Linux tools, Howtos


Tools Index


Wireless Commands


FC6 Build Howto


FC5 Build Howto


FC4 Build Howto


Live Linux Distros



Site Search







WIN32 tools, Howtos


Tools Index



Get Firefox!





Miscellaneous WI-FI


Default WI-FI Settings


Rogue AP Howtos


WI-FI Certifications


802.11 Standards




Formats / Extensions


WI-FI Home Security


Useful Links






AirSnort for Windows:

Project homepage:


AirSnort is a wireless LAN (WLAN) tool which recovers encryption keys. AirSnort operates by passively monitoring transmissions, computing the encryption key when enough packets have been gathered.


Whilst always having implemented the the WEP key attack identified by the Weaknesses in the Key Scheduling Algorithm of RC4 paper by Fluhrer, Mantin and Shamir as of version 0.2.7, AirSnort also incorporates Aircrack style cracking in real time.


There is a superb installation guide for AirSnort on windows available at the Shmoo website:


It can be a little tricky to determine which interface you need to use under windows as they appear in the form \Device\{C4748374-F81D-4E40-AFFD-16CCED00F221}.  I found the easiest way to determine the name of your wireless card as to use Windump (which also requires the installation of WinPcap and running:

windump -D



NOTE: \Device\{C4748374-F81D-4E40-AFFD-16CCED00F221} is clearly identified as the Orincoco card.



One thing to watch out for is to ensure that you start AirSnort in scan mode not channel mode (or else you will see very few packets) once packets are being collected you can speed the process up by changing to channel mode.




On a saturated 802.11b network AirSnort for windows cracked a 128 bit WEP key in under 10 minutes:




Whilst AirSnort under windows (tested on Windows XP SP2)  appears a little bit rough around the edges it still does a great job of cracking those WEP keys.

   Copyright 2010 All Rights Reserved.