LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 07-17-2006, 01:34 PM   #1
ismailjh
LQ Newbie
 
Registered: Jul 2006
Posts: 1

Rep: Reputation: 0
Auditor - Wep Crack - Airodump/Aircrack Qs


I am using the latest version of Auditor to hack into my wireless network (I use a Linksys WRT54GS with a 128bit WEP key) and want derive my own WEP key with sniffing IVs and using aircrack. I chose to use a Prism card, Linksys WPC 11 v. 3. The CD runs well and the card is detected as either eth0 or eth1.

As I have been trying to put the card into monitor mode, an iwconfig always shows "managed mode". However, Kismet runs smoothly and so do airodump and aireplay. I usually switch-to-hostap before starting anything else.

Here is my usual konsole routine:
# switch-to-hostap
# iwpriv eth1 monitor 2 11
I also open kismet, and use the "Shift + L" key to lock my card on my own BSSID, then close kismet.
# airodump eth1 cap1 <MAC ADDRESS OF MY BSSID>

Airodump collects packets including IVs corretly. When I launch aircrack 2.1 (aircrack -m <MAC ADDRESS OF MY BSSID> -n 64 -q 3 cap*.cap), the number of "unique IVs" is always less than what Airodump collects (only about one third of Airodump IVs are considered "unique IVs" by aircrack. How come? Is it a matter of drivers? Should I start over with the wlanng driver instead?

I once colleted about 800,000 IVs on Airodump (about 3 million packets) and Airodump started giving me a "cannot write" error. I believe it is because it was running out of space to write the file, since it is not using the hard drive. Auditor was then becoming to be buggy and very slow and I had to restart it and lost the data collected.

Please offer advice.

Thank you for your help,
 
Old 07-22-2006, 07:11 PM   #2
avatarfx
Member
 
Registered: May 2004
Posts: 34

Rep: Reputation: 16
Install Linux on you machine and then the tools you need. If you must use the Audito CD then consider saving the information on a USB drive.

Why don't you try BackTrack?
 
Old 07-22-2006, 08:40 PM   #3
AAnarchYY
Member
 
Registered: Sep 2004
Location: Carlisle, MA
Distribution: Slackware 10.2 Fluxbox 2.6.17.6
Posts: 419

Rep: Reputation: 30
or just save the files on your hard drive (providing its not NTFS)
create a linux partition on your hard drive
 
Old 07-22-2006, 09:12 PM   #4
Matir
Moderator
 
Registered: Nov 2004
Location: San Jose, CA
Distribution: Ubuntu
Posts: 8,507

Rep: Reputation: 118Reputation: 118
You'll definitely need somewhere to save temporary files and the like. Airodump does need a lot of space for storing of packets, as aircrack looks at the packets in a collective manner whereas airodump looks at them individually (as I understand it, anyway).
 
Old 07-23-2006, 08:39 PM   #5
bugmenot60
Member
 
Registered: Mar 2006
Posts: 47

Rep: Reputation: 15
Quote:
Originally Posted by Matir
You'll definitely need somewhere to save temporary files and the like. Airodump does need a lot of space for storing of packets, as aircrack looks at the packets in a collective manner whereas airodump looks at them individually (as I understand it, anyway).
You've obviously never broken any WEP key before.

It doesn't need that much space and the current
version, by default, only stores the weak IVs.
 
Old 07-23-2006, 08:57 PM   #6
Matir
Moderator
 
Registered: Nov 2004
Location: San Jose, CA
Distribution: Ubuntu
Posts: 8,507

Rep: Reputation: 118Reputation: 118
I've done it before, but not in a long while. Perhaps previous versions of airodump used more space.
 
  


Reply

Tags
auditor, crack, wep


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
anyone play with aircrack before? can't crack my own WEP hedpe Linux - Wireless Networking 3 07-10-2006 04:10 PM
WEP cracking with Auditor - Tutorial doesnt work BillyGalbreath Linux - Security 3 06-13-2006 11:55 PM
Question on the use of Wep cracking with auditor live CD army180 Linux - Newbie 2 02-23-2006 06:43 PM


All times are GMT -5. The time now is 10:57 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration