*Hi Friends, Anybody is working on WIFI hacking or need to learn: please read and post the new things.
WEPBuster 1.0* This small utility was written for information security professional to aid in conducting Wireless Security Assessment. The script executes various programs included in the aircrack-ng suite - a set of tools for auditing wireless networks, in order to obtain the WEP encryption key of a wireless access point. WEPBuster also has a wordlist generator which can be used in creating "dictionary" files for WPA Pre-Shared Key cracking and for other related tasks. aircrack-ng can be obtained from http://www.aircrack-ng.org *Features:* Cracks all access points within the range in one go!! Supports: WEP Cracking: - Mac address filtering bypass (via mac spoofing) - Auto reveal hidden SSID - Client-less Access Point injection (fragmentation, -p0841) - Shared Key Authentication - whitelist (crack only APs included in the list) - blacklist (do not crack AP if it's included in the list) Wordlist Generator: - generate all combinations of a given set - generate all unique combinations of a given set - apply filters to each generated word - apply filters to an input file or a wordlist - apply filters from another wordlist - merge two wordlists and apply filters to each generated word *USAGE:* perl wepbuster [channel(s)] perl wepbuster [sort | connect] [hostname/ip address] perl wepbuster permute [OPTIONS] or perl wepbuster --help | --man for list of all supported options. *REQUIREMENTS:* - aircrack-ng 1.0 - perl installation with standard libraries (threading support) - perl modules (http://search.cpan.org) - Term::ReadKey - Expect.pm - Getopt::Long - File::Slurp - Number::Range - Algorithm::Permute - Pod::Usage - macchanger (www.alobbs.com/macchanger) - miscellaneous unix programs - ifconfig, iwconfig, rm, pkill, stty, cp, touch, mv, route, ping, dhclient, netstat *WEP CRACKING PROCESS:* When invoked without any arguments, the program initially builds a list of all WEP-enabled access points within the range using airodump-ng(1) on each non-overlapping channel of the country specified. (US 1, 6, 11 and EU 1, 5, 9, 13). If there's any, associated stations are also saved for use in mac address spoofing when dealing with access points with hidden SSIDs or those with mac address filtering enabled. Once done scanning, the automated WEP cracking begins. The script will go through the list and attempt to crack each access point listed. A white list (known_ap.txt) and black list (bad_ap.txt) text files on the current working directory are consulted to know if a particular access point is to be skipped or not. The first step in the actual WEP cracking is to associate the cracking station using aireplay-ng(1) to the target access point. Shared-key authentication (SKA) is also done automatically. If the SSID is unknown or hidden , association will not be possible hence, the script will use aireplay-ng to launch deauthentication attacks in order to reveal the ssid. Once associated, the script will use aireplay-ng(1) to launch an arp-replay attack against the access point. When a particular period has elapsed and the IV count did not increase significantly, fragmentation attack will be launched. If fragmentation attack was successful (keystream was found), the script will use packetforge-ng(1) in order to build an arp packet to be used in arp-replay attack. If unsuccessful, fragmentation attack will be stopped and rebroadcast attack (-p0841) will be tried next. If all goes well, wepbuster should display the IV counts as they increase. When enough IVs are collected, the script will launch aircrack-ng(1) and will try to crack the WEP encryption key using the collected data packet dumps. If successful, the WEP key will be saved into the text file "owned.txt" in the current working directory. This entire process is repeated until all the access points included in the initial list are processed. *WORDLIST GENERATOR:* The key to a successful bruteforce attack is to have a good dictionary file. It is a known fact that at this point, one cannot just create a dictionary file by generating all the possible combinations of all the character sets and expect to make it useable upon completion, if at all. Building a dictionary file for bruteforce password guessing is a tricky exercise. People came up with various ideas such as crawling a website in order to extract unique words from it, word association using data mining, "leetifying", case switching (e.g., lower to upper), mutation, etc. WEPBuster is capable of generating all combinations of a given set and at the same time apply filters to each generated word in order to make the resulting word list size significantly smaller. Regards *InfoSecWorld :)* -- You received this message because you are subscribed to the Google Groups "nforceit" group. To post to this group, send an email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/nforceit?hl=en-GB.
