This entry was posted on Wednesday, April 4th, 2007 at 8:48 PM and is filed under Apple, FreeBSD, Friends & Family, Hacking, Mac, Security, Software, Wireless. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.
Lately, Chris and I have been rekindling our love of wireless technologies. We’ve been doing some wardriving and have also been messing around with WEP and WPA cracking again (See the notice at the bottom of this page). Chris has been able to successfully crack his WEP keys before using the tools available in the Aircrack Suite on Linux, Debian to be more specific. Now, me on the other hand, I’ve never been able to crack my WEP key.
My first attempts were flawed because I was never able to successfully patch the drivers for my ORiNOCO Classic Gold PCMCIA card under Fedora Core Linux. I needed to patch my drivers so I could put my card into monitor mode for use with Kismet or the Aircrack Suite.
Once I came back to the *NIX (Unix/Linux) world and reentered the game with FreeBSD, my Orinoco Classic Gold card was fully supported. I could put the card into monitor mode and what not but for some reason I could never get it working with Kismet. I then moved to a Linksys WPC55AG ver. 1.1 PC Card which uses an Atheros chipset and therefore was supported with the the ath driver under FreeBSD. Now Kismet was happy, but guess what?! The full set of tools included in the Aircrack Suite wasn’t completely ported to FreeBSD… Tough break!
Here it is 2007 and I’m sporting a 13″ Apple MacBook. The best commercially supported Unix on the market, in my opinion. I’ve blogged about it before and I’ll reiterate it here again that KisMAC is an extremely nice application for keeping your eye on wireless activities. Well, I recently found out that its also an extremely powerful tool for attempting to crack WEP keys and that it also supports my newly acquired D-Link DWL-122 wireless USB stick for performing such tasks.
I have made two attempts to crack my APs WEP key and both have failed miserably. I’m not sure what is happening, but once I have gathered almost 30k packets and am injecting weak IV packets back into the mix, the application kind of locks up. It doesn’t lock up completely as it is still capturing data and injecting packets, but every option in the drop down menus of the application become disabled/grayed out. It makes it kind of hard to do anything else with the application since your hands are tied and you can’t even save your data, attempt a crack of some sort, or even exit the application properly.
So, I have ordered another KisMAC supported USB wireless NIC. I purchased 4 (I couldn’t pass up the price they were being sold at on eBay and they’re supported on Linux as well as Macintosh) Ashton Digital WRUB 2011i NICs. I only bought two items off of eBay but there are two NICs in each box. Hopefully, this is better supported in KisMAC as I read some documentation about some issues with the DWL-122… after I bought it of course.
Hopefully, once these new NICs arrive I will finally be able to crack my WEP key for the first time. I look forward to the day when I am able to do this on a platform of my choice and I don’t have to break down and run Debian like Chris just to be cool and crack my WEP key! Of course, there’s always virtual machines… Maybe I could run Debian in Parallels on my MacBook and crack WEP that way… It’d still be done “from a Mac”, right?!
Until next time…
Notice: No, we’re not trying to crack our WEP keys so we can learn to do something malicious to anyone else’s network. We’re merely interested in the technologies involved in cracking such keys and the fact that the “security” vendors are selling us is so easily penetrable. Its research ladies and gentlemen. That’s it!
Bookmark to:
11 Responses to “WEP Cracking: History and Mac Specifics”
Leave a Reply
Flickr Updates
May 4th, 2007 at 3:50 AM
Hey Jeff, I’d bought a macbook too and I had probed various usb wifi sticks but no one is running on kismac (on passive mode and with packet injection).
I had searched your email contact in this web to talk about chipset and the ebay vendor to see if it’s posible buy a couple of same “Ashton Digital WRUB 2011i” as yours.
Please contact me (mail or r0sk at freenode). Thanks in advance.
FromMay 4th, 2007 at 7:31 AM
r0sk,
Here is a link to an eBay auction for the same USB sticks I purchased, and at $12.49 USD, its a hard deal to pass up. Remember, you get two sticks for this price.
I’ll drop you a line via e-mail in a little bit so you can correspond with me if you have any further questions. But, as always, comments are always welcomed!
eBay Auction: Ashton Digital WRUB 2011i
Jeff
FromMay 4th, 2007 at 9:23 AM
Lots of thanks by the link, I have bought one of them (two sticks in same pack :D). I hope it runs so well with wep wireless and packet injection on macbook-kismac.
I hope to read your mail soon (and to write more comments here -sorry cuz of my damn english-).
FromMay 4th, 2007 at 10:24 AM
No, r0sk. Your English is great. We get a number of people from different countries posting here and on my other blog, averageadmins.com so we’ve learned how to decipher broken English. just don’t ever expect me to speak any other languages with you as I am terrible with all of them. I even have issues with English fro time to time!
Let me know how it works when you get the sticks in. It appears to work great with my setup. However, I haven’t been patient enough to wait for all the needed packets so I can try and decrypt the key.
I’ll holler at you via e-mail soon.
Jeff
FromMay 21st, 2007 at 10:02 AM
Hey Jeff, the sticks has arrived this morning!. I have configured on kismac with his appropiate -passive- driver, any tip/howto/config to read? ;).
Thanks in advance.
FromMay 21st, 2007 at 7:48 PM
Hey, r0sk! See if this video doesn’t get you started.
Let me know how it turns out!
Jeff
FromJuly 10th, 2007 at 6:39 PM
any luck on getting your network keys? Have been doing allot of reading and there are not too many options out there that are as cheap as this. Let me know, Thanks in advance!
FromJuly 15th, 2007 at 8:44 PM
No luck yet, Felipe. I haven’t tried in a while, though. Maybe I’ll give it another shot here soon.
Cocoa
FromJuly 18th, 2007 at 6:15 PM
I have it injecting packets but it is really going slow. I believe the amount of packets I receive is based on how much traffic is going thru the wireless network. Way too slow to be worth anything.
I did try Backtract 2 which is a bootable CD and a WUSB54g vers. 4. This works great except for one thing. I am not too great at linux so I can’t stand having to remember all of the commands in order to get things done. An alternative would be gkismet but I do not think it is in the backtrack 2 disk. Do you know of any other distro’s out there that are in a bootable format that come with the gkismet app?
Running a Macbook Pro C2D 2.16 WRUB-2011I Stick
FromJuly 19th, 2007 at 7:50 AM
I have the same issue, Felipe. I don’t have enough traffic on my network to generate enough weak packets to make injection a worth while adventure.
I have used BackTrack 2, and have a post hiding in limbo of how to install it into a Parallels VM, but I haven’t ever tried WEP cracking with it.
I will look around and see if I can find another Live CD/DVD with gkismet on it.
Cocoa
FromJuly 19th, 2007 at 11:32 AM
I have done some looking around at different live distros this AM but haven’t really come up with any that claim to have gkismet by default. One that does is the Wireless Hackers Security Disk but it is for sale on eBay for $6.99.
I’ll keep looking, Felipe.
Cocoa
From