Aircrack-ng for Windows - Airodump:
Project Homepage:
http://www.aircrack-ng.org/index.php?title=Main_Page
Aircrack-ng is the next generation of
Christophe Devine's excellent aircrack suite of tools.
INSTALLING AIRCRACK-NG FOR
WINDOWS
RUNNING AIRODUMP-NG FOR WINDOWS
WEP EXAMPLE
WPA EXAMPLE
To run aircrack-ng simply browse to
the C:\aircrack-ng-[version]-win\bin directory and double click the
airodump.exe icon. The following information needs to be entered:
-
Select the network adapter (your
wireless adapter will need to be inserted and enabled)
-
The chipset for your card 'a'
for Atheros card in our case
-
Enter the channel you wish to
monitor (1 to 14) or 0 to scan channels (be sure to specify
the channel you wish to monitor after this discovery phase or you will lose
packets)
-
Enter a name for your wireless
capture files
-
You may also select 'y' to
'Only write WEP IVs' if that is all you are interested in capturing
The capture process will now begin:
As you can see from the capture above
airodump has not determined the encryption method in use 'WEP?' (either
WPA or WEP will appear when the encryption method has been
determined) and also no data packets have been captured. Packet injection
tools (Something like aircrack/aircrack-ng's 'aireplay') are required to
generate these data packets (packet injection only available with the linux
version).
If there are an active clients
passing data across the network it is just a matter of waiting until enough
packets have been captured in the case of WEP. For WPA you will either
have to wait for the WPA handshake to occur or force the handshake to take place
(see aireplay for linux)
In the example below we are now
gathering data, have determined the network is utilising WEP and has a SSID of
cuckoo.
In the example below we are gathering data, have determined the network is
utilising WPA and has a SSID of cuckoo. We will not know if we have
captured the WPA handshake until we run the capture file through aircrack.
|
Linux
