http://www.aircrack-ng.org/ 2009-11-04T21:39:02+01:00 http://www.aircrack-ng.org/ http://www.aircrack-ng.org/lib/images/favicon.ico text/html 2009-10-16T02:20:30+01:00 Daniel Kozar http://www.aircrack-ng.org/doku.php?id=b43&rev=1255652430 b43 is the new driver for wireless cards with Broadcom chipsets. It performs quite well in terms of monitoring and injection, although it has no support for the 802.11a wireless band. b43 is a mac80211 driver, so it requires at least Aircrack-ng 1.0-rc1. text/html 2009-10-16T02:16:19+01:00 Daniel Kozar http://www.aircrack-ng.org/doku.php?id=compat-wireless&rev=1255652179 Compat-wireless is a package which contains the development versions (pulled from the kernel's git repository) of the in-kernel wireless drivers and the mac80211 wireless stack. New packages are released pretty much every day. This package is mentioned quite often on the forums and the IRC channel because using it is very convenient. You can think of it (in fact, you should) as a sized-down version of the kernel tree, a one that contains only the sources of the wireless drivers and the wireless… text/html 2009-10-14T16:02:50+01:00 darkAudax http://www.aircrack-ng.org/doku.php?id=airtun-ng&rev=1255528970 Description Airtun-ng is a virtual tunnel interface creator. There are two basic functions: * Allow all encrypted traffic to be monitored for wireless Intrusion Detection System (wIDS) purposes. * Inject arbitrary traffic into a network. In order to perform wIDS data gathering, you must have the encryption key and the bssid for the network you wish to monitor. Airtun-ng decrypts all the traffic for the specific network and passes it to a traditional IDS system such as snort. text/html 2009-10-12T21:45:07+01:00 darkAudax http://www.aircrack-ng.org/doku.php?id=aircrack-ng&rev=1255376707 Description Aircrack-ng is an 802.11 WEP and WPA/WPA2-PSK key cracking program. Aircrack-ng can recover the WEP key once enough encrypted packets have been captured with airodump-ng. This part of the aircrack-ng suite determines the WEP key using two fundamental methods. The first method is via the PTW approach (Pyshkin, Tews, Weinmann). The default cracking method is PTW. This is done in two phases. In the first phase, aircrack-ng only uses ARP packets. If the key is not found, then it … text/html 2009-10-11T16:29:47+01:00 darkAudax http://www.aircrack-ng.org/doku.php?id=hirte&rev=1255271387 Description The Hirte attack is a client attack which can use any IP or ARP packet. It extends the Cafe Latte attack by allowing any packet to be used and not be limited to client ARP packets. The following describes the attack in detail. The basic idea is to generate an ARP request to be sent back to the client such that the client responds. text/html 2009-10-11T16:29:14+01:00 darkAudax http://www.aircrack-ng.org/doku.php?id=cafe-latte&rev=1255271354 Description The Cafe Latte attack allows you to obtain a WEP key from a client system. Briefly, this is done by capturing an ARP packet from the client, manipulating it and then send it back to the client. The client in turn generates packets which can be captured by airodump-ng. Subsequently, aircrack-ng can be used to determine the WEP key. text/html 2009-10-11T16:28:31+01:00 darkAudax http://www.aircrack-ng.org/doku.php?id=fake_authentication&rev=1255271311 Description The fake authentication attack allows you to perform the two types of WEP authentication (Open System and Shared Key) plus associate with the access point (AP). This is useful is only useful when you need an associated MAC address in various aireplay-ng attacks and there is currently no associated client. It should be noted that the fake authentication attack does NOT generate any ARP packets. Fake authentication cannot be used to authenticate/associate with WPA/WPA2 Access Poin… text/html 2009-10-11T16:24:09+01:00 darkAudax http://www.aircrack-ng.org/doku.php?id=airbase-ng&rev=1255271049 Description This documentation is still under development. There is quite a bit more work to be done on this documentation. Please post any comments or suggestions to this thread in the Forum. Airbase-ng is multi-purpose tool aimed at attacking clients as opposed to the Access Point (AP) itself. Since it is so versatile and flexible, summarizing it is a challenge. Here are some of the feature highlights: text/html 2009-10-11T15:51:55+01:00 darkAudax http://www.aircrack-ng.org/doku.php?id=install_drivers&rev=1255269115 Linux As of now, Aireplay-ng only supports injection on Prism2, PrismGT (FullMAC), Atheros, Broadcom (with the b43 driver), RTL8180, RTL8187, Ralink, ACX1xx and Zydas. Injection on Hermes, Aironet and Marvell is not supported because of firmware and/or driver limitations. text/html 2009-10-11T15:22:07+01:00 darkAudax http://www.aircrack-ng.org/doku.php?id=r8187&rev=1255267327 The r8187 driver works properly for the Realtek RTL8187L chipset. Support for the RTL8187B chipset is under development but is not fully working. See r8187b for the RTL8187B ieee80211 driver. This page only deals with the ieee80211 version of the r8187 driver. For the mac80211 rtl8187 version see the rtl8187 page. To understand the differences, see mac80211 versus ieee80211 stacks write-up. text/html 2009-10-08T20:47:27+01:00 darkAudax http://www.aircrack-ng.org/doku.php?id=airodump-ng&rev=1255027647 Description Airodump-ng is used for packet capturing of raw 802.11 frames and is particularly suitable for collecting WEP IVs (Initialization Vector) for the intent of using them with aircrack-ng. If you have a GPS receiver connected to the computer, airodump-ng is capable of logging the coordinates of the found access points. Additionally, airodump-ng writes out a text file containing the details of all access points and clients seen.