backup dd-wrt

Settings of such equipment is typically stored in nonvolatile memory. The devices can be found in the proc / mtd

root @ router: ~ # cat / proc / mtd
dev: size erasesize name
# Boot
mtd0: 00040000 00010000 "cfe
# Kernel
mtd1: 003b0000 00010000 "linux
# Root filesystem
mtd2: 001db400 00010000 "rootfs
# Parameters
mtd3: 00010000 00002000 "nvram
# Free partition (where I keep extra initialization scripts)
mtd4: 000f0000 00010000 «ddwrt»

Now, where do a full dump of interest to us section, and save somewhere on your computer.

# Do a dump
root @ router: ~ # dd if = / dev/mtdblock/3 of = / tmp / config.dd
128 0 records in
128 0 records out
root @ router: ~ #

# Save to your computer
yurial @ note: ~ $ scp root@ / tmp / config.dd config.dd

To restore the settings to produce the inverse operation, and reboot.

# Copy the settings from your PC to your device
yurial @ note: ~ $ scp config.dd root@ / tmp / config.dd

# Copy the settings from the dump
root @ router: ~ # dd if = / tmp / config.dd of = / dev/mtdblock/3
# Reboot
# Ps before rebooting unplug usb-connected devices
root @ router: ~ # reboot-f

In general, this way you can make a backup, not only for firmware dd-wrt, and not only on dir-320. Such a method suitable, for example, to backup iphone, or geeksphone.

PS: on my dir-320 under its own firmware before restarting I would do a sync, to make sure that all data were recorded. However, under dd-wrt I, this led to the crash.

Home automation

Home automation.

Accumulated some information from internet circuitry, controllers, various examples. As a confirmation of my small developing the project, decided to write an article ...
So we have: router dir-320 (with dd-wrt, the installation process described in the previous article about dir-320 + C), the controller ATmega8535, a small control circuit for optodriver, object management (reading lamps, power audio, home water heater), a little wires soldering iron, FREE  time.
What I would like to receive: software power management objects that feed from ~ 220 V.
Proper management of the facility as follows:
Mobile phone-> mobile browser-> wifi (mobile) -> wifi (router dir-320) -> set lightpd-> handler to perl-> uart (router) -> uart (controller mega8535) -> control signal (+5 controller) -> control signal (+5 optodrayvera) -> control signal (~ 220 optodriver) -> object management.
In this scheme can be replaced with «Mobile phone-> mobile browser-> wifi (mobile) ->» on a laptop, work PC and TP.
Also has the ability to manage through the wan port connected to the Inet Network, again by reference to lightpd.
What + this scheme:
  • No need to get out of bed for the inclusion of blackouts, TC management with a laptop or a mobile.
  • There is a possibility to saving by switch off / on the water heater, even if you're not at home — through the Net.
  • Integrated on / off devices (coming to the house, you can pre-enable such light wherever necessary. Including teapot before joining)
  • Often forget to disconnect the device from the network before leaving. This is possible at any time.
What — this scheme:
  • Maybe not quite convenient to get or keep a hand every once in a mobile phone for on/off light. But this is  solved by parallel turning optodriver with switch light.But, again, will not turn off remotely if it enabled.
  • Each device is an additional wire and a device for optodraiver. The wires need to get by secured to the wall or hide in the wall, which entails a change of wallpaper ))))) Optodriver also need to get by hiding in the socket, God forbid, if there is enough room)
  • Exception when MOBILE, laptop does not turn on the computer broke. Solved only parallel connection of a physical means of control.

Continue reading Home automation

dd-wrt backup

Settings of such equipment is typically stored in nonvolatile memory. The devices can be found in the /proc/mtd

root@router:~# cat /proc/mtd
dev:    size   erasesize  name
mtd0: 00040000 00010000 "cfe"
mtd1: 003b0000 00010000 "linux"
#root file system
mtd2: 001db400 00010000 "rootfs"
mtd3: 00010000 00002000 "nvram"
#free partition (I keep it extra initialization scripts)
mtd4: 000f0000 00010000 "ddwrt"

Now, where do a full dump of interest to us section, and save somewhere on your computer.

root@router:~# dd if=/dev/mtdblock/3 of=/tmp/config.dd
128+0 records in
128+0 records out
#store on your computer
yurial@note:~$ scp root@ config.dd

To restore the settings to produce the inverse operation, and reboot.

#copy the settings from your PC to your device
yurial@note:~$ scp config.dd root@
#copy the settings from the dump
root@router:~# dd if=/tmp/config.dd of=/dev/mtdblock/3
#ps  before rebooting, disconnect usb-connected devices
root@router:~# reboot -f

In general, this way you can make a backup, not only for firmware dd-wrt, and not only on dir-320. Such a method suitable, for example, to backup iphone, or geeksphone.

PS: on my dir-320, under my own firmware before restarting I would do a sync, to make sure that all data were recorded. However, under dd-wrt I, this led to the crash.

dir-320 + dd-wrt + gcc (compiling under dir-320)

We go on In section download firmware for dir-320 – dd-wrt.v24_usb_generic.bin (latest v24).

It is required console tftp, it is possible to establish through the manager of installation of standard applications in windows, as and in linux.

We keep in some folder under a name firmware.bin. We open the console №1, we pass in a folder where  firmware.bin, we make a command «tftp ″, we prepare a command« put firmware.bin»

We open the second console, we write and it is started «ping-f ″ (for linux)« ping 1000 ″ (for win). ICMP the answer shouldn't come back, if, of course, at a router ip not

We switch off a router power, then turn on it. It is necessary to seize that moment when there will be answers from a router in the second console. During this moment it is necessary to start in advance prepared command in the first console.

If all has passed successfully there will be a message in the first console that the firmware is successfully loaded. Otherwise we repeat above written.

It is necessary to wait burning of a light-emitting diode «status», or occurrences of a wireless network «dd-wrt» that signals that the router is booting with new firmeware successfully!

As a result we receive a router with an firmeware dd-wrt.

For the next we will need in flash drive with ext2fs. It is possible to format in any way. An example for linux Ubuntu.

# mkfs.ext2/dev/sdb1

As a result it is received flash drive with section ext2fs.

We insert it in USB router port.

We correct router options through web. Under the standard now at router IP will be In an address line of the browser we write  Login/pass – admin/admin. Further Services-> USB. To include points on «Base support USB","Support USB 1.1 (OHCI)","Support of USB-disks","Support file.system ext2/ext3 ″,« Automatic Drive Mount », others to disconnect. Assembling point«/opt». Further button" Apply ". The router reboots.

Further a tab «servicing» (penultimate). It is necessary to include «Support JFFS2. As we press point to apply. The router reboots.

Now it is necessary to come a telnet on a router.

# telnet

login/pass – root/admin.

Whether now it is necessary to check up mounted a flash drive.

# mount

If there is a point/dev/discs/disc0/part1 on/opt type ext2 (rw), means mounted.

Further we mount a folder jffs.

# mkdir/opt/jffs/

# mount-o bind/opt/jffs//jffs/

All. The system is ready to installation!!

We put optware.

# wget-O/tmp/prep_optware

# sh/tmp/prep_optware

Process long. We wait.

We load/is updated a tree of packages.
# ipkg-opt update

We put buildroot.
# ipkg install buildroot
Process as the long.

We export enviroments the necessary.
# export LD_LIBRARY_PATH =/opt/lib: $ LD_LIBRARY_PATH

All. Now it is possible to compile the programs on C.

#gcc <input file>-o <outputfile>