New tool to crack WEP keys under GNU/Linux - Page 9

Master1977 · 09-10-2004

Quote:

Originally Posted by devine

You can't capture 802.11 frames with Ethereal on Windows. With it you'll only be able to collect useless ethernet packets. Best advice I can give you is to boot a knoppix and see if your card is supported under Linux.

I see... that explains why the traffic captured is in clear.
I tried a RedHat distro a few weeks ago but didn't seem to support my card.

Thanks for the help.

joswr1ght · 09-10-2004

Quote:

Originally Posted by devine

You can't capture 802.11 frames with Ethereal on Windows. With it you'll only be able to collect useless ethernet packets. Best advice I can give you is to boot a knoppix and see if your card is supported under Linux.

Try using the Auditor Security Toolkit derivation of the Knoppix distro. Auditor has been specially prepared to support a wide variety of wireless cards without any of the fuss in patching or compiling modules.

http://www.moser-informatik.ch

-Josh

Master1977 · 09-10-2004

Quote:

Originally Posted by joswr1ght

Try using the Auditor Security Toolkit derivation of the Knoppix distro. Auditor has been specially prepared to support a wide variety of wireless cards without any of the fuss in patching or compiling modules.

http://www.moser-informatik.ch

-Josh

Are we talking about Linux distros ? Never heard og Knoppix or Auditor.

It seems it can start from a bootable Cd with no installing... insteresting I'll give it a go.

joswr1ght · 09-10-2004

Quote:

Originally Posted by Master1977

Are we talking about Linux distros ? Never heard og Knoppix or Auditor.

Yes, Linux distributions that are burned to a CD-ROM and can be used as a bootable operating system by your laptop or desktop.

Despite that this is a NetStumbler forum, the Kismet functionality provided by the Auditor distribution is far more powerful than NetStumbler, just not as user-friendly. Using a bootable Linux distribution such as Auditor to run Kismet reduces much of the complexity in using Kismet with various hardware configurations.

Many thanks to Max Moser for making Auditor available and free.

FYI - I'm working on a class for the SANS Institute that will go over the use of Kismet and the techniques used to audit wireless networks. This course will debut in New Orleans on November 1st. See http://www.sans.org/cdisouth04/description.php?tid=108 for more information. I'll be teaching this material in Washington DC on December 7th - see http://www.sans.org/cdieast04/description.php?tid=155 for more information.

-Josh

Master1977 · 09-10-2004

buff buff

I am downloading it. Definetively want to give it a go to see what's like. Not sure if it's a bootable cdrom can you use other tools like weplab if they're not on cd ?

I'm sure your conference will be very interesting, just a bit far from London

joswr1ght · 09-10-2004

Quote:

Originally Posted by Master1977

I am downloading it. Definetively want to give it a go to see what's like. Not sure if it's a bootable cdrom can you use other tools like weplab if they're not on cd ?

It is a bootable CD and unfortunately in this version weplab and aircrack are not included. This will be remedied in the next version of the distribution (currently in progress).

You'll want to download weplab and aircrack in advance and access them after booting Auditor (either from a hard drive or a USB thumb drive or whatever). Note that the current version of Auditor has an issue with the kernel include files, which causes a problem for some tools to compile, adding further complication.

-Josh

PoyZen · 09-23-2004

I'm a newbie in linux. I tried to install weplab 0.1.2-beta on RH7.3. after ./configure finished I did: make install. after a while I got error in file wep.c in the function GetPacketBssid, line 488. can't parse before int and enother error in line 492 about "returnvalue" not being declared. what I did was (after a lot of trial by error) to open the file "wep.c" and move the line: "int returnvalue=0;" to the begining of the procedure (to line 484). it worked perfectly.

I don't know if it's a bug or just something with my PC, but anyway, for your info.

topolb · 09-27-2004

Quote:

Originally Posted by PoyZen

I'm a newbie in linux. I tried to install weplab 0.1.2-beta on RH7.3. after ./configure finished I did: make install. after a while I got error in file wep.c in the function GetPacketBssid, line 488. can't parse before int and enother error in line 492 about "returnvalue" not being declared. what I did was (after a lot of trial by error) to open the file "wep.c" and move the line: "int returnvalue=0;" to the begining of the procedure (to line 484). it worked perfectly.

I don't know if it's a bug or just something with my PC, but anyway, for your info.

Yes, it is a bug. In standard ansi C, variable declarations must be before anything within the function.
However gcc use to be tolerant with this. weplab-0.1.2-beta compiles fine under my Debian with gcc 3.3.

Could you please submit the bug to www.sourceforge.net/projects/weplab (section bugs)? This way it is easier to me to keep track of found bugs and other people with the same problem can use a temporary fix.

I will release next version soon and this little bug will be fixed in it.

Thanks

PoyZen · 09-27-2004

Quote:

Originally Posted by topolb

Could you please submit the bug to www.sourceforge.net/projects/weplab (section bugs)?
Thanks

Submitted

Master1977 · 09-27-2004

Tried both these distro. None supports my card, anything else I can try to sniff packets ?

Thank you !

joswr1ght · 09-27-2004

Quote:

Originally Posted by Master1977

Tried both these distro. None supports my card, anything else I can try to sniff packets ?

Thank you !

Knowing what your WLAN card is would be helpful here.

Seriously though, you should probably invest in a Prism2 wireless card, such as the NL-2511CD card from www.netgate.com. You can get this card with a built-in or external antenna connectors. I have the external antenna connector card with two snap-on OMNI antennas (also from Netgate at http://www.netgate.com/product_antennas.html) and it works like a champ with Kismet and a whole bunch of other fun and interesting applications.

-Josh

Master1977 · 09-27-2004

Quote:

Originally Posted by joswr1ght

Knowing what your WLAN card is would be helpful here.

It's a Belkin 54G PCI.
http://catalog.belkin.com/IWCatProdu...duct_Id=136479

Quote:

Originally Posted by joswr1ght

Seriously though, you should probably invest in a Prism2 wireless card, such as the NL-2511CD card from www.netgate.com. You can get this card with a built-in or external antenna connectors. I have the external antenna connector card with two snap-on OMNI antennas (also from Netgate at http://www.netgate.com/product_antennas.html) and it works like a champ with Kismet and a whole bunch of other fun and interesting applications.

-Josh

Mine's got an external antenna. I hope, anyway, to find a workaround withouth changing the card.

Master1977 · 09-28-2004

I've managed to make my card work on knoppix. I am using the windows driver and ndiswrapper. Will that do ? can i try to capture packet with ndiswrapper ?

joswr1ght · 09-28-2004

Quote:

Originally Posted by Master1977

I've managed to make my card work on knoppix. I am using the windows driver and ndiswrapper. Will that do ? can i try to capture packet with ndiswrapper ?

Sorry Master1977, the Windows driver doesn't support raw packet capture (monitor mode/RFMON), so it won't give you the information you need.

Unfortunately, you have a card that doesn't have very good support on Linux yet. I'd strongly recommend you pick up a Prism2 card from NetGate if you assess wireless networks with tools like Kismet and AirCrack.

-Josh

chesh · 10-12-2004

Hey guys, I'm using HostAP 0.0.4 (compatible with Kismet) and have been using Kismet to gather packets lately when I noticed that weplab now does a pretty good job capturing packets too. My question is, what is the best command to put my card into passive mode. I'm using a SMC 2532W-B and using the monitor set by iwpriv monitor 2. I also see there is an option 3, 4, and I believe 5. (I'm away from my lappy right now at work). Also, has anyone noticed any benefits to collecting packets with Kismet over weplab and what they would suggest to use to collect packets.

My second question is, how does one generate more packets in order to crack? I've heard talk of doing an arping or something to that extent to generate packets. Would someone post the info on how this is done, if you need two wireless adapters, or what? Thanks guys.

chesh

09-23-2004	#127 (permalink)
PoyZen Registered Member Join Date: Sep 2004 Posts: 2	weplab 0.1.2-beta I'm a newbie in linux. I tried to install weplab 0.1.2-beta on RH7.3. after ./configure finished I did: make install. after a while I got error in file wep.c in the function GetPacketBssid, line 488. can't parse before int and enother error in line 492 about "returnvalue" not being declared. what I did was (after a lot of trial by error) to open the file "wep.c" and move the line: "int returnvalue=0;" to the begining of the procedure (to line 484). it worked perfectly. I don't know if it's a bug or just something with my PC, but anyway, for your info.

09-27-2004	#130 (permalink)
Master1977 Registered Member Join Date: Sep 2004 Posts: 9	Knoppix, Auditor Tried both these distro. None supports my card, anything else I can try to sniff packets ? Thank you !

10-12-2004	#135 (permalink)
chesh Registered Member Join Date: Feb 2004 Posts: 10	HostAP and capture with Weplab Hey guys, I'm using HostAP 0.0.4 (compatible with Kismet) and have been using Kismet to gather packets lately when I noticed that weplab now does a pretty good job capturing packets too. My question is, what is the best command to put my card into passive mode. I'm using a SMC 2532W-B and using the monitor set by iwpriv monitor 2. I also see there is an option 3, 4, and I believe 5. (I'm away from my lappy right now at work). Also, has anyone noticed any benefits to collecting packets with Kismet over weplab and what they would suggest to use to collect packets. My second question is, how does one generate more packets in order to crack? I've heard talk of doing an arping or something to that extent to generate packets. Would someone post the info on how this is done, if you need two wireless adapters, or what? Thanks guys. chesh

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

09-10-2004	#125 (permalink)
Master1977 Registered Member Join Date: Sep 2004 Posts: 9	buff buff I am downloading it. Definetively want to give it a go to see what's like. Not sure if it's a bootable cdrom can you use other tools like weplab if they're not on cd ? I'm sure your conference will be very interesting, just a bit far from London

09-28-2004	#133 (permalink)
Master1977 Registered Member Join Date: Sep 2004 Posts: 9	I've managed to make my card work on knoppix. I am using the windows driver and ndiswrapper. Will that do ? can i try to capture packet with ndiswrapper ?