aircrack-ng
- is a complete suite of tools to assess WiFi network security
Main Features
|
aircrack-ng |
Cracks WEP keys using the Fluhrer, Mantin, and Shamir (FMS) attack, PTW, Korek, dictionary attacks, and WPA/WPA2-PSK using dictionary attacks. |
|
airdecap-ng |
Decrypts WEP or WPA encrypted capture files with a known key. |
|
Places different cards in monitor mode. | |
|
aireplay-ng | |
|
Packet sniffer: Places air traffic into pcap or IVS files and shows information about networks. | |
|
airtun-ng |
Virtual tunnel interface creator. |
|
packetforge-ng |
Creates encrypted packets for injection. |
|
ivstools |
Tools to merge and convert. |
|
airbase-ng |
Incorporates techniques for attacking client, as opposed to Access Points. |
|
airdecloak-ng |
Removes WEP cloaking from pcap files. |
|
airolib-ng |
Stores and manages ESSID and password lists and compute Pairwise Master Keys. |
|
airserv-ng |
Allows to access the wireless card from other computers. |
|
buddy-ng |
The helper server for easside-ng, run on a remote computer. |
|
easside-ng |
A tool for communicating to an access point, without the WEP key. |
|
tkiptun-ng |
WPA/TKIP attack tool. |
|
wesside-ng |
Automatic tool for WEP key recovery. |
Installation
ubuntu
sudo apt install aircrack-ng
linux
https://www.aircrack-ng.org/doku.php?id=install_aircrack
Aircrack-ng is a complete suite of tools to assess WiFi network security.
It focuses on different areas of WiFi security:
Monitoring: Packet capture and export of data to text files for further processing by third party tools.
Attacking: Replay attacks, deauthentication, fake access points and others via packet injection.
Testing: Checking WiFi cards and driver capabilities (capture and injection)
Cracking: WEP and WPA PSK (WPA 1 and 2)
- first we need /sys/class/ieee80211, if you don’t have it:
- go to http://linuxwireless.org/download/compat-wireless-2.6/
- search for compat-wireless-2010-06-26-pc.tar or anything of the like
- extract it
- go into the folder where the MakeFile is located
- type these commands: make unload make load
- first we need to set our Network as monitor mode (default: promiscuous mode) ifconfig down iwconfig mode monitor ifconfig up
- Mac’s builtin NIC doesn’t support monitor mode
- follow _setup_mac.txt for monitor mode workaround
- currently, aircrack-ng has limited support for Mac
install/update aircrack-ng on mac using brew on terminal brew install aircrack-ng
verify air stuff has been install type air in terminal then press TAB twice
it should display something like this
airbase-ng (Executable link, 88kB)aircrack-ng (Executable link, 112kB)airdecap-ng (Executable link, 41kB)airdecloak-ng (Executable link, 30kB)airdriver-ng (Executable link, 109kB)aireplay-ng (Executable link, 111kB)airmon-ng (Executable link, 28kB)airodump-ng (Executable link, 105kB)airodump-ng-oui-update (Executable link, 1.3kB)airserv-ng (Executable link, 25kB)airtun-ng (Executable link, 58kB)
macOS
Work around for _setup.txt’s set Network to monitor mode in Mac
Create symlink to airport
sudo ln -s /System/Library/PrivateFrameworks/Apple80211.framework/Versions/Current/Resources/airport /usr/local/bin/airportTo search for active channels nearby that you can sniff, run this:
sudo airport en1 -sExample of sniffing in monitor mode
sudo airport en1 sniff 1This sniffs on channel 1 and saves a pcap capture file to /tmp/airportSniffXXXXXX.pcap (where XXXXXX will vary)
You can view this with:
tcpdump -r <filename> opening it in wiresharkThe aircrack-ng suite has limited Mac OS X support. Currently it only supports the following tools: aircrack-ng, packetforge-ng, ivstools and makeivs. Any program which requires opening a wireless interface is not supported.