aircrack:
Project Homepage:
http://www.cr0.net:8040/code/network/
(OFFLINE)
Project Homepage:
Local Mirror
aircrack-2.41.tar.gz MD5: 05A37C8A165EFB11EA226829C809DEB3
NOTE: The next generation of Aicrack:
Aircrack-ng is now
available!
Once as many IVs as required have been captured using the
airodump packet capture
utility the resultant [filename].cap file is imported into
aircrack to break the static WEP or WPA-PSK keys.
Installing aircrack
aircrack help
Breaking WEP
Breaking WPA
aircrack usage
Examples
aircrack will give you the following help:
Basic usage: aircrack
-q -n [WEP key length] -b [BSSID] [filename].cap
How many packets do I need?
Approximately 300,000 packets
for breaking 64-bit WEP
Approximately 1,000,000
packets
for breaking 128-bit WEP
aircrack -q
-n 128 -b 11:11:11:11:11:11 capture1-01.cap
The WEP key 86:65:78:38:8F:51:7B:E0:B4:81:8A:0D:B1 was
cracked in under 10 seconds. aircrack is very quick, it is the capture
process using airodump that takes the majority of the time in WEP cracking.
Once the WPA handshake has been collected (see
aireplay) we can perform a dictionary attack to determine the WPA-PSK
(Pre-Shared-Key)
aircrack -a 2 -w passwords.txt
capture1-01.cap
aircrack provides us
with a wealth of options (type aircrack or visit project homepage for full
listing):
-
-a [mode 1 or 2]
1=WEP, 2=WPA-PSK
-
-e [essid] target
selection network ID
-
-b [bssid] target
access point's MAC
-
-q enable quiet
mode
-
-w [path] path to
a dictionary word list (WPA only)
-
-n [no. bits] WEP
key length (64, 128, 152 or 256)
-
-f [fudge no.]
defaults are 5 for 64 bit WEP and 2 for 128 bit WEP
aircrack -a 1 -n 64 capture1-01.cap
Runs
aircrack against the capture1-01.cap file in 64 bit WEP cracking mode
aircrack -q -b 00:06:25:BF:46:06 -n 128
-f 4 testfile-01.cap
Runs
aircrack in quiet mode against the testfile-01.cap file in 128 bit WEP cracking
mode with a fudge factor of 4
aircrack -a 2 -w
passwords.txt capture1-01.cap
Runs aircrack against the capture1-01.cap file in WPA-PSK dictionary attack
mode
|
Linux
