- This is my written tutorial on WEP wifi cracking using Gerix-wifi-cracker in Backtrack 5 and 5r1.
- All words in [ ] are either tabs or buttons we will use in gerix.
- First off go to applications> exploitation tools> wireless exploitation> WLAN exploitation> gerix-wifi-cracker-ng.
- Once gerix opens, go to the [configuration] tab.
- Click on your wlan0 interface.
- Click on [enable/disable monitor mode]
- -gerix will now start a new interface- mon0
- Click [set random MAC address]
- Now go down towards the bottom of that same window and find the -channel- drop down menu.
- -Find -all channels- and click that
- Next to that is the -seconds- drop down menu.
- -Choose somewhere between 5 and 15
- Click [rescan networks]
- Gerix will display all the visible wifi networks
- Look in the ENC column and make sure the network you wish to crack is WEP WEP now click on that network
- Go to the [WEP] tab
- -After that click [start sniffing and logging]
- -gerix will open a black window labeled (sniff-dump...blah blah blah)
- Now make sure the AUTH column in the sniff-dump window says OPN
- -this is to make sure that this network will allow a fake authentication connection
- -if it does say OPN then you can continue if not you must choose a network that does in order to crack
- -leave the sniff-dump window open. You will need it.
- Go to WEB attacks (no-client)
- Under "fragmentation attack" options click [associate AP using fake auth]
- Then click on [fragmentation attack]
- -a new window will open
- -whenever it says "use this packet" type "Y" and then "enter"
- -continue this until it say something like "saving key stream in fragment......"
- - then close that window
- Now go back to gerix and click [create the ARP packet.....]
- Next click [inject the created packet on victim access point]
- -this will again open a new window labeled something like "output_FORGED2 mon0"
- -again type "Y" and "enter"
- -it should start injecting
- Look at the sniff-dump window and watch until the #data column reaches between 10000-20000.
- -the higher the number the more success the crack will be
- -once it reaches your target number, stop injecting and sniffing but closing the "output" and "sniff-dump" windows
- Lastly go to the [cracking] tab
- -click [aircrack-ng decrypt WEP password]
- -the last window will pop up, labeled "aircrack-log.txt"
- -it is now decrypting the password
- -once it is done it will display "KEY FOUND" and give you the key in a "XX:XX:XX:XX:XX" format
- - this is your cracked password, just don't use the colons when trying to connect to the network
- This is a quick run through of gerix-wifi-cracker
- If you have any questions or problems either comment or send me an email at firstname.lastname@example.org. But make sure the subject says "gerix-wifi-cracker" or I may not even open it.
Cripticassassin Dec 16th, 2011 9,843 Never
RAW Paste Data