Aircrack-ng on OSX from zero-starting detection

Source: Internet
Author: User
Tags tmp folder

Continue with the previous article, after installing the aircrack-ng, you need to learn how to detect the target. Find a tutorial followed by learning it. In fact, online about the use of Aircrack-ng tutorial is still a lot of, I also refer to a lot, but finally the official tutorial as the standard is better. The approximate process is mainly for the following steps: 1, detect the network card, 2, listen to the wireless network, get the handshake packet, 3, according to get handshake packet crack password.

1, detect the network card. This step I ignored, because the use of the MacBook own network card, also does not use a separate wireless card, it does not need to detect, direct ifconfig look at the MAC address and network card name is good.

2. Listen to the wireless network. Here we begin to enter the theme. At the beginning of the monitoring process found some aircrack-ng in the OSX use of some of the problems, mainly aircrack-ng a subsidiary tool Airmon-ng can not work correctly in the OSX environment,

This will prompt wireless tools not found, because Airmon-ng relies on Wireless-tools, and Linux Wireless-tool has problems compiling on OSX. If using Wireshark's Mon mode is also a problem, Wireshark's listener believes that the Mac's NIC does not support listening mode. Here, in fact, OSX itself has a command line tool: Airport, the use of this tool can be easily implemented in the Airmon-ng function, in a very convenient scanning surface and monitoring. Simply introduce the usage of the airport.

1, scan. Command: Airport en0 scan. You can use grep for filtering, such as airport En0 scan |grep WEP or airport en0 scan |grep WPA

2, monitor. Command: Sudo airport en0 Sniff 6. En0 is the name of the network card used, sniff represents the mode, and 6 represents the channel.

After executing this command, the listening mode is turned on and you can see that the link status of the wireless network has changed.

Wait for a period of time, after you can press Control+c end listening, when you see the prompt, a airportsniffxxxxxx.cap file is saved in the/tmp folder. Where xxxxxx is the only one, do not worry that multiple listeners will overwrite the file. You can now open it online using a network analysis tool like Wireshark.

3, cracked. Command: Aircrack-ng-w ~/wordlist.txt/tmp/airportsniffjaek7v.cap. -W means using a dictionary, ~/wordlist.txt is the path to the dictionary, and/tmp/airportsniffjaek7v.cap is the file that was just listening for the build. This file will be parsed after execution, and you will be asked what the target network is.

At this point you have to pull up to the top of the position, you can see the information of the handshake package obtained.

See the row with index 3 to get a handshake packet. We enter 3, and enter. You can see the password of the cracked!!!

Summary: In the whole process, encountered a lot of problems, slowly groping and try to find and solve, hands-on process is very important. As the beginning says, this time it is mainly to achieve the purpose of the principle. There is basically no learning principle of knowledge, in fact, just learned to use tools only, this is very bad, to know it, know its why is the kingly way. After a day of practice is to achieve the goal of success. The ultimate goal is to continue to follow up on learning principles in the future.

There is today's wireless network is really too fragile, in the company casually swept a few wifi is weak password, easy to crack the password. Such a simple white-level intrusion should be enough to raise awareness of the safety of everyone! Welcome everyone to shoot bricks, study together!

In addition, Aircrack-ng's official website is a lot of information can be consulted, such as FAQs, there are a lot of experience: http://www.aircrack-ng.org/doku.php?id=faq#where_can_i_find_good_wordlists

Aircrack-ng on OSX from zero-starting detection

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.