Online encryption is important but most people I’ve come across never give a second thought about it. They don’t think that a hacker will hack them because they are just ordinary people. But we regular folks are the ones they are after! They use minions to achieve their wicked goals because they are disposable. This post will be a 3 part series that demonstrates how to infiltrate a wireless network with WEP encryption, sniff the network traffic, and then use the data collected to impersonate a user. The goal is to raise awareness on how vulnerable wireless connections are.
There are hundreds of articles online that will teach you how to crack a wireless network. Now there is another one.
1) Download Backtrack ISO and burn it to CD and then boot from the disc.
You don’t need to install the program but you can
I will be using the BT5R3-GNOME-32 for this demonstration
2) Once it is installed or booted up, login and start the GUI
Default user name is root and the password is toor
Type startx to start the GUI
3) The tool we will use is Gerix
Navigate to: Applications, BackTrack, Exploitations Tools, WLAN Exploitation, gerix-wifi-cracker-ng
4) Click the configuration tab and highlight your wireless adapter (wlan0) listed under interface
If there is no adapter present, refer to the notes at the end of this article
5) Click enable/disable monitor mode to create a new interface (mon0)
Highlight mon0 and set a random mac address
6) Scroll down and click rescan networks
After the wireless network appears, select one from the list with WEP encryption and decent signal strength
7) Navigate to the WEP tab and start sniffing
A box will appear, just move it aside, don’t close it
The number below #Data is what we are monitoring
The more traffic on the network the more we get, but we can inject stuff to make traffic
If no one is on the network then you will need to simulate traffic, click test injection to see if the AP is vulnerable.
8) Try a Chopchop attack first, Crate an ARP packet to be injected the Inject the create ARP packet
Another window will pop up and ask you if want to inject with the created packet, type Y and hit enter
This will help you get more #Data (try fragmentation injection if it doesn’t work)
9) Once you have at least 5000, try and crack
Click on the Cracking tab and click on Decrypt WEP password
Another Window will pop up and will display the password when successful
If you don’t have enough #Data it will not be successful, wait to get more and click Decrypt WEP again when you have more (10,000 or 15,000)
Gerix is just a GUI for the aircrack-ng, for full functionality, your wireless adapter chipset will need to support injection. The list of supported chipsets can be found here the page has not been modified since 2011, so there are probably more chipsets on the market that is supported.
No comments:
Post a Comment