RWSPS: Cracking the Wireless Network Security: Aircrack-ng – [ch3pt1]

Introduction-to-aircrack-ng-rootsh3ll

 

Introduction to Aircrack-ng Suite of Tools

Hello friends,

This is the First part of Chapter 3 from the “Rootsh3ll WiFi Security and Pentesting Series”. In case you missed the series you can start following here.

In Chapter 2, We will cover:

  • Introduction to Aircrack-ng Suite of tools
  • Introduction to Wireshark
  • WEP cracking using Aircrack-ng
  • WPA/WPA2 Personal cracking using Aircrack-ng
  • WPS cracking

As every topic above is crucial to understand, This chapter will have a dedicated post on each topic. Hence, the first part(out of 5) will cover the “Introduction to Aircrack-ng Suite of tools

Checkout my new store for Best WiFi adapters for Hacking, Best-selling Pentesting Books and Best WiFi Boosters: Rootsh3ll rStore

Lets begin!

When we begin and expertise in wireless hacking, some helpful tools are always with the Hacker, Aircrack-ng suite of tools

What is Aircrack-ng ?

Aircrack-ng is a suite of tools use by beginners and experts for Wireless sniffing, cracking and creating rogue AP’s.

Conventional definition goes like :

Aircrack-ng is an 802.11 WEP and WPA-PSK keys cracking program that can recover keys once enough data packets have been captured

Aircrack-ng suite include tools like:

  • Airmon-ng
  • Airodump-ng
  • Airbase-ng
  • Aireplay-ng
  • Airolib-ng
  • Aircrack-ng
  • and lots more

We will discuss about the tools above, as they are most frequently used tools and used in almost every Wireless Pentest.

Aircrack-ng comes for Linux, Mac, and Windows and comes pre-installed in Kali Linux. We can manually install Aircrack-ng on Linux, Mac or Windows.

Download Aircrack-ng

Latest version of Aircrack-ng can be downloaded from its official site, Aircrack-ng.org

For Linux and Mac, it can be installed from source code, and

For Windows, Aircrack-ng provides pre-compiled binaries. You can download the zip here

Install Aircrack-ng

In Windows, Aircrack-ng comes in a download-and-execute pre-compiled binary package.

Installing on Windows:

  • Unzip aircrack-ng*.zip (aircrack-ng-1.2-rc2-win.zip, as latest version)
  • Start using

Here is complete tutorial on installing on windows

There are 2 ways of installing Aircrack-ng in Linux:

  1. Using terminal
  2. Using source-code

We will take an example of

Installing Aircrack-ng on Ubuntu

From Terminal:

apt-get is the package installer in Ubuntu.

different distributions have different package installers.

example,

For Red Hat: yum

Arch Linux: pacman

Debian(Kali Linux): apt-get, or aptitude

to install in your distribution type the above command just replace apt-get with your package installer.

 

From Source code:

Installing aircrack-ng from source code on any distribution is quite the same, because the code is written in C language and the C compiler on the system automatically compiles the code for the installed operating system.

Lets see how to install from source code,

Open Terminal and type:

Here, we changed the directory to Desktop. and downloaded the source code using wget command.

Extracted the downloaded tar.gz file using tar command

Why we are using sqlite=true is to add Airolib-ng support in the Aircrack-ng. We well see the use of Airolib-ng for Boosting WPA2 cracking speed in upcoming chapters.

For installing on Mac OS X you can click here

 

Now lets start using the aircrack-ng suite of tools

1. Make sure your wireless card is connected. Then open Terminal.

2. Type ifconfig and check your wireless interface, wlan3 in my case and we will be using wlan3 in the tutorial

 

If you type iwconfig wlan3 you should get something like this:

You can see Mode:Managed,  now

What is managed mode ?

By default our wireless card works on Managed mode i.e it will only accept the traffic from the Access point it is associated(connected) to.

And for Wireless sniffing our card has to be in monitor mode so that it can receive traffic from any Wireless network without associating with it.

Here comes the first tool of Aircrack-ng suite of tools.

Airmon-ng

This tools is used to put the wireless card from Managed to Monitor mode and Vice-versa. Lets see how to put wireless card into monitor mode.

Put card into Monitor mode:

It will create an interface with name mon0, check using ifconfig.

Put card into Managed mode:

Here mon0 can be replaced by mon1, mon2, etc if multiple monitor interfaces are running..

Now we need to start sniffing the air. It can be done using

Airodump-ng

Airodump-ng allows us to

  • Sniff the air using mon0 interface
  • Dumping the captured packets into a “.cap” file, and
  • Lots of INFORMATION !!!

Lets start airodump-ng

This is the basic command to run airodump-ng on mon0 interface.

It will show an out put screen like this:

We will cover the important information from the above output.

Line 1:

CH 4: Channel on which our card is currently scanning.

NOTE: As Wireless card is a type of radio, it can work on one channel at a time. You will see the Channel no. changing very frequently, this is called Time Division Multiplexing.

others are time elapsed and current Date-Time.

Line 3:

BSSID(Basic Service Set IDentifier) : MAC address of the Access point.

PWR: Signal strength of the incoming network, SI unit is dBm, greater the value in negative, weaker the signal strength.

ENC: Encryption type. can be Open, WEP, WPA/WPA2

ESSID: Access point name

Line 10:

Station: Client that is associated with the corresponding BSSID

Probe: Request sent by the Client for the Access point it was previously connected to. “rootsh3ll” in this case, see Line 13.

Press CTRL-C to stop scanning.

Data packets can be captured and saved into file using -w option with airodump-ng. Example

Press ^C to quit and Type ls test_data_capture*

Here airodump-ng has saved the output in .cap, .csv and .netxml format for different use.
We will use .cap file for our cracking process in this series.

Above steps has to be followed in every Pentest we will do. We will see the use of remaining tools

 

  • Airbase-ng
  • Aireplay-ng
  • Airolib-ng
  • Aircrack-ng

 

in upcoming chapters accordingly.

Conclusion

We learned to install aircrack-ng on Linux and windows systems. Putting wireless card on monitor mode and scanning the air and saving the information to a file for future use. as it will be used in WEP and WPA/WPA2 cracking.

Useful Links:

Router:

TP-LINK TL-MR3420 300 MB/s Wireless Router 2x 5dBi antennas

Network Adapters:

Alfa AWUSO36NH High Gain B/G/N USB / Alfa AWUS036NHA B/G/N USB

High Gain Antenna:

Alfa 9dBi WiFi Omni-Directional High-Gain Antenna

USB Drive (32 GB):

SanDisk Ultra Fit  USB 3.0  32GB Pen Drive (International)

SanDisk Ultra USB 3.0 32 GB Pen Drive (India Only)

 

Any question ? Let me know, I will be glad to know and answer all your queries in the comments.

Don’t forget to share the post with all of your friends!

 

 

 

 

468
  • ibrahim

    Sir This Very Help Full.. Sir Can You Post how to protect our wifi from hacking… And Post More About wireshark how to snaffing using lan during chat with someone..
    And Very Very Thanks For Share With Us….

    • Thank you ibrahim, i am glad it helped you. 🙂
      You can use WPA2 type security for your wireless network with a strong password(AlphaNumeric).
      That’s what the next post(ch3pt4 of RWSPS) is all about.
      Sniffing the LAN using Wireshark is the first part of chapter 7 of the same series
      stay tuned for more on this series.

      looking forward to hear more from you.

      • ibrahim

        Thanks For Your Reply Sir And please improve your website theme and tags to find posts and other things….

        • Thanks for your feedback ibrahim.
          As soon as series is complete, I will start working on that too.

      • ibrahim

        And Sir Also Make a Post About How many chapter are there and how many parts of chapter ohh sory i dn’t see a post i forget but also put a link becuase it is easy find post for example chapter 2 part 1 we click on it direct send me to that post….

        • Links are already hyperlinked with the title post, you can always visit this page and follow related chapter.

          As Chapter 2 was completed in a single go. You can directly click on the title of the chapter, it’s in green 🙂

          • ibrahim

            thanks bro

          • ibrahim

            Can tell me about monitor modes what is that whats for and also mon0 i google it but don’t understand…. Sorry for silly question because i am new to kali linux and i went its basic to learn about kali and all comments of kali linux…

          • ibrahim

            ohh i mis that line about monitor mode managed mode… My English is not strong so again sorry… and is there any way to contact with you in private just google plus msg or other

          • You can drop me a mail anytime on harry@rootsh3ll.com
            or follow rootsh3ll on Facebook | Twitter

            Hope you got all your answers clear. If not, feel free to ask. 🙂

  • Will

    Well, I barely understand this, but tried to follow these steps. Unfortunately, i had ‘command not found’ for everything =[ Mac OC X EL Capitan 10.11.4. I downloaded all files required though

  • yeah

    Hey.
    What’s the difference in putting wireless card monitor mode between: 1)airmon-ng like you showed and 2)ifconfig stop
    iwconfig mode monitor
    ifconfig start

    im curious because i have always been using the 2nd way to put it in monitor mode, so what’s the difference between these two..?
    thanks for the answer

Shares
Share This