Aircrack-ng

Please login or register.

Login with username, password and session length
Advanced search  

News:

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Topics - misterx

Pages: [1] 2
1
Annoucements / Remove --ignore-negative-one option
« on: July 14, 2016, 08:23:47 PM »
This option was developed some time ago because drivers had an issue with the channel. Aircrack-ng tools would simply ignore invalid channel when used.

Nowadays, it does not happen anymore, except when network managers, supplicants, etc are playing with the card (which is not a good reason to keep it, anything messing with the card should be killed using airmon-ng check kill/taken care of).

If you have a good reason why it should stay, please update this ticket.

2
Annoucements / Aircrack-ng 1.2 rc4 release
« on: February 14, 2016, 10:19:34 PM »
Fourth release candidate. There will be another one, some small bugs still need to be fixed but it should happen fairly soon. On top of a big speed increase (up to 175% increase) that also fixes compilation on Cygwin 64 bit, it includes a ton of fixes and improvements on Linux, *BSD, Solaris and Cygwin on x86 and Linux on ARM and MIPS.

Changelog:
  • Airodump-ng: Increase console window size.
  • Aircrack-ng: Added time remaining and percentage done when doing WPA cracking with a dictionary (file).
  • Aircrack-ng: Make benchmark last 15 seconds for a more accurate value.
  • Aircrack-ng: Fixed compilation on Cygwin 64 and drastically improve cracking speed for all CPUs (up to +175% performance).
  • Airmon-ng: Improved chipset detection on FreeBSD.
  • Airmon-ng: Display chipset for some Broadcom SDIO.
  • Airbase-ng: Fixed broadcasting 'default'.
  • General: Updated and cleanup TravisCI file to test compilation and testing on OSX.
  • General: Fixed reading large files on Cygwin.
  • General: Fixed a bunch of compilation warnings with gcc and clang.
  • General: Fixed compilation on Solaris, OpenBSD, DragonFlyBSD 4.4, NetBSD, OSX.
  • General: Fixed compilation on ARM and MIPS.
  • General: Improved compatibility on FreeBSD and Cygwin (RAM and CPU detection).
  • General: Fixed gcc segfault on cygwin.
  • General: Memory cleanups, fixed memory leaks and fix other issues reported by Valgrind.
  • Testing: Fixes on various OSes.
  • INSTALLING: Updated installation instructions for different OS.
  • TravisCI: Improved file.

3
Bug reports / Bug in rt2x00 driver bug
« on: February 05, 2016, 09:21:35 PM »
In recent version of the kernel, the rt2x00 driver is unusable in monitor mode due to a bug.

Here is the fix: https://marc.info/?l=linux-wireless&m=145311668331789&w=2

4
Annoucements / Aircrack-ng 1.2 rc3 release
« on: November 21, 2015, 06:09:32 PM »
Third release candidate and hopefully this should be the last one. It contains a ton of bug fixes, code cleanup, improvements and compilation fixes everywhere. Some features were added: AppArmor profiles, better FreeBSD support, including an airmon-ng for FreeBSD.

Changelog:
  • Airodump-ng: Prevent sending signal to init which caused the system to reboot/shutdown.
  • Airbase-ng: Allow to use a user-specified ANonce instead of a randomized one when doing the 4-way handshake
  • Aircrack-ng: Fixed compilation warnings.
  • Aircrack-ng: Removed redundant NULL check and fixed typo in another one.
  • Aircrack-ng: Workaround for segfault when compiling aircrack-ng with clang and gcrypt and running a check.
  • Airmon-ng: Created version for FreeBSD.
  • Airmon-ng: Prevent passing invalid values as channel.
  • Airmon-ng: Handle udev renaming interfaces.
  • Airmon-ng: Better handling of rfkill.
  • Airmon-ng: Updated OUI URL.
  • Airmon-ng: Fix VM detection.
  • Airmon-ng: Make lsusb optional if there doesn't seem to be a usb bus. Improve pci detection slightly.
  • Airmon-ng: Various cleanup and fixes (including wording and typos).
  • Airmon-ng: Display iw errors.
  • Airmon-ng: Improved handling of non-monitor interfaces.
  • Airmon-ng: Fixed error when running 'check kill'.
  • Airdrop-ng: Display error instead of stack trace.
  • Airmon-ng: Fixed bashism.
  • Airdecap-ng: Allow specifying output file names.
  • Airtun-ng: Added missing parameter to help screen.
  • Besside-ng-crawler: Removed reference to darkircop.org (non-existent subdomain).
  • Airgraph-ng: Display error when no graph type is specified.
  • Airgraph-ng: Fixed make install.
  • Manpages: Fixed, updated and improved airodump-ng, airmon-ng, aircrack-ng, airbase-ng and aireplay-ng manpages.
  • Aircrack-ng GUI: Fixes issues with wordlists selection.
  • OSdep: Add missing RADIOTAP_SUPPORT_OVERRIDES check.
  • OSdep: Fix possible infinite loop.
  • OSdep: Use a default MTU of 1500 (Linux only).
  • OSdep: Fixed compilation on OSX.
  • AppArmor: Improved and added profiles.
  • General: Fixed warnings reported by clang.
  • General: Updated TravisCI configuration file
  • General: Fixed typos in various tools.
  • General: Fixed clang warning about 'gcry_thread_cbs()' being deprecated with gcrypt > 1.6.0.
  • General: Fixed compilation on cygwin due to undefined reference to GUID_DEVCLASS_NET
  • General: Fixed compilation with musl libc.
  • General: Improved testing and added test cases (make check).
  • General: Improved mutexes handling in various tools.
  • General: Fixed memory leaks, use afer free, null termination and return values in various tools and OSdep.
  • General: Fixed compilation on FreeBSD.
  • General: Various fixes and improvements to README (wording, compilation, etc).
  • General: Updated copyrights in help screen.

6
Annoucements / Aircrack-ng 1.2 rc2
« on: April 10, 2015, 09:34:20 AM »
Here is the second release candidate. Along with a LOT of fixes, it improves the support for the Airodump-ng scan visualizer. Airmon-zc is mature and is now renamed to Airmon-ng. Also, Airtun-ng is now able to encrypt and decrypt WPA on top of WEP. Another big change is recent version of GPSd now work very well with Airodump-ng.

Changelog:
  • Airtun-ng: Adds WPA CCMP and TKIP decryption and CCMP encryption
  • Compilation: Added support for DUMA.
  • Makefile: Renamed 'unstable' to 'experimental'.
  • Airodump-ng: Fixed XML sanitizing.
  • Airmon-ng: Airmon-zc is now stable enough to replace airmon-ng.
  • Manpages: Removed airdriver-ng manpage and references to it (forgot to do it before the previous release).
  • Manpages: Updated 'see also' references in all manpages.
  • PCRE: Added it in various places and docs.
  • WZCook: Fixed processing values stored in register.
  • Updated a few headers files (if_llc, ieee80211, ethernet and if_arp).
  • Travis CI: updated make parameter and add testing with pcre.
  • Compilation: de-hardcode -lpcap to allow specifying pcap libraries.
  • Makefile: Fixed installing/uninstalling Airdrop-ng documentation files.
  • Makefile: Fixed uninstalling ext_scripts.
  • Airodump-ng: Added new paths (and removed one) for OUI files and simplified logic to find the OUI file.
  • Aircrack-ng: Fixed ignoring -p when specified after -S.
  • Airmon-ng: fixes for openwrt busybox ps/grep issues which do not seem present in other versions of busybox.
  • Airmon-ng: fix vm detection.
  • Airserv-ng: Fixed channel setting (and assert call).
  • Airodump-ng: Fixes to NetXML (unassociated clients missing and various other small bugs) and update the code to match current NetXML output.
  • Airodump-ng: Removed requirement for 2 packets before AP is written to output (text) files.
  • Airodump-ng: Fixed formatting of ESSID and display of WPA/WPA2 (as well as a bunch of other small fixes) in CSV file.
  • Airodump-ng: Fixed GPSd.
  • Airodump-ng: Allow to specify write interval for CSV, kismet CSV and NetXML files.
  • Airserv-ng: Fixed wrong station data displayed in Airodump-ng.
  • General: Fixed 64 bit promotion issues.
  • General: Fixed a bunch of uninitialized values and non-zeroed structures (upon allocating them).
  • General: Added Stack protection.
  • Various other small fixes and improvements.

8
Annoucements / Aircrack-ng 1.2 rc1
« on: November 02, 2014, 10:32:22 PM »
Here is the first release candidate. I was wrong about saying there would be a fourth beta in the blog post of the previous release. There is exactly 7 month after the last beta. There will be most likely another one then the final release in the next few month.

Updating is highly recommend as this contains a lot of bug fixes and improvements as well as security fixes. More details can be found in the blog.

Changelog:
  • Airodump-ng should be able to parse the canonical oui file.
  • Airodump-ng: Fixed GPS stack overflow.
  • Airodump-ng: Fixed stopping cleanly with Ctrl-C.
  • Airmon-zc: better handling for when modules are not available (incomplete)
  • Airmon-zc: users can now start the monitor interface again to change channels
  • Airmon-zc: update to use ip instead of ifconfig if available.
  • Airmon-zc: better handling of devices without pci bus
  • Aireplay-ng: Fixed tcp_test stack overflow.
  • OSdep: Fixed libnl detection. Also avoid detection on non Linux systems.
  • OSdep: Fixed segmentation fault that happens with a malicious server.
  • Besside-ng: Add regular expression matching for the SSID.
  • Buddy-ng: Fixed segmentation fault.
  • Makefile: Fixed 'commands commence before first target' error when building Aircrack-ng.
  • Fixed segfault when changing the optimization when compiling with gcc thanks to Ramiro Polla.
  • Removed airdriver-ng (outdated and not meant for today's kernels)
  • Added gitignore file.
  • Fixed build issues on other compilers by using stdint.h types.
  • Updating installation file and added pkg-config as a requirement.
  • Various small fixes and improvements.

9
Annoucements / Aircrack-ng 1.2 beta 3 release
« on: April 01, 2014, 01:34:59 AM »
And a third beta. I can guarantee there will be at least a fourth one before the final 1.2 release.

Here is the changelog:
  • Finally properly fixed the buffer overflow.
  • Fixed channel parsing (eg 108, 125) and updated radiotap parser.
  • Various other small fixes.

10
Programming / from syworks - Wireless IDS
« on: January 23, 2014, 01:57:32 AM »
The forum won't let syworks post this, so I offered him to post it for him. I'll check why.

Wireless IDS is an open source tool written in Python and work on Linux environment. This tool will sniff your surrounding air traffic for suspicious activities such as WEP/WPA/WPS attacking packets. It do the following
- Detect mass deauthentication sent to client / access point which unreasonable amount indicate possible WPA attack for handshakes.
- Continual sending data to access point using broadcast MAC address which indicate a possibility of WEP attacks
- Unreasonable amount of communication between wireless client and access point using EAP authentication which indicate the possibility of WPS bruteforce attack by Reaver / WPSCrack
- Detection of changes in connection to anther access point which may have the possibility of connection to Rogue AP (User needs to assess the situation whether similar AP name)

Visit https://www.facebook.com/pages/SYWorks-Programming/281645261863582 for other updated information and tools.

Requirements
No special required equipment is required to use this script as long as you have the following :
  1. Root access (admin)
  2. Wireless interface which is capable of monitoring
  3. Python installed
  4. Aircrack-NG suite installed
  5. TShark installed

Note: Application 3 - 5 are already pre-installed in Backtrack and Kali Linux.


Download / Installation
- Visit https://github.com/SYWorks/wireless-ids for all documentation and files or
- download the raw file directly from here
- Save the file 'wids.py' to your Linux Desktop or any directory you like. For my case, i saved it on my desktop and enter the following in the terminal console.
   * cd Desktop/
   * chmod +x wids.py
   * ./wids.py

Once installation is completed, you may wish to delete the file where you have initially saved as the following had be created:
 - Directory : ~/SYWorks/
 - Directory : ~/SYWorks/WIDS/
 - Directory : ~/SYWorks/WIDS/tmp
 - File         : ~/SYWorks/WIDS/wids.py
 - File         : ~/usr/sbin/wids.py
 

Running the application
- You can run the script at any directory by entering 'wids.py'.
- Once the script is running, it will detect the wireless interface that you have and if you have more than one interface, it will prompt you for response.
- If there is no suspicious activity found, it will display 'Did not detect any suspicious activity..'
- Note : If you want to exit the script, simply hit on 'Ctrl+C' to exit the application.

Detected Possible WEP Attacks
- If a possible WEP attacks detected, it will show the Wireless client / Access Point MAC  Address (AP Name) and also any authentication/association request made.

Detected Possible WPA Attacks
- If a possible WPA attacks detected, it will show the Wireless client / Access Point MAC  Address (AP Name) that the number of deauthentication packets were detected.
- If handshakes were also detected, it will display the number of handshake packets found.

Detected Possible WPS Attacks
- Whenever a communication between a Wireless client  and Access Point using EAP, their MAC  Addresses will be displayed with the number of EAP packets were detected.
- It consistent communication of such request, it is likely that a WPS Bruteforce is in progress.

Detected Changes In Clients Connection to Another Access Point
- The script also detect any changes when a wireless client which is initially connected to a access point subsequently switch connection to another access point, which could have the  possibility connection  to a Rogue AP (User should also note the AP name)

Checking / Updating of Script
- Enter 'wids.py --update' to check online for any updates for the script

Displaying Help
- Enter 'wids.py --hh' to display advanced help


Command line Arguments
- Enter 'wids.py --timeout ' to set the captured timeframe.

Removing The Script
- Enter 'wids.py --remove' to remove the script should you wanted to remove the script totally from your computer.

More information can be found on syworks blog: http://syworks.blogspot.sg/2014/01/wireless-ids-intrusion-detection-system.html

11
Newbies / From r0tati0n - Is WPA password saved?
« on: December 09, 2013, 08:48:44 PM »
Hi.

I managed to get a WPA2 password with aircrack-ng. However, after the password was retrieved successfully, the power went down before I could write down the password.
Is the password saved somewhere? I didn't find it in the folder, where the .cap files are.

Command would be

Code: [Select]
john -stdout -incremental:all ¦ aircrack-ng -a 2 -b bssid -w - cap.cap

Thanks in Advance

12
Annoucements / Aircrack-ng 1.2 beta 2 release
« on: December 01, 2013, 12:00:38 AM »
Here is a second beta. Enjoy it ;)

Release Notes:
  • Airbase-ng IE order fixed
  • Improved WEP cracking speed using PTW
  • Fixed WPA capture decryption when WMM is used
  • Fixed memory leaks in several parts of the suite
  • Fixed compilation with recent version of gcc, on cygwin and on Gentoo hardened
  • Now using Coverity Scan for static code analysis
  • Lots of other small fixes

Detailed changelog:
  • Airbase-ng: Fixed order of IE when creating soft Access Point.
  • Airbase-ng: Fixed Caffe Latte Attack not working for all clients.
  • Aircrack-ng: Improved PTW speed thanks to Ramiro Polla.
  • Airmon-zc: Fixed improper use of the interface.
  • Airdecap-ng: Fixed decoding captures with WMM enabled.
  • Various: Fixed memory leaks in Aircrack-ng, Aireplay-ng, OSdep.
  • Added support for static analysis using Coverity Scan.
  • Fixed compilation due to PIC unfriendly assembly on Gentoo hardened.
  • Fixed running tests using 'make check'.
  • Fixed building aircrack-ng with recent version of gcc and also on cygwin.
  • Various other small fixes.

13
Annoucements / Aircrack-ng 1.2 Beta 1 release
« on: May 31, 2013, 10:17:54 PM »
After a few years, we finally got a release: 1.2 Beta 1. Enjoy ;-)

Release Notes:

  • Compilation fixes on all supported OSes.
  • Makefile improvement and fixes.
  • A lot of fixes and improvements on all tools and documentation.
  • Fixed licensing issues.
  • Added a few new tools and scripts (including distributed cracking tool).
  • Fixed endianness and QoS issues.

Detailed changelog:

  • Airmon-ng: Added chipset information for ar9170usb, wl, rt2800usb, ar9271, wl12xx, RT3070STA, ath9k_htc, r871x_usb_drv, ath5k, carl9170 and various Intel drivers.
  • Airmon-ng: Fixed chipset information ipw2200.
  • Airmon-ng: Fixed output for r8187 driver.
  • Airmon-ng: Improved chipset information for a few drivers.
  • Airmon-ng: Support for displaying information about ath9k.
  • Airmon-ng: Added 'check kill' to automatically kill services that could interfere.
  • Airmon-ng: Fixed issues with Intel chipsets detection.
  • Airmon-ng: Updated iw download link.
  • Airmon-ng: Better mac80211 handling
  • Airmon-ng: Added detection for WiLink TI driver, rtl819xU, iwlwifi.
  • Airmon-zc: Improved version of Airmon-ng with more detailled information.
  • Airdecap-ng: Fixed decoding QoS frames (Closes: #667 and #858).
  • Airgraph-ng: Use Aircrack-ng Makefile instead of its own.
  • Airbase-ng: Fixed bug using clients list.
  • Airbase-ng: Fixed issue with QoS (ticket #760).
  • Airbase-ng: Fixed sending beacons with null SSID.
  • Airbase-ng: Allow non ASCII ESSID
  • Airodump-ng: Fixed buffer overflow (ticket #728).
  • Airodump-ng: Fixed channel parsing.
  • Airodump-ng: Fixed FreeBSD battery reading.
  • Airodump-ng: Renamed "Packets" column to "Frames" ("Packets" was not correct).
  • Airodump-ng: Fixed XML bugs when outputting NetXML: ESSID containing '&' or chinese characters, when multiple encryption are used.
  • Airodump-ng: Add alternative paths for Airodump-ng OUI file.
  • Airodump-ng: Added GPSd 2.92+ support (JSON).
  • Airodump-ng: Add option --manufacturer to display manufacturer column on airodump-ng.
  • Airodump-ng: Add feature to show APs uptime (--uptime) based on the timestamp.
  • Airodump-ng-OUI-update: Fixed OUI URL and allow CURL redirect (ticket #829).
  • Airdrop-ng: removed .py from file names.
  • Airdrop-ng: Fixed bug in installer.
  • Airdrop-ng: Fixed OUI lookup.
  • Airdrop-ng: Fixed bug when several BSSID have the same ESSID.
  • Airdrop-ng: Doesn't constantly parse anymore, wait 5 seconds each time it parses.
  • Airdrop-ng: Fixed crash when failing to get channel or when rules file didn't exist.
  • Airdrop-ng: Fixed to use lorcon.py/lorcon2 libs.
  • Airdrop-ng: Updated README.
  • Airdrop-ng: Fixed error preventing update to work.
  • Versuck-ng: New script to do the same thing as the kismet autowep plugin from the CLI.
  • Aircrack-ng: Fixed counter display error when cracking WPA.
  • Aircrack-ng: Added output of the WPA handshake to EWSA project file.
  • Aircrack-ng: Added output of the WPA handshake to oclhashcat+ project file.
  • Aircrack-ng: Added benchmark option, -S.
  • Aircrack-ng: Fixed -u option.
  • Aircrack-ng: PIC fix for hardened systems from Francisco Blas Izquierdo Riera (klondike)
  • Aircrack-ng: Allow dictionaries larger than 2Gb.
  • Aircrack-ng: Give a better message when there's an error with the dictionary.
  • Aircrack-ng: Prevent a buffer overflow from happening (Wojciech Waga).
  • Aireplay-ng: Added migration mode attack from Leandro Meiners and Diego Sor from Core Security (BlackHat Las Vegas 2010)
  • Aireplay-ng, Airodump-ng: Added option to ignore issue with -1 channel.
  • Airserv-ng: Fixed crash when clients disconnect.
  • Besside-ng-crawler: Added EAPOL Crawler.
  • Airdecloak-ng: Fixed bug when using pcap files with PPI headers.
  • dcrack: Distributed cracking server/client
  • wifi-detect.sh: reference script for testing wifi card detection using iwconfig vs ls /sys/class/net
  • WPA Clean: Tool to merge and clean WPA capture files.
  • Wireless Panda: C# Library to parse Airodump-ng output files (and added example project).
  • OSdep (Linux): Setting fixed bitrates on mac80211 2.6.31 and up.
  • OSdep (Linux): Added support for nl80211 thanks to impulse32. Use 'make libnl=true' to add netlink support (Ticket #1004).
  • Manpages: Improvement and fixes for Airgraph-ng, Airodump-ng, packetforge-ng, Aircrack-ng
  • Manpages: Fixed various spelling issues and single quote issues.
  • Makefiles: Added tests for the different tools.
  • Makefiles: Various fixes and improvements.
  • Makefiles: Added support for libgrypt instead of OpenSSL via parameter.
  • Patches: Added a few patches.
  • Removed useless script: patchchk.
  • Finally fixed licensing issues.
  • Fixed endianness issues in most of the tools.
  • Fixed cppcheck errors (Ticket #957).
  • Fixed various compilation issues on Linux and Cygwin, GNU/Hurd, Darwin (OSX) and Sparc.
  • Fixed compilation on recent gcc versions on Linux, Cygwin.
  • Added instructions for Travis CI: Free Hosted Continuous Integration Platform for the Open Source Community.
  • Added Readme.Md for GitHub. Aircrack-ng subversion repository is synced on GitHub: http://github.com/aircrack-ng/aircrack-ng
  • Various other small bug fixes.

14
Basically, the cloud instance hosting the forum crashed and I can't get access to my backup.

It crashed a few weeks ago and the last backup I have is 10 month old. I am deeply sorry for the data loss. I wish I learned a different way to be more careful with backups but what is done is done :/

That backup will be available in read-only mode as soon as OVH grant me access to the data that was on the persistant disk which is unlikely to happen before the end of June. They want to roll out a new cloud and right now they're preventing some functions in the current interface to work so I can't do anything right now and the customer service is not responding.
If you want more details, you can check out this blog post.

You will have to re-create an account. If you were a member before and had more than 100 posts, please use the same email account that you used in the old forum. When the old forum is re-installed, contact me (Private message in this forum).

15
Annoucements / Old forum URL
« on: May 22, 2013, 12:34:43 AM »
Old forum will available in read-only mode at http://old-forum.aircrack-ng.org when OVH lets me get the data back from the virtual machine.

Pages: [1] 2