Sunday, 24 November 2013

Aircrack-ng: Sniffing for Initialization Vectors (IVs)

To start using Aircrack-ng first issue the following command to see your interfaces;

Now that I know what interface I can use to start sniffing I can issue the following commands;

  • sudo airmon-ng start wlan0

If you re-enter the iwconfig command you can verify that mon0 is working.

Now enter the following command;

  • airodump-ng mon0

This will present the following, currently it will scan all channels 1 - 14;

I know on my laptop the channel is set to -1 and does not scan. You can however, specify a channel.

This is also useful because of the channel hopping you will not capture all of the frames/packets of your target.

This is my own router that I am targeting;

All of the data will be dumped into a file. From which can be used for cracking WPA2 and WEP.

To crack WEP you will need around 40k - 85k different Initialization Vectors.

If the network is not busy it will take a very long time. You can speed it up by using an active attack (=packet replay).

I'm going to leave it here for this post. To stop sniffing use the following command;

  • sudo airmon-ng stop mon0

If you do have problems with your wireless connection use the following commands;

  • sudo ifdown -a
  • sudo ifup -a