Aircrack-ng
Encyclopedia
Aircrack-ng is a network software suite consisting of a detector, packet sniffer
, WEP
and WPA
/WPA2-PSK cracker and analysis tool for 802.11 wireless LAN
s. It works with any wireless network interface controller whose driver supports raw monitoring mode
(for a list, visit the website of the project or http://wiki.remote-exploit.org/index.php/HCL:Wireless) and can sniff 802.11a, 802.11b and 802.11g traffic. The program runs under Linux
and Windows
; the Linux version has been ported to the Zaurus
and Maemo platforms, and a proof-of-concept port has been made to the iPhone
.
In April 2007 a team at the Darmstadt University of Technology
in Germany
developed a new attack method based on a paper released on the RC4 cypher by Adi Shamir
. This new attack, named 'PTW', decreases the number of initialization vector
s or IVs needed to decrypt a WEP key and has been included in the aircrack-ng suite since the 0.9 release.
Aircrack-ng is a fork of the original Aircrack project.
Packet sniffer
A packet analyzer is a computer program or a piece of computer hardware that can intercept and log traffic passing over a digital network or part of a network...
, WEP
Wired Equivalent Privacy
Wired Equivalent Privacy is a weak security algorithm for IEEE 802.11 wireless networks. Introduced as part of the original 802.11 standard ratified in September 1999, its intention was to provide data confidentiality comparable to that of a traditional wired network...
and WPA
Wi-Fi Protected Access
Wi-Fi Protected Access and Wi-Fi Protected Access II are two security protocols and security certification programs developed by the Wi-Fi Alliance to secure wireless computer networks...
/WPA2-PSK cracker and analysis tool for 802.11 wireless LAN
Wireless LAN
A wireless local area network links two or more devices using some wireless distribution method , and usually providing a connection through an access point to the wider internet. This gives users the mobility to move around within a local coverage area and still be connected to the network...
s. It works with any wireless network interface controller whose driver supports raw monitoring mode
Monitor mode
Monitor mode, or RFMON mode, allows a computer with a wireless network interface controller to monitor all traffic received from the wireless network. Unlike promiscuous mode, which is also used for packet sniffing, monitor mode allows packets to be captured without having to associate with an...
(for a list, visit the website of the project or http://wiki.remote-exploit.org/index.php/HCL:Wireless) and can sniff 802.11a, 802.11b and 802.11g traffic. The program runs under Linux
Linux
Linux is a Unix-like computer operating system assembled under the model of free and open source software development and distribution. The defining component of any Linux system is the Linux kernel, an operating system kernel first released October 5, 1991 by Linus Torvalds...
and Windows
Microsoft Windows
Microsoft Windows is a series of operating systems produced by Microsoft.Microsoft introduced an operating environment named Windows on November 20, 1985 as an add-on to MS-DOS in response to the growing interest in graphical user interfaces . Microsoft Windows came to dominate the world's personal...
; the Linux version has been ported to the Zaurus
Sharp Zaurus
The Sharp Zaurus is the name of a series of Personal Digital Assistant made by Sharp Corporation. The Zaurus was the most popular PDA during the 1990s in Japan and was based on a proprietary operating system. The first Sharp PDA to use the Linux operating system was the SL-5000D, running the...
and Maemo platforms, and a proof-of-concept port has been made to the iPhone
IPhone
The iPhone is a line of Internet and multimedia-enabled smartphones marketed by Apple Inc. The first iPhone was unveiled by Steve Jobs, then CEO of Apple, on January 9, 2007, and released on June 29, 2007...
.
In April 2007 a team at the Darmstadt University of Technology
Darmstadt University of Technology
The Technische Universität Darmstadt, abbreviated TU Darmstadt, is a university in the city of Darmstadt, Germany...
in Germany
Germany
Germany , officially the Federal Republic of Germany , is a federal parliamentary republic in Europe. The country consists of 16 states while the capital and largest city is Berlin. Germany covers an area of 357,021 km2 and has a largely temperate seasonal climate...
developed a new attack method based on a paper released on the RC4 cypher by Adi Shamir
Adi Shamir
Adi Shamir is an Israeli cryptographer. He is a co-inventor of the RSA algorithm , a co-inventor of the Feige–Fiat–Shamir identification scheme , one of the inventors of differential cryptanalysis and has made numerous contributions to the fields of cryptography and computer...
. This new attack, named 'PTW', decreases the number of initialization vector
Initialization vector
In cryptography, an initialization vector is a fixed-size input to a cryptographic primitive that is typically required to be random or pseudorandom...
s or IVs needed to decrypt a WEP key and has been included in the aircrack-ng suite since the 0.9 release.
Aircrack-ng is a fork of the original Aircrack project.
Features
The aircrack-ng software suite includes:| Name | Description |
|---|---|
| aircrack-ng | Cracks WEP Wired Equivalent Privacy Wired Equivalent Privacy is a weak security algorithm for IEEE 802.11 wireless networks. Introduced as part of the original 802.11 standard ratified in September 1999, its intention was to provide data confidentiality comparable to that of a traditional wired network... and WPA Wi-Fi Protected Access Wi-Fi Protected Access and Wi-Fi Protected Access II are two security protocols and security certification programs developed by the Wi-Fi Alliance to secure wireless computer networks... (Dictionary attack Dictionary attack In cryptanalysis and computer security, a dictionary attack is a technique for defeating a cipher or authentication mechanism by trying to determine its decryption key or passphrase by searching likely possibilities.-Technique:... ) keys. |
| airdecap-ng | Decrypts WEP or WPA encrypted capture files with known key. |
| airmon-ng | Placing different cards in monitor mode. |
| aireplay-ng | Packet injector Packet injection Packet injection is a computer networking term which refers to sending a packet on a network into an already established connection, usually by a party not otherwise participating in the said connection. This is accomplished by crafting a packet using raw sockets... (Linux, and Windows [with Commview drivers]). |
| airodump-ng | Packet sniffer Packet sniffer A packet analyzer is a computer program or a piece of computer hardware that can intercept and log traffic passing over a digital network or part of a network... : Places air traffic into PCAP or IVS files and shows information about networks. |
| airtun-ng | Virtual tunnel interface creator. |
| airolib-ng | Stores and manages ESSID and password lists; Increases the KPS of WPA attacks |
| packetforge-ng | Create encrypted packets for injection. |
| Tools | Tools to merge and convert. |
| airbase-ng | Incorporates techniques for attacking client, as opposed to Access Points |
| airdecloak-ng | removes WEP cloaking from pcap files |
| airdriver-ng | Tools for managing wireless drivers |
| airolib-ng | stores and manages ESSID and password lists and compute Pairwise Master Keys |
| airserv-ng | allows you to access the wireless card from other computers. |
| buddy-ng | the helper server for easside-ng, run on a remote computer |
| easside-ng | a tool for communicating to an access point, without the WEP key |
| tkiptun-ng | WPA/TKIP attack |
| wesside-ng | automatic tool for recovering wep key. |
See also
- Packet snifferPacket snifferA packet analyzer is a computer program or a piece of computer hardware that can intercept and log traffic passing over a digital network or part of a network...
- SpoonWEP/WPASpoonWEP/WPASpoonWEP/WPA is a GUI that uses Aircrack-ng to autonomously crack WEP and WPA keys. The tool has been included with so-called "network-scrounging cards", which are Chinese USB Wi-Fi adapters that promise Internet access "for free"....
- AirSnortAirSnortAirSnort is a Linux and Microsoft Windows utility for decrypting WEP encryption on an 802.11b network. Distributed under the GNU General Public License, AirSnort is free software. It is no longer maintained or supported.-External links:***...
- BackTrackBackTrackBackTrack is an operating system based on the Ubuntu GNU/Linux distribution aimed at digital forensics and penetration testing use. It is named after backtracking, a search algorithm...
- TCP sequence prediction attackTCP Sequence Prediction AttackA TCP sequence prediction attack is an attempt to predict the sequence number used to identify the packets in a TCP connection, which can be used to counterfeit packets.The attacker hopes to correctly guess the sequence number to be used by the sending host...
External links
- Aircrack-ng Homepage
- Aircrack airodump and aireplay tutorial
- Aircrack-ng suite of wireless tools: Videos
- Aircrack-ng (WEP, WPA-PSK crack) on openSUSE10.1
- Aircrack-2.3 on Windows (Wireless WEP crack)