New tool to crack WEP keys under GNU/Linux

Postby Master1977 » Fri Sep 10, 2004 12:56 am

devine wrote:You can't capture 802.11 frames with Ethereal on Windows. With it you'll only be able to collect useless ethernet packets. Best advice I can give you is to boot a knoppix and see if your card is supported under Linux.

I see... that explains why the traffic captured is in clear.
I tried a RedHat distro a few weeks ago but didn't seem to support my card. :(

Thanks for the help.
Master1977
Mini Stumbler
 
Posts: 9
Joined: Wed Sep 01, 2004 12:29 pm

Postby joswr1ght » Fri Sep 10, 2004 2:28 am

devine wrote:You can't capture 802.11 frames with Ethereal on Windows. With it you'll only be able to collect useless ethernet packets. Best advice I can give you is to boot a knoppix and see if your card is supported under Linux.


Try using the Auditor Security Toolkit derivation of the Knoppix distro. Auditor has been specially prepared to support a wide variety of wireless cards without any of the fuss in patching or compiling modules.

http://www.moser-informatik.ch

-Josh
-Joshua Wright
jwright@hasborg.com
http://home.jwu.edu/jwright/

Today I stumbled across the world's largest hotspot. The SSID is "linksys".


Check out the SANS advanced wireless auditing and assessment course:
Los Angeles
joswr1ght
Mini Stumbler
 
Posts: 90
Joined: Wed Sep 01, 2004 4:18 am

Postby Master1977 » Fri Sep 10, 2004 6:16 am

joswr1ght wrote:Try using the Auditor Security Toolkit derivation of the Knoppix distro. Auditor has been specially prepared to support a wide variety of wireless cards without any of the fuss in patching or compiling modules.

http://www.moser-informatik.ch

-Josh

Are we talking about Linux distros ? Never heard og Knoppix or Auditor. :confused:

It seems it can start from a bootable Cd with no installing... insteresting I'll give it a go.
Master1977
Mini Stumbler
 
Posts: 9
Joined: Wed Sep 01, 2004 12:29 pm

Postby joswr1ght » Fri Sep 10, 2004 6:29 am

Master1977 wrote:Are we talking about Linux distros ? Never heard og Knoppix or Auditor. :confused:


Yes, Linux distributions that are burned to a CD-ROM and can be used as a bootable operating system by your laptop or desktop.

Despite that this is a NetStumbler forum, the Kismet functionality provided by the Auditor distribution is far more powerful than NetStumbler, just not as user-friendly. Using a bootable Linux distribution such as Auditor to run Kismet reduces much of the complexity in using Kismet with various hardware configurations.

Many thanks to Max Moser for making Auditor available and free.

FYI - I'm working on a class for the SANS Institute that will go over the use of Kismet and the techniques used to audit wireless networks. This course will debut in New Orleans on November 1st. See http://www.sans.org/cdisouth04/description.php?tid=108 for more information. I'll be teaching this material in Washington DC on December 7th - see http://www.sans.org/cdieast04/description.php?tid=155 for more information.

-Josh
-Joshua Wright
jwright@hasborg.com
http://home.jwu.edu/jwright/

Today I stumbled across the world's largest hotspot. The SSID is "linksys".


Check out the SANS advanced wireless auditing and assessment course:
Los Angeles
joswr1ght
Mini Stumbler
 
Posts: 90
Joined: Wed Sep 01, 2004 4:18 am

Postby Master1977 » Fri Sep 10, 2004 7:43 am

buff buff :mad:

I am downloading it. Definetively want to give it a go to see what's like. Not sure if it's a bootable cdrom can you use other tools like weplab if they're not on cd ?

I'm sure your conference will be very interesting, just a bit far from London ;)
Master1977
Mini Stumbler
 
Posts: 9
Joined: Wed Sep 01, 2004 12:29 pm

Postby joswr1ght » Fri Sep 10, 2004 7:58 am

Master1977 wrote:I am downloading it. Definetively want to give it a go to see what's like. Not sure if it's a bootable cdrom can you use other tools like weplab if they're not on cd ?


It is a bootable CD and unfortunately in this version weplab and aircrack are not included. This will be remedied in the next version of the distribution (currently in progress).

You'll want to download weplab and aircrack in advance and access them after booting Auditor (either from a hard drive or a USB thumb drive or whatever). Note that the current version of Auditor has an issue with the kernel include files, which causes a problem for some tools to compile, adding further complication. :(

-Josh
-Joshua Wright
jwright@hasborg.com
http://home.jwu.edu/jwright/

Today I stumbled across the world's largest hotspot. The SSID is "linksys".


Check out the SANS advanced wireless auditing and assessment course:
Los Angeles
joswr1ght
Mini Stumbler
 
Posts: 90
Joined: Wed Sep 01, 2004 4:18 am

weplab 0.1.2-beta

Postby PoyZen » Thu Sep 23, 2004 7:03 am

I'm a newbie in linux. I tried to install weplab 0.1.2-beta on RH7.3. after ./configure finished I did: make install. after a while I got error in file wep.c in the function GetPacketBssid, line 488. can't parse before int and enother error in line 492 about "returnvalue" not being declared. what I did was (after a lot of trial by error) to open the file "wep.c" and move the line: "int returnvalue=0;" to the begining of the procedure (to line 484). it worked perfectly.

I don't know if it's a bug or just something with my PC, but anyway, for your info.
PoyZen
Mini Stumbler
 
Posts: 2
Joined: Thu Sep 23, 2004 6:45 am

Postby topolb » Sun Sep 26, 2004 11:11 pm

[quote="PoyZen"]I'm a newbie in linux. I tried to install weplab 0.1.2-beta on RH7.3. after ./configure finished I did: make install. after a while I got error in file wep.c in the function GetPacketBssid, line 488. can't parse before int and enother error in line 492 about "returnvalue" not being declared. what I did was (after a lot of trial by error) to open the file "wep.c" and move the line: "int returnvalue=0]

Yes, it is a bug. In standard ansi C, variable declarations must be before anything within the function.
However gcc use to be tolerant with this. weplab-0.1.2-beta compiles fine under my Debian with gcc 3.3.

Could you please submit the bug to http://www.sourceforge.net/projects/weplab (section bugs)? This way it is easier to me to keep track of found bugs and other people with the same problem can use a temporary fix.

I will release next version soon and this little bug will be fixed in it.

Thanks
topolb
Mini Stumbler
 
Posts: 67
Joined: Tue Jun 08, 2004 2:51 am

Postby PoyZen » Mon Sep 27, 2004 12:07 am

topolb wrote:Could you please submit the bug to http://www.sourceforge.net/projects/weplab (section bugs)?
Thanks


:) Submitted
PoyZen
Mini Stumbler
 
Posts: 2
Joined: Thu Sep 23, 2004 6:45 am

Knoppix, Auditor

Postby Master1977 » Mon Sep 27, 2004 11:27 am

Tried both these distro. None supports my card, anything else I can try to sniff packets ? :confused:

Thank you !
Master1977
Mini Stumbler
 
Posts: 9
Joined: Wed Sep 01, 2004 12:29 pm

Postby joswr1ght » Mon Sep 27, 2004 11:33 am

Master1977 wrote:Tried both these distro. None supports my card, anything else I can try to sniff packets ? :confused:

Thank you !


Knowing what your WLAN card is would be helpful here. :)

Seriously though, you should probably invest in a Prism2 wireless card, such as the NL-2511CD card from http://www.netgate.com. You can get this card with a built-in or external antenna connectors. I have the external antenna connector card with two snap-on OMNI antennas (also from Netgate at http://www.netgate.com/product_antennas.html) and it works like a champ with Kismet and a whole bunch of other fun and interesting applications.

-Josh
-Joshua Wright
jwright@hasborg.com
http://home.jwu.edu/jwright/

Today I stumbled across the world's largest hotspot. The SSID is "linksys".


Check out the SANS advanced wireless auditing and assessment course:
Los Angeles
joswr1ght
Mini Stumbler
 
Posts: 90
Joined: Wed Sep 01, 2004 4:18 am

Postby Master1977 » Mon Sep 27, 2004 12:50 pm

joswr1ght wrote:Knowing what your WLAN card is would be helpful here. :)


It's a Belkin 54G PCI.
http://catalog.belkin.com/IWCatProductPage.process?Merchant_Id=&Section_Id=201522&pcount=&Product_Id=136479

joswr1ght wrote:Seriously though, you should probably invest in a Prism2 wireless card, such as the NL-2511CD card from http://www.netgate.com. You can get this card with a built-in or external antenna connectors. I have the external antenna connector card with two snap-on OMNI antennas (also from Netgate at http://www.netgate.com/product_antennas.html) and it works like a champ with Kismet and a whole bunch of other fun and interesting applications.

-Josh


Mine's got an external antenna. I hope, anyway, to find a workaround withouth changing the card.
Master1977
Mini Stumbler
 
Posts: 9
Joined: Wed Sep 01, 2004 12:29 pm

Postby Master1977 » Tue Sep 28, 2004 10:45 am

I've managed to make my card work on knoppix. I am using the windows driver and ndiswrapper. Will that do ? can i try to capture packet with ndiswrapper ?
Master1977
Mini Stumbler
 
Posts: 9
Joined: Wed Sep 01, 2004 12:29 pm

Postby joswr1ght » Tue Sep 28, 2004 11:12 am

Master1977 wrote:I've managed to make my card work on knoppix. I am using the windows driver and ndiswrapper. Will that do ? can i try to capture packet with ndiswrapper ?


Sorry Master1977, the Windows driver doesn't support raw packet capture (monitor mode/RFMON), so it won't give you the information you need.

Unfortunately, you have a card that doesn't have very good support on Linux yet. I'd strongly recommend you pick up a Prism2 card from NetGate if you assess wireless networks with tools like Kismet and AirCrack.

-Josh
-Joshua Wright
jwright@hasborg.com
http://home.jwu.edu/jwright/

Today I stumbled across the world's largest hotspot. The SSID is "linksys".


Check out the SANS advanced wireless auditing and assessment course:
Los Angeles
joswr1ght
Mini Stumbler
 
Posts: 90
Joined: Wed Sep 01, 2004 4:18 am

HostAP and capture with Weplab

Postby chesh » Tue Oct 12, 2004 10:37 am

Hey guys, I'm using HostAP 0.0.4 (compatible with Kismet) and have been using Kismet to gather packets lately when I noticed that weplab now does a pretty good job capturing packets too. My question is, what is the best command to put my card into passive mode. I'm using a SMC 2532W-B and using the monitor set by iwpriv monitor 2. I also see there is an option 3, 4, and I believe 5. (I'm away from my lappy right now at work). Also, has anyone noticed any benefits to collecting packets with Kismet over weplab and what they would suggest to use to collect packets.

My second question is, how does one generate more packets in order to crack? I've heard talk of doing an arping or something to that extent to generate packets. Would someone post the info on how this is done, if you need two wireless adapters, or what? Thanks guys.

chesh
chesh
Mini Stumbler
 
Posts: 10
Joined: Tue Feb 10, 2004 4:56 pm

PreviousNext

Return to Unix/Linux

Who is online

Users browsing this forum: No registered users and 4 guests