LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Closed Thread
  Search this Thread
Old 02-21-2006, 02:43 PM   #1
BillyGalbreath
Member
 
Registered: Nov 2005
Location: Houston Texas
Distribution: Debian Sid
Posts: 379

Rep: Reputation: 31
WEP cracking with Auditor - Tutorial doesnt work


http://www.crimemachine.com/Tuts/Flash/wepcracking.html

I stumbled accross this link one day by accident and it totally has me hooked. I had no idea cracking WEPs was as easy as this flash video makes them out to be. So I just had to test it out on my own wireless router...

I first tried installing all the things I needed onto my Debian installation I already have... but I never could figure out how to get my wifi card in "HostAP#wlan" mode... it just kept erroring... So after further investigating the remote-exploit.org and crimemachine.com sites I realized that the OS used in the video was in fact a livecd called Auditor.

So I downloaded the exact version from the video (auditor-150405-04) and it never booted. I would get as far as the framebuffer starting and then it looks for my cd drive on /dev/s* something when my cd drive is /dev/hdc -- I dont know anything about how to fix this, so I tried a different version of auditor. A newer one.

auditor-200605-02-no-ipw2100.iso is what I downloaded because my card uses ipw2200 and this is the file the site said to use for those types of cards...

This version booted. The window session was all screwy - the title bar of the windows never showed up; i could not ALT+TAB between windows; windows didnt show up in the taskbar at the bottom; etc etc etc... a bunch of little things like that. so I closed KDM from the CLI and I continued on in the CLI.

I followed the tutorial to the 'T'. Frist problem right off the bat was airodump... In the tutorial you can see IVs on the list - in my screen, these were not shown. I figured out that the tutorial runs airodump version 2.1 or something - i was using 2.41

So i continue on to the next step.. 'aireplay -i eth0' --- this command errored and didnt tell me why but just showed the correct usage and all the options i could choose from... I finally got the damn thing woring by setting all kinds of weird parameters in the command, but i do not remember them.

Lastly, the third step - aircrack... This command also had different parameters - but i finally got it to work, but it didnt work... it complained that my 'tocrack.ivs' file did not have enough IVs... So I let airodump and aireplay run for about 15 minutes then i try aircrack again... well... still, not enough IVs...

I cant find out how many IVs I have in my file and airodump isnt displaying me an IVs column in the output....

Am I missing a step somewhere? Or is there a different way of doing this?

I am using a Gateway MX6425 notebook and a Netgear WG511 v2 (Made in Taiwan) card (and yes, this v2 card is the one that works nativley in linux - I can get online with it so I know for a fact it works).

Any input would greatly be appreciated!

Thanks!
 
Old 02-22-2006, 07:38 AM   #2
guysoft
Member
 
Registered: Jun 2004
Location: israel
Distribution: When I started here: mandrake, MEPIS and menny live-cds Now: Ubuntu mostly
Posts: 72

Rep: Reputation: 16
i was trying today to do something simular, seems that the ipw2200 driver dosn't come with monitor mode. you need to modify it.
i'll be glad if someone will give a debian way to do this. i did't seem to find any.

Last edited by guysoft; 02-22-2006 at 07:42 AM.
 
Old 02-22-2006, 09:22 AM   #3
BillyGalbreath
Member
 
Registered: Nov 2005
Location: Houston Texas
Distribution: Debian Sid
Posts: 379

Original Poster
Rep: Reputation: 31
Code:
iwconfig eth0 mode monitor
i did that, and it seemed to go into monitor mode. airodump/aireplay/aircrack wont start unless the card is in monitor mode, and they all started.

Oh, and I played with it more and I figured some more stuff out last night. I do

Code:
airodump eth0 myfile 11 1
11 is the channel of the network i want to mess with, this allows for faster injection/scanning because it doesnt have to jump to all the other channel. 1 is for saving only IVs and not all packets.

I then run

Code:
aireplay -2 eth0
I am not entirely sure what that does... but its one of the only ways I can get aireplay to start.

I then nostice that the '#Data' column in the airodump display is the amount of IVs... so I wate until I get about 50,000 of these or so, then I open a 3rd terminal and put

Code:
aircrack -q -f2 eth0 myfile.ivs
This will start cracking the IVs for the WEP or something...

And thats all I can figure out. I left all of those running last night for about an hour and aircrack never came up with a result. It just kept scanning and scanning and scanning...

One thing I did notice is that aireplay is NOT injecting packets for some reason... No matter which packet I try, nothing happens in airodump session. aireplay will say its sending thousands and thousands of packets, but aireplay is not showing any packets being read from the target or router... The only way I am able to record packets/ivs is to get on the target computer and start downloading a huge file... But i dont think thats going to do the trick here because my notebook doesnt know the packets well enough (because it did not broadcast them itself) to decode them with aircrack...

I think my fault is lying in aireplay and my lack of knowledge about how to run it.

Last edited by BillyGalbreath; 02-22-2006 at 09:24 AM.
 
Old 06-14-2006, 12:55 AM   #4
Capt_Caveman
Senior Member
 
Registered: Mar 2003
Distribution: Fedora
Posts: 3,658

Rep: Reputation: 69
LQ has a policy against cracking-related threads. While we sometimes give threads some leeway, you're basically asking for a walk-through on how to crack someones WEP keys, which we won't allow. Watch the video, read the HOWTOs/docs, etc.

//Thread Closed
 
  


Closed Thread


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Question on the use of Wep cracking with auditor live CD army180 Linux - Newbie 2 02-23-2006 07:43 PM
Newbie question about WEP cracking ilan1 Linux - Security 7 02-23-2006 02:41 PM
WEP doesnt encrypt my packets? biotope Linux - Security 3 02-19-2006 02:33 AM
WEP cracking with auditor live cd doesn't find wireless card?!!!!!! yottabyte james Linux - Wireless Networking 2 01-29-2006 03:40 PM
Auditor Live Run. Wireless card(s) won't work. Brimstoner Linux - Laptop and Netbook 1 12-04-2005 04:28 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 07:16 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration