Thanks for the info burra. On 9 August 2010 15:16, Srinivas.Burra <[email protected]> wrote:
> *Hi Friends, > > Anybody is working on WIFI hacking or need to learn: please read and post > the new things. > > > WEPBuster 1.0* > > This small utility was written for information security professional to > > aid in conducting Wireless Security Assessment. The script executes > > various programs included in the aircrack-ng suite - a set of tools for > > auditing wireless networks, in order to obtain the WEP encryption key of > a wireless access point. WEPBuster also has a wordlist generator > > which can be used in creating "dictionary" files for WPA Pre-Shared Key > > cracking and for other related tasks. aircrack-ng > > can be obtained from http://www.aircrack-ng.org > > *Features:* > > Cracks all access points within the range in one go!! > Supports: > > WEP Cracking: > > - Mac address filtering bypass (via mac spoofing) > > - Auto reveal hidden SSID > - Client-less Access Point injection (fragmentation, -p0841) > > - Shared Key Authentication > > - whitelist (crack only APs included in the list) > > - blacklist (do not crack AP if it's included in the list) > > > Wordlist Generator: > > - generate all combinations of a given set > - generate all unique combinations of a given set > - apply filters to each generated word > - apply filters to an input file or a wordlist > > - apply filters from another wordlist > - merge two wordlists and apply filters to each generated word > > *USAGE:* > > perl wepbuster [channel(s)] > > perl wepbuster [sort | connect] [hostname/ip address] > > perl wepbuster permute [OPTIONS] > or > perl wepbuster --help | --man for list of all supported options. > > > > > *REQUIREMENTS:* > > > > - aircrack-ng 1.0 > > > - perl installation with standard libraries (threading support) > > - perl modules (http://search.cpan.org) > > - Term::ReadKey > > - Expect.pm > - Getopt::Long > > - File::Slurp > - Number::Range > > - Algorithm::Permute > - Pod::Usage > > > - macchanger (www.alobbs.com/macchanger) > > > - miscellaneous unix programs > - ifconfig, iwconfig, rm, pkill, stty, cp, touch, mv, route, ping, > > dhclient, netstat > > *WEP CRACKING PROCESS:* > > When invoked without any arguments, the program initially builds a list > > of all WEP-enabled access points within the range using airodump-ng(1) on > > each non-overlapping channel of the country specified. (US 1, 6, 11 and > > EU 1, 5, 9, 13). If there's any, associated stations are also saved for > > use in mac address spoofing when dealing with access points with hidden > SSIDs or those with mac address filtering enabled. > > Once done scanning, the automated WEP cracking begins. The script will go > through the list and attempt to crack each access point listed. A white list > > (known_ap.txt) and black list (bad_ap.txt) text files on the current working > directory are consulted to know if a particular access point is to be skipped > or not. > > The first step in the actual WEP cracking is to associate the cracking > > station using aireplay-ng(1) to the target access point. Shared-key > authentication (SKA) is also done automatically. If the SSID is unknown or > hidden , association will not be possible hence, the script will use > > aireplay-ng to launch deauthentication attacks in order to reveal the ssid. > > Once associated, the script will use aireplay-ng(1) to launch an arp-replay > attack against the access point. When a particular period has elapsed and > > the IV count did not increase significantly, fragmentation attack will be > launched. If fragmentation attack was successful (keystream was found), the > script will use packetforge-ng(1) in order to build an arp packet to be used > > in arp-replay attack. If unsuccessful, fragmentation attack will be stopped > and rebroadcast attack (-p0841) will be tried next. > > If all goes well, wepbuster should display the IV counts as they increase. > > When enough IVs are collected, the script will launch aircrack-ng(1) and > will try to crack the WEP encryption key using the collected data packet > dumps. If successful, the WEP key will be saved into the text file "owned.txt" > > in the current working directory. This entire process is repeated until all > the access points included in the initial list are processed. > > > *WORDLIST GENERATOR:* > > The key to a successful bruteforce attack is to have a good dictionary file. > It is a known fact that at this point, one cannot just create a dictionary > > file by generating all the possible combinations of all the character sets and > expect to make it useable upon completion, if at all. > > > Building a dictionary file for bruteforce password guessing is a tricky > exercise. > People came up with various ideas such as crawling a website in order to > extract > > unique words from it, word association using data mining, "leetifying", case > > switching (e.g., lower to upper), mutation, etc. > > > WEPBuster is capable of generating all combinations of a given set and at the > > same time apply filters to each generated word in order to make the resulting > word list size significantly smaller. > > Regards > > *InfoSecWorld :)* > > > -- > You received this message because you are subscribed to the Google Groups > "nforceit" group. > To post to this group, send an email to [email protected]. > To unsubscribe from this group, send email to > [email protected]<nforceit%[email protected]> > . > For more options, visit this group at > http://groups.google.com/group/nforceit?hl=en-GB. > -- Regards, kishore sangaraju -- You received this message because you are subscribed to the Google Groups "nforceit" group. To post to this group, send an email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/nforceit?hl=en-GB.
