Menu
▾
▴
[Airsnort-user] Couple tools to assist with WEP cracking
|
From: Matthew C. <ma...@ei...> - 2005-01-09 22:31:00
|
Please try these tools out if you're interested. Let me know if they are
helpful or need work. I'll comment back to the author.
They are as follows (taken from the in-code comments):
tcpdump-fuse.pl v1.0--
This program joins 2 or more TCPDUMP captures into one capture file.
The key lesson in this program is that each TCPDUMP files has a 24 byte
header at the beginning of the file.
This program strips and sticks all files except the first one.
Not Rocket Science
One practical use of this is in wireless audits. If you have several
different Kismet sessions, there may be enough packets collectively to
break the encryption but not individually. AirSnort handles multiple
input capture files. AirCrack and many others do not.
Possibly beneficial when used in conjunction with "bssid-flatten.pl" to
"flatten" multiple APs' traffic into one for improved encryption breaking
#############################################
bssid-flatten.pl v1.0 --
This tool is used to "flatten" multiple wireless accesspoints/BSSIDs into
one unified BSSID: 11:11:11:11:11:11.
This is useful for auditing larger wireless networks which may have many
accesspoints with the same WEP key and overlapping coverage.
"flattening" multiple accesspoints into one allows tools like aircrack and
airsnort to crack the key faster by chewing on more packets
I find bssid-flatten to be most useful when used in conjunction with Kismet
(http://www.kismetwireless.net/)
My personal Favorite use for this tool is as follows:
$ grep 'somessid.*BSSID:' Kismet-Jan-06-2005-1.network |cut -d'"' -f4 \
|xargs bssid-flatten.pl -i Kismet-Jan-06-2005-1.dump -o testing.dump
Change "somessid" to a particular SSID which lives on multiple accesspoints
Or when used in conjunction with "tcpdump-fuse.pl":
$ tcpdump-fuse.pl Kismet-*dump | bssid-flatten.pl -o testing-chain.dump \
`grep -i 'mfg.*BSSID:' Kismet*.network |cut -d'"' -f4`
##############################################
|