User Tools

Site Tools


faq

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
faq [2016/07/18 01:55]
mister_x [Where can I find good wordlists ?] Added password list
faq [2018/02/25 02:26] (current)
mister_x Added some useful FAQ entries from Wireshark
Line 6: Line 6:
 ===== What is the best wireless card to buy ?  ===== ===== What is the best wireless card to buy ?  =====
  
-Which card to purchase is a hard question to answer. ​ Each person'​s criteria is somewhat different, such as one may require 802.11n capability, or may require it to work via virtualisation.  However, having said that, if money is not a constraint then the following cards are considered the best in class:+Which card to purchase is a hard question to answer. ​ Each person'​s criteria is somewhat different, such as one may require 802.11n capability, or may require it to work via virtualization.  However, having said that, if money is not a constraint then the following cards are considered the best in class:
  
   * Alfa AWUS036H [b/g USB]   * Alfa AWUS036H [b/g USB]
Line 12: Line 12:
   * Ubiquiti SRX [a/b/g ExpressCard]   * Ubiquiti SRX [a/b/g ExpressCard]
   * Airpcap series [USB]   * Airpcap series [USB]
-  * TP-Link TL-WN722N [b/g/n USB]+  * TP-Link TL-WN722N ​v1 [b/g/n USB] - Beware, if version is not specified by vendor, it is **NOT** v1 
 +  * Alfa AWUS036NHA ​[b/g/n USB]
   * Alfa AWUS051NH v2 [a/b/g/n USB]   * Alfa AWUS051NH v2 [a/b/g/n USB]
 +  * MiniPCIe: anything that uses [[https://​wikidevi.com/​wiki/​Ath9k|ath9k]],​ especially AR92xx and AR93xx (ability to do [[https://​wireless.wiki.kernel.org/​en/​users/​drivers/​ath9k/​spectral_scan|spectral scan]])
  
 If money is a constraint then consider purchasing a card with a RTL8187L or Atheros chipset, also read [[compatibility_drivers#​which_is_the_best_card_to_buy|this]] first before purchasing. There are many available on the market for fairly low prices. ​ You are simply trading off distance, sensitivity and performance for cost. If money is a constraint then consider purchasing a card with a RTL8187L or Atheros chipset, also read [[compatibility_drivers#​which_is_the_best_card_to_buy|this]] first before purchasing. There are many available on the market for fairly low prices. ​ You are simply trading off distance, sensitivity and performance for cost.
Line 27: Line 29:
  
 The [[links]] page also generic wireless information and tutorials. The [[links]] page also generic wireless information and tutorials.
 +
 +===== Any GPS recommendation ?  =====
 +
 +The following 2 devices have been tested and work fine:
 +
 +  * BU-353
 +  * NL-402U USB
 +
 +However, anything that is [[http://​www.catb.org/​gpsd/​hardware.html|compatible with GPSd]] will work. 
  
 ===== "​command not found" error message ​ ===== ===== "​command not found" error message ​ =====
Line 77: Line 88:
     * ftp://​ftp.openwall.com/​pub/​wordlists/​     * ftp://​ftp.openwall.com/​pub/​wordlists/​
     * http://​www.openwall.com/​mirrors/​     * http://​www.openwall.com/​mirrors/​
-    ​http://ftp.sunet.se/pub/security/tools/net/​Openwall/​wordlists+  ​GitHub 
-  ftp://ftp.ox.ac.uk/pub/wordlists/+    * https://github.com/danielmiessler/SecLists/tree/master/Passwords 
 +    https://github.com/berzerk0/Probable-Wordlists 
 +    * https://​github.com/search?​q=wordlist
   * http://​gdataonline.com/​downloads/​GDict/​   * http://​gdataonline.com/​downloads/​GDict/​
-  * http://​www.theargon.com/​achilles/​wordlists/​ 
-  * http://​theargon.com/​achilles/​wordlists/​theargonlists/​ 
   * ftp://​ftp.cerias.purdue.edu/​pub/​dict/​   * ftp://​ftp.cerias.purdue.edu/​pub/​dict/​
   * http://​www.outpost9.com/​files/​WordLists.html   * http://​www.outpost9.com/​files/​WordLists.html
-  * http://​www.securinfos.info/​wordlists_dictionnaires.php 
   * http://​www.vulnerabilityassessment.co.uk/​passwords.htm   * http://​www.vulnerabilityassessment.co.uk/​passwords.htm
   * http://​packetstormsecurity.org/​Crackers/​wordlists/​   * http://​packetstormsecurity.org/​Crackers/​wordlists/​
   * http://​www.ai.uga.edu/​ftplib/​natural-language/​moby/​   * http://​www.ai.uga.edu/​ftplib/​natural-language/​moby/​
-  * http://​www.insidepro.com/​eng/​download.shtml 
-  * http://​www.word-list.com/​ 
   * http://​www.cotse.com/​tools/​wordlists1.htm   * http://​www.cotse.com/​tools/​wordlists1.htm
   * http://​www.cotse.com/​tools/​wordlists2.htm   * http://​www.cotse.com/​tools/​wordlists2.htm
-  * http://​wordlist.sourceforge.net/ +  * http://​wordlist.aspell.net/ 
-  * https://github.com/danielmiessler/​SecLists/​tree/​master/​Passwords +  * https://darkz0ne.net/wordlists
- +
-==== Build your own ==== +
- +
-Here are a few resources to build your own lists. ​ There are many, many more available if you search the Internet. +
- +
-  *[[https://​code.goto10.org/​svn/​unpacked/​sh/​etemenanki/​etemenanki.sh|Etemenanki]] is a shell script that "​builds word dictionaries based on remote and local (hyper)text repositories"​. +
-  *[[http://​awlg.org/​index.gen|Associative Word List Generator]] allows you to build custom lists based on a "​root"​ word. +
-  *[[http://​forum.aircrack-ng.org/​index.php?​topic=4580.0|Password Generator]] is a program that generates all the variations of a string of characters based on the length of the string. +
-  *[[http://​forum.aircrack-ng.org/​index.php?​topic=4877.msg27435#​msg27435|Password Generator]] is a program that goes through standard and arbitrary permutations of strings. +
-  * [[http://​forums.remote-exploit.org/​programming/​26847-coding-bruteforce-dictionary-generator.html|BackTrack thread]] regarding bruteforce dictionary generators.+
  
 ===== How do I recover my WEP/WPA key in windows ? ===== ===== How do I recover my WEP/WPA key in windows ? =====
Line 602: Line 600:
   * stty columns 86   * stty columns 86
   * stty rows 39   * stty rows 39
 +
 +=====How much does Aircrack-ng cost?=====
 +
 +Aircrack-ng is "free software";​ you can download it without paying any license fee. The version of Aircrack-ng you download isn't a "​demo"​ version, with limitations not present in a "​full"​ version; it is the full version.
 +The license under which Aircrack-ng is issued is mostly the GNU General Public License version 2. See the GNU GPL FAQ for some more information. ​
 +
 +You may also want to check out the OpenSSL license included in our source code download.
 +
 +=====But I just paid someone on eBay for a copy of Aircrack-ng! Did I get ripped off?=====
 +
 +That depends. Did they provide any sort of value-added product or service, such as installation support, installation media, training, trace file analysis, or funky-colored socks? Probably not.
 +Aircrack-ng is available for anyone to download, absolutely free, at any time. Paying for a copy implies that you should get something for your money.
 +
 +=====Can I use Aircrack-ng commercially?​=====
 +
 +Yes, if, for example, you mean "I work for a commercial organization;​ can I use Aircrack-ng to capture and asses WiFi network security in our company'​s networks or in our customer'​s networks?"​
 +
 +If you mean "Can I use Aircrack-ng as part of my commercial product?",​ see the next entry in the FAQ.
 +
 +=====Can I use Aircrack-ng as part of my commercial product?​=====
 +
 +As noted, Aircrack-ng is licensed under the GNU General Public License, version 2. The GPL imposes conditions on your use of GPL'ed code in your own products; you cannot, for example, make a "​derived work" from Aircrack-ng,​ by making modifications to it, and then sell the resulting derived work and not allow recipients to give away the resulting work. You must also make the changes you've made to the Aircrack-ng source available to all recipients of your modified version; those changes must also be licensed under the terms of the GPL. See the GPL FAQ for more details; in particular, note the answer to the question about modifying a GPLed program and selling it commercially,​ and the question about linking GPLed code with other code to make a proprietary program.
 +You can combine a GPLed program such as Aircrack-ng and a commercial program as long as they communicate "at arm's length",​ as per this item in the GPL FAQ.
 +
 +We recommend keeping Aircrack-ng and your product completely separate.
 +
 +You may also want to check out the OpenSSL license included in our source code download.
 +
faq.1468799710.txt.gz · Last modified: 2016/07/18 01:55 by mister_x