Use spoonwep2 in backtrack 3 to crack WEP-encrypted wireless router A (17:15:26)
Tags: Computer AP wireless router packet key |
|
Use spoon in backtrack 3
Computer Broadcom wireless Nic CISC
Using spoonwep2 in backtrack 3 to crack the WEP-encrypted wireless router AP Experiment
I. Hardware
HP nc6400 laptop I. Hardware HP nc6400 notebook
Broadcom wireless network card
Cisco Wireless AP
O Wireless ap ii. Software XP backt
Ii. Software
XP
Backtrack 3.0 PC Broadcom wireless network card CISC
Spoonwep2 Software
Iii. Use spoon in backtrack 3 during WEP cracking
1. Start the backtrack3 System
NTFS hard drive perfectly starts bt3 optimized final version (Version 3.1)
Configuration can be completed in three steps: o Wireless AP 2, software XP backt
Step 1: Decompress the three attachment files and place them in the root directory of drive C;
Step 2: Download the ISO image file of the bt3 final official version, decompress it with software such as winiso or WinRAR, and put the decompressed boot and bt3 folders to the root directory of the D Drive, note that the bt3 folder name must be in uppercase; otherwise, it cannot be started. Of course, you can also store it in the root directory of the E drive, F drive, or G drive, and make the appropriate selection at startup;
Step 3: edit the boot. ini file in the System Properties of the control panel, and add a line in the file: WEP2 cracking the WEP-encrypted wireless router AP
C:/grbt3 = start backtrack
Save and exit.
After the settings are complete, restart the computer. Use spoon in backtrack 3
When the start option appears, select start backtrack.
Directly go to the bt3 Interface
Test 1. Hardware HP nc6400 notebook
2. Use spoonwep2 to crack the WEP wireless network Cisco AP
1) load the wireless NIC Driver
Open a new shell window to test the hardware HP nc6400 notebook
Command: ifconfig-
View the Interface Name of your wireless network card
Command: ifconfig-A eth0 upo Wireless AP 2. Software XP backt
The wireless NIC Driver is loaded.
Command: iwconfig
Check the NIC status. Computer Broadcom wireless Nic CISC
2) use spoonwep2
Open a new shell window o Wireless AP 2. Software XP backt
Command: spoonwep
Start spoonwep2.
O Wireless ap ii. Software XP backt
Menu 1:
Test 1. Use spoon in hardware HP nc6400 notebook backtrack 3
WEP2 cracking WEP-encrypted wireless router AP
Menu 2:
Test 1. Hardware HP nc6400 laptop Broadcom wireless network card CISC
Computer Broadcom wireless Nic CISC
Menu 3:
O Wireless AP 2, software XP backt Test 1, hardware HP nc6400 notebook
WEP2 cracking WEP-encrypted wireless router AP
Attack method:
1. ARP-request Injection Attack Mode
This mode is an effective attack mode that analyzes and resends packets after capturing packets. You can use either a valid client or-1 to use a virtual connection as a disguised client. If there is a valid client, it usually takes several minutes to allow the legitimate client to communicate with the AP, a small amount of data can generate a valid ARP request to be successfully injected using the-3 mode. If no communication exists and ARP request cannot be obtained, the attack will fail. If there is no ARP request between the valid client and the AP for a long time, you can try to use the-0 attack at the same time. If there is no valid client, you can use-1 to establish a virtual connection of the disguised client, the connection process to obtain verification data packets, resulting in a valid ARP request. Then inject data in the-3 mode. Use spoon in backtrack 3
2. The chopchop attack mode is used to obtain an XOR file containing key data.
This mode is mainly used to obtain an XOR file that can use key data and cannot be used to decrypt data packets. Instead, it is used to generate a new backtrack 3 using spoon
So that we can inject data packets.
3. Fragment fragment attack mode is used to obtain prga (files with a suffix of XOR containing the key) spoon in backtrack 3
This mode is mainly used to obtain a usable prga. The prga here is not WEP key data and cannot be used to decrypt data packets. Instead, it is used to generate a new data packet so that we can inject it. The working principle is to re-broadcast the target AP packet. When the AP rebroadcasts, a new IVS will be generated, and we will use this to crack it.
4. Interactive Mode o Wireless AP 2. Software XP backt
This attack mode is a collection of packet capture and data extraction attack packets. This mode is mainly used to crack client-less attacks. First, use-1 to establish a false client connection and then launch a packet attack directly.