billyblue

So there's a bit about KisMAc in a couple other threads, but I wanted to start one and ask people who have been using it for input, feedback etc.


I've been testing the 0.02f version that has WEP cracking capability on Jag 10.2.3 with some fun results so far.

I've been busy also installing ethereal so I can read the passive sniffing pasket logs that it saves, fun fun!


Anyone tried the "No SleepMode" yet ?

So what do you all think of KisMAC?


bb

dcnigma

i just donwload it din´t try on a net.

but is it normal that the airport shut donw?

Greetz Dc nigma

billyblue

Yes that is normal, the driver they use to put the card into use for passive monitoring currrently doens'y allow you to do anything else while you are sniffing/stumbling. You have to quit KisMac and if it that doesn't work (which it doesn't always), use the Viha driver tool (included in the earlier versions) which will allow you to unload the driver.

And if all that fails just restart you machine.


bb

Cel

I just downloaded it, but I cant get it to find my personal home network. MacStumbler found it right as I started my first scan.

Im running OS X, anyone have any hints?

billyblue

All I can think of is obvious things:

Have you checked the prefs and set it to Enable channel hopping and selected ALL channels?

Thats all I can think of.

bb

Cel

Billy - Yeah man, I actually found on my own jacked up timeline that I didnt have channel hopping enabled.

Thanks for the solution anyway!

livio

Kismac is working fine here on my old ibook G3. I've tried WEP cracking, but notting happened as there were no weak packets on my Apple Airport network...

billyblue

Extraneous Software has released v 0.56 of the Viha Controller a pref pane to unload and load the viha drivers to pit your apple airport card into promiscous mode.

I haven't played with it yet, but will soon.


site:
http://extraneous.us/software/vihacontroller/index.htm

driver:
http://extraneous.us/download/vihapane-056.tgz

source:
http://extraneous.us/download/vihapane-source-055.tgz


bb

billyblue

KisMAC 0.3a released today with some improvements:

0.03a 01-15-2003

* bugfixes
* MacJack Driver for prism2 cards and active attacks
* ssid discovery for cloaked networks
* an active attack (for studies)
* a couple of visual changes by Michael Thole
* another weak packet algorithm (pre-alpha)


KisMAC has now a mailing list for developers, testers and generally interested. You can join the list by sending an e-mail to kismac-request@freelists.org with the subject "subscribe".


bb

cyphz0r

I like it, but the WEP stuff is always grayed out so I can't select it, was curious to see how long it took to crack my WEP.

billyblue

The WEP cracking menu items only come on after you receive some weak frames... from the site:


Why are the crack menus disabled, is it not supported in anymore KisMAC?

The crack menu will be enabled, automatically, whenever it makes sense. You will need to gather a couple of weak packets to enable it.


Why do you not support cracking of 128bit or 64 bit keys?

Because you do not understand too much of WEP, do you? We just do not follow the marketing gag of most wireless companies. Their key 128bit key is a 104bit secret key plus a 24 bit iv, which is submitted in plain text. The same applies to 64bit. However there are the occasional good apples, nokia for an example has 128 bit + 24 bit iv, but we do not have any hardware to test the algorithms on them.


How many weak keys do I need to crack WEP?

Tough question. That is statistics. Each weak packet can revel one certain byte of the key. Depending on the key, the data and the initialization vector we can only determine the key byte with a certain probability (about 5%). In theory you will need only 5 weak packets for a 40 bit-Key, however the practical number is normally about 500-1000 times higher.


Why does my network not generate weak frames?

Weak initialization vectors are not evenly distributed over the key space, therefore you just might have bad luck. There are not many weak initialization vectors anyways, way less than 0.01% are interesting. However there might be another reason: (un)fortunately the WiFi-industry reacted to the problem. Some newer card do not generate weak frames anymore. Particularly the Lucent cards are affected.


bb

billyblue

Well after beta testing for the last couple weeks, the new version has been unleashed...


http://www.binaervarianz.de/projekte...mieren/kismac/

Direct Download:

http://www.binaervarianz.de/projekte...MAC004a.dmg.gz

damage

I love this program !!! the only problem I have is when using pc cards I enable the macjack driver and it complains that it can't load and offers me the chance to retry so if I remove and install the card it then loads fine.

mick

looks like you have another driver loaded. like ioexperts or the wireless sourceforge driver.

damage

nope made sure no other drivers were loaded