Searching for Aircrack Howto!
 

Hi,

looks like a nice forum here!

Ok, now my question. I would like to try out aircrack here at my home network. Who can help me with this? A short step by step howto would be great.

Re: Searching for Aircrack Howto!
 

I think, long story short, aircrack will not work properly on a 770. I know, I was bummed too.

Re: Searching for Aircrack Howto!
 

The main problem with the aircrack-ng suite on the N800 (and the N770 to afaik) is that you can't do packet injection. This means that to crack a WEP key you have to wait around until enough traffic passes over the WEP protected link to crack the WEP key. If injection did work, you could effectively create the traffic you need yourself in a few minutes.

But you can use the suite. Try this after installing aircrack-ng
start Xterm, and become root.

Then enter:
airodump-ng wlan0

This will show you what networks are around, and the MAC addresses of the access points and computers which are connected, and what channels they are operating on. Make a note of the channel of the access point you want to test (ie your own one)

Now quit airodump-ng by doing a control c , then restart it by typing

airodump-ng -c X -w mycapture --ivs wlan0

but change the X for the channel number of your access point. This will start capturing data which you will use to crack the WEP key, in a file called mycapture-01.ivs in your home directory

Now you have to wait for a while, till you have captured enough data to crack the WEP key. If the access point is busy then you might not have to wait too long.

Anyway, after an hour or so, you can try cracking it.

Type:

aircrack-ng mycapture-01.ivs

and hope for the best.

aircrack will try to crack the key, and if you have enough data captured it should crack the key eventually. If not, it will keep trying, as you gather more and more data, until you are successful (or never if you are unlucky, or if there is not enough traffic on the network)

The latest version of aircrack-ng (0.9.1 I think) has been compiled for the N770 / N800 and this includes the new PTW wep attack. The PTW attack, which you activate by using the -z option when you use aircrack-ng, can crack keys with far far less captured traffic than the default attacks that aircrack-ng uses without the -z option, but sadly it only works on traffic captured as a result of a certain method of packet injection, and as the Nokias don;t support packet injection you can't use it.

(If you want to test it on the N800, use a capture file generated by traffic injection from another computer. If you have such a capture file, say injection.cap, you can transfer it to the Nokia tablet and test it by typing:

aircrack-ng -z injection.cap

and you should get the key very swiftly indeed)

Hope this helps, and think very hard before cracking someone else's access point as this could get you in trouble in many countries.

EDIT: Make sure you have wirelesstools installed too - see post later in this thread

Re: Searching for Aircrack Howto!
 

Thats an awesome explanation. Thank you much!

Re: Searching for Aircrack Howto!
 

What a great tutorial, finally, a clear and simple guide to basic packet capture.

Sadly, I can't seem to get airodump-ng to display a list of networks, does not seem to get recognized as a valid entry and displays the list of available command line options (-c -w ....)

The aircrack part of the tutorial works great. Since I couldn't generate a packet dump with airodump, I've used Kismet, but I really hate having to reboot after it's usage (fearing a WSOD), and would much prefer if I could get airodum to function.

Re: Searching for Aircrack Howto!
 

oprion - that's very strange that airodump-ng doesn't work. You definately seem to be typing the right command.

Just as a matter of interest, if you type ifconfig does wlan0 show up?

airodump-ng on the N800 is a little flakey anyway - I think because of driver issues you tend to get phantom APs as well as real ones showing up, and it will sometimes misdiagnose WEP protected APs as WPA2 etc etc. I don't know if the same is true on a N770

Re: Searching for Aircrack Howto!
 

Hey Mfresh, I too am having the same problem getting airodump-ng to work. Gaining root is no problem, and I have tried a number of airodump commands all which return the same error... "Can't find wireless tools, exiting." And if I just type airodump-ng wlan0 I get the same command list that opiorn gets.

Soo.... i tried the ifconfig and wlan is nowhere to be found. just lo. Any ideas? PS, thanks for your help.

Re: Searching for Aircrack Howto!
 

open xterm
sudo gainroot
apt-get install wirelesstools

Re: Searching for Aircrack Howto!
 

DUDE, THAT WORKED... brendan, THANK YOU!

Re: Searching for Aircrack Howto!
 

Nice one brendan