newbie_guide
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionNext revisionBoth sides next revision | ||
newbie_guide [2009/08/14 18:35] – use dokuwiki internal links mister_x | newbie_guide [2010/06/17 15:45] – Fixed typo darkaudax | ||
---|---|---|---|
Line 15: | Line 15: | ||
Needless to say, you need a wireless card which is compatible with the aircrack-ng suite. | Needless to say, you need a wireless card which is compatible with the aircrack-ng suite. | ||
- | To determine to which category your card belongs to, see [[compatibility_drivers|hardware compatibility page]]. Read [[compatible_cards|Tutorial: | + | To determine to which category your card belongs to, see [[compatibility_drivers|hardware compatibility page]]. Read [[compatible_cards|Tutorial: |
First, you need to know which chipset is used in your wireless card and which driver you need for it. You will have determined this using the information in the previous paragraph. | First, you need to know which chipset is used in your wireless card and which driver you need for it. You will have determined this using the information in the previous paragraph. | ||
Line 148: | Line 148: | ||
^ PWR | Signal strength. Some drivers don't report it | | ^ PWR | Signal strength. Some drivers don't report it | | ||
^ Beacons | ^ Beacons | ||
- | ^ Data | Number of data frames | + | ^ Data | Number of data frames |
^ CH | Channel the AP is operating on | | ^ CH | Channel the AP is operating on | | ||
^ MB | Speed or AP Mode. 11 is pure 802.11b, 54 pure 802.11g. Values between are a mixture | ^ MB | Speed or AP Mode. 11 is pure 802.11b, 54 pure 802.11g. Values between are a mixture | ||
Line 236: | Line 236: | ||
Wait for a client to show up on the target network. Then start the attack: | Wait for a client to show up on the target network. Then start the attack: | ||
- | aireplay-ng - -arpreplay -b 00: | + | aireplay-ng --arpreplay -b 00: |
-b specifies the target BSSID, -h the MAC of the connected client. | -b specifies the target BSSID, -h the MAC of the connected client. | ||
Line 242: | Line 242: | ||
Now you have to wait for an ARP packet to arrive. Usually you'll have to wait for a few minutes (or look at the next chapter). | Now you have to wait for an ARP packet to arrive. Usually you'll have to wait for a few minutes (or look at the next chapter). | ||
- | If you were successfull, you'll see something like this: | + | If you were successful, you'll see something like this: |
Saving ARP requests in replay_arp-0627-121526.cap | Saving ARP requests in replay_arp-0627-121526.cap | ||
Line 253: | Line 253: | ||
When using the arp injection technique, you can use the PTW method to crack the WEP key. This dramatically reduces the number of data packets you need and also the time needed. | When using the arp injection technique, you can use the PTW method to crack the WEP key. This dramatically reduces the number of data packets you need and also the time needed. | ||
- | If the number of data packets received by airodump-ng sometimes stops increasing you maybe have to reduce the replay-rate. You do this with the -x <packets per second> option. I usually start out with 50 and reduce until packets are received | + | If the number of data packets received by airodump-ng sometimes stops increasing you maybe have to reduce the replay-rate. You do this with the -x <packets per second> option. I usually start out with 50 and reduce until packets are received |
==== The aggressive way ==== | ==== The aggressive way ==== | ||
- | Most operating | + | Most operating |
Keep your airodump-ng and aireplay-ng running. Open another window and run a [[deauthentication]] attack: | Keep your airodump-ng and aireplay-ng running. Open another window and run a [[deauthentication]] attack: | ||
Line 273: | Line 273: | ||
====== Further tools and information ====== | ====== Further tools and information ====== | ||
- | [[http:// | + | [[http:// |
newbie_guide.txt · Last modified: 2018/11/21 23:31 by mister_x