OESF | ELSI | pdaXrom | OpenZaurus | Zaurus Themes | Community Links | Ibiblio

IPB

Welcome Guest ( Log In | Register )

3 Pages V  < 1 2 3  
Reply to this topicStart new topic
> Aircrack - Fast Wep Cracking Tool, got it built, need to start testing
speculatrix
post Apr 15 2005, 10:16 AM
Post #31





Group: Admin
Posts: 3,281
Joined: 29-July 04
From: Cambridge, England
Member No.: 4,149



QUOTE(stupkid @ Apr 15 2005, 05:07 PM)
Hmm, a low memory version aircrack would be nice.
*


I'm not sure it's doable without a major rewrite - it has to store each IV, which is five bytes (I think, according to a previous post). Either you'd have to mmap the file and do a huge number of seeks, or extract the IVs into some sort of hashing DB... whether that's possible I don't know.

What would be really nice would be some really REALLY high speed SDRAM cards in a CF format, a true RAM disk. Or solder some more RAM into your Z. (whoosh, off on a dream again. these Zs are *so* addictive for playing "what-if" ).
Go to the top of the page
 
+Quote Post
offroadgeek
post Apr 15 2005, 12:07 PM
Post #32





Group: Admin
Posts: 1,418
Joined: 18-May 03
From: St. Paul, MN
Member No.: 4



I put an 80mb swapfile on my SD card and aircrack works great now...

I don't normally have wep setup on my home AP since it's outside of my firewall and I like to share my wifi with my neighbors, etc.... but I wanted to see aircrack in action so I setup 128bit WEP on the AP and have my laptop connected to it (downloading ISOs). I've started wellenreiter and my stop watch to see about how long it would take to get 500,000 packets. I also have the capture file set on my SD card with about 600mb free, so it should have enough space unsure.gif

We'll see what happens
Go to the top of the page
 
+Quote Post
offroadgeek
post Apr 15 2005, 07:38 PM
Post #33





Group: Admin
Posts: 1,418
Joined: 18-May 03
From: St. Paul, MN
Member No.: 4



so after 6 hours and 15 minutes of wellenreiter running it captured 25,217 packets to a 2.2mb file. I was expecting the file to be much larger. I'm wondering if I did something wrong or didn't have some of the wellenreiter settings set up correctly.

either way, I had aircrack running for over an hour, and for some reason my 1000 went to sleep by itself. I've changed some settings in the light and power app to hopefully prevent it from going to sleep (unless I make it), and left the wifi on (in case the active network will keep it alive too). I'll see if it cracks the wep in the morning.

P.S. I'm impressed that I haven't had any memory issues so far with it smile.gif
Go to the top of the page
 
+Quote Post
charlesa
post Apr 16 2005, 02:08 AM
Post #34





Group: Members
Posts: 89
Joined: 23-April 04
From: Thailand
Member No.: 2,967



QUOTE(offroadgeek @ Apr 16 2005, 03:07 AM)
We'll see what happens
*


Yes I got it running on a 64mb swap.

Try running aircrack with a fudge factor of 4 (ref: http://www.securityfocus.com/infocus/1814). You may get a better/faster result.

C.
Go to the top of the page
 
+Quote Post
offroadgeek
post Apr 16 2005, 04:33 AM
Post #35





Group: Admin
Posts: 1,418
Joined: 18-May 03
From: St. Paul, MN
Member No.: 4



QUOTE(charlesa @ Apr 16 2005, 02:08 AM)
QUOTE(offroadgeek @ Apr 16 2005, 03:07 AM)
We'll see what happens
*


Yes I got it running on a 64mb swap.

Try running aircrack with a fudge factor of 4 (ref: http://www.securityfocus.com/infocus/1814). You may get a better/faster result.

C.
*



Thanks, I might try that on my next run. It's been running for just 9 hours, and it hasn't finished. Let's hope it won't take 60 hours, I was hoping to use my Z this weekend wink.gif
Go to the top of the page
 
+Quote Post
Olivier
post May 9 2005, 05:01 AM
Post #36





Group: Members
Posts: 9
Joined: 17-March 05
Member No.: 6,653



I have a sharp rom C3000 with same aircrack error.

To solve the issue I have created a swap file (128 MB) as following on my hardisk ( for c6000 or other, I think same can be done one a CF memory card) :

open a terminal as supervisor and then type following commands :

dd if=/dev/zero of=/hdd3/swapfile bs=1048576 count=128
mkswap /hdd3/swapfile
swapon /hdd3/swapfile


to check swap is activated type : cat /proc/swaps

error on aircrack should have now disappeared.
Go to the top of the page
 
+Quote Post
Siftah
post Jul 27 2005, 07:20 AM
Post #37





Group: Members
Posts: 1
Joined: 10-November 04
From: Manchester, UK
Member No.: 5,400



Ummmm.

You could just use the Zaurus to create the capture files, then use aircrack on a normal desktop machine/laptop to actually break the wep key.

You'll need a fairly large chunk of data to get the WEP key broken, for a 128bit key then something like a gig of data may need to have passed over the WLAN in order for enough IV's to be captured to break the WEP key.

Also, using airodump and setting it to just store IV's will greatly reduce the data stored, you can then easily transfer this back to a desktop machine to run aircrack on it, etc smile.gif

HTH.
Go to the top of the page
 
+Quote Post
born2wonder
post Jun 28 2007, 08:30 PM
Post #38





Group: Members
Posts: 26
Joined: 24-June 07
Member No.: 17,442



QUOTE(offroadgeek @ Apr 15 2005, 07:38 PM)
so after 6 hours and 15 minutes of wellenreiter running it captured 25,217 packets to a 2.2mb file.  I was expecting the file to be much larger.  I'm wondering if I did something wrong or didn't have some of the wellenreiter settings set up correctly.

*


Recommendations:

Aircrack-ptw: Using aircrack-ng, 64 bit wep needs around 400,000 IV's and 128 bit needs a cool million. That being said, you should try to use aircrack-ptw (can google it for info) which needs as less as 20,000-40,000 IVS to crack wep. Ive used it many times and is a great program. If using airodump to capture dont use the --ivs as aircrack-ptw need full capture file.

Injection: Most of the time, you will need to inject packets into the network to generate alot of IVS fast. You will need a wlan cf card capable of injection (AFAIK all prism2/prisim3 cf cards support it). U also need drivers supporting injection such as Hostap. Aireplay-ng is the tool i use to inject and replay packets. Attacks available for client-connected networks as well as client-less ones. I collect 40,000 Ivs in less than 10 minutes on my LifeBook P1510 (1 kg tablet) running backtrack.

I am buying a c1000 (still deciding on supplier) in a few days; if i manage to crack a wep network, i will post a little step-by-step how-to. Hope this helps.
Go to the top of the page
 
+Quote Post
Capn_Fish
post Jun 29 2007, 12:28 PM
Post #39





Group: Members
Posts: 2,350
Joined: 30-July 06
Member No.: 10,575



QUOTE(born2wonder @ Jun 28 2007, 11:30 PM)
QUOTE(offroadgeek @ Apr 15 2005, 07:38 PM)
so after 6 hours and 15 minutes of wellenreiter running it captured 25,217 packets to a 2.2mb file.  I was expecting the file to be much larger.  I'm wondering if I did something wrong or didn't have some of the wellenreiter settings set up correctly.

*


Recommendations:

Aircrack-ptw: Using aircrack-ng, 64 bit wep needs around 400,000 IV's and 128 bit needs a cool million. That being said, you should try to use aircrack-ptw (can google it for info) which needs as less as 20,000-40,000 IVS to crack wep. Ive used it many times and is a great program. If using airodump to capture dont use the --ivs as aircrack-ptw need full capture file.

*


Aircrack-ng 0.9.x has the PTW attack. I just broke my WEP key with under 30000 IVs using 0.9 on my Z.
Go to the top of the page
 
+Quote Post

3 Pages V  < 1 2 3
Reply to this topicStart new topic
2 User(s) are reading this topic (2 Guests and 0 Anonymous Users)
0 Members:

 



RSS Lo-Fi Version Time is now: 19th December 2014 - 07:47 AM