Cracking WEP via aircrack-ng
First, lots of credit needs to be given to the creators of madwifi-ng and aircrack-ng. These guys seem to have it all together and actually answer their trouble ticket problems when users send in questions. Now that isn't very often seen in open source projects and shows their level of support and commitment.How to get at it...well I'll outline my setup and you can go from here if you'd like.
Dell Latitude D820 Core Duo T2600
3com 3cRPAG175 (A/B/G wireless with "XJACK" antenna)
Ubuntu Dapper Drake 2.6.15-26-686
First thing is to grab the relevant packages and enable your good repos if you are using Ubuntu. Enable the restricted packages in synaptics or manually edit your /etc/apt/sources.list file.
sudo apt-get update
sudo apt-get install aircrack
sudo apt-get install kismet (if you'd like it)
sudo apt-get install linux-source
sudo apt-get install linux-headers
sudo apt-get install sharutils
For those running other platforms, usually just google the package name and find the source and compile it manually. Also note that some of the packages will not compile right away and may need the -dev edition of your packages if it squaks about the packages being incomplete or missing parts in the config or make steps.
In general the commands to compile will be as follows
tar -xzf filename.tar.gz
cd filename
./configure
make
sudo make install
check your binaries and make sure they went in properly by trying out the commands at a blank prompt...an example
sudo aircrack-ng
It should prompt you with the usage of the aircrack-ng and it's arguements.
Next up drivers. Your wireless card must support some of the hackable driver sets. I have an Atheros card, and it uses the madwifi driver. NOTE TO ALL UBUNTU USERS. Madwifi-ng is not included with the current restricted modules of ubuntu. The drivers that come with Ubuntu are very ancient and do not support all the card or the software that you will like to use.
Next in my case I had to disable APCI support because there seems to be a bug that doesn't let the card be properly detected. So...
sudo /etc/init.d/apci-support stop
Next to remove the old modules from the restricted modules section...
sudo rm -rf /lib/modules/$(uname -r)/net
sudo rm -rf /lib/modules/$(uname -r)/madwifi
sudo rm -rf /lib/modules/$(uname -r)/madwifi-ng
Compile the madwifi-ng drivers in your home directory or wherever you'd like...
cd ~/madwifi-ng
sudo make clean
sudo make install
Insert your card and try it out.
ifconfig
wlanconfig
dmesg
lsmod
Check for ath0 and wifi0 as interfaces in the ifconfig and the wlanconfig. Dmesg look for the card being probed. lsmod look for the ath_pci being inserted with ath_hal and wlan.
I'm going to assume your drivers are up and running.
So we edit our kismet config to search with the wifi0 dev interface.
sudo gedit /etc/kismet/kismet.conf
change the line for source to
source=madwifi_g,wifi0,AtherosG
Start scanning by descending into a directory which you have rights to read and write into...
cd ~/
sudo kismet
It should fire up kismet without fail.
More will come in my next post. I'm tired and this has been a very testing experience....even writing a blog about it is mighty time consuming.
posted by Agent_Smith @ 1:59 PM
0 comments
