User Tools

Site Tools


aircrack-ng

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
aircrack-ng [2009/05/04 00:23]
mister_x Update link to forum
aircrack-ng [2018/10/08 04:03] (current)
mister_x Updates (version, command line, URLs)
Line 4: Line 4:
 Aircrack-ng is an 802.11 WEP and WPA/​WPA2-PSK key cracking program. Aircrack-ng is an 802.11 WEP and WPA/​WPA2-PSK key cracking program.
  
-Aircrack-ng can recover the WEP key once enough encrypted packets have been captured with [[airodump-ng]]. This part of the aircrack-ng suite determines the WEP key using two fundamental methods. ​ The first method is via the PTW approach (Pyshkin, Tews, Weinmann). ​ The main advantage of the PTW approach is that very few data packets are required to crack the WEP key.  The second method is the FMS/KoreK method. ​ The FMS/KoreK method incorporates various statistical attacks to discover the WEP key and uses these in combination with brute forcing.+Aircrack-ng can recover the WEP key once enough encrypted packets have been captured with [[airodump-ng]]. This part of the aircrack-ng suite determines the WEP key using two fundamental methods. ​ The first method is via the PTW approach (Pyshkin, Tews, Weinmann).  ​The default cracking method is PTW.  This is done in two phases. ​ In the first phase, aircrack-ng only uses ARP packets. ​ If the key is not found, then it uses all the packets in the capture. ​ Please remember that not all packets can be used for the PTW method. ​ This [[supported_packets|Tutorial:​ Packets Supported for the PTW Attack page]] provides details. ​ An important limitation is that the PTW attack currently can only crack 40 and 104 bit WEP keys. The main advantage of the PTW approach is that very few data packets are required to crack the WEP key.  The second method is the FMS/KoreK method. ​ The FMS/KoreK method incorporates various statistical attacks to discover the WEP key and uses these in combination with brute forcing
 + 
 +Additionally,​ the program offers a dictionary method for determining the WEP key. 
 + 
 +For cracking WPA/WPA2 pre-shared keys, only a dictionary method is used.  SSE2 support is included to dramatically speed up WPA/WPA2 key processing. ​ A "​four-way handshake"​ is required as input. ​ For WPA handshakes, a full handshake is composed of four packets. ​ However, aircrack-ng is able to work successfully with just 2 packets. ​ EAPOL packets (2 and 3) or packets (3 and 4) are considered a full handshake.
  
-Additionally,​ the program offers a dictionary method for determining the WEP key.  For cracking WPA/WPA2 pre-shared keys, only a dictionary method is used. 
  
 ==== Screenshot === ==== Screenshot ===
Line 17: Line 20:
 \\ \\
  
-{{http://​www.aircrack-ng.org/​img/​aircrack-ng.explaination.gif?​600x300 }}+{{https://​www.aircrack-ng.org/​img/​aircrack-ng.explaination.gif?​600x300 }}
  
 ==== How does it work? ==== ==== How does it work? ====
  
-The first method is the PTW method (Pyshkin, Tews, Weinmann). The PTW method is fully described in the paper found on  [[http://​www.cdc.informatik.tu-darmstadt.de/​aircrack-ptw/​|this web site]]. ​ In 2005, Andreas Klein presented another analysis of the RC4 stream cipher. Klein showed that there are more correlations between the RC4 keystream and the key than the ones found by Fluhrer, Mantin, and Shamir and these may be additionally used to break WEP.  The PTW method extends Klein'​s attack and optimizes it for usage against WEP.  It essentially uses enhanced FMS techniques described in the following section. ​ One particularly important constraint is that it only works with arp request/​reply packets and cannot be employed against other traffic.+The first method is the PTW method (Pychkine, Tews, Weinmann). The PTW method is fully described in the paper found on  [[https://​web.archive.org/​web/​20070714194826/​http://​www.cdc.informatik.tu-darmstadt.de/​aircrack-ptw/​|this web site]]. ​ In 2005, Andreas Klein presented another analysis of the RC4 stream cipher. Klein showed that there are more correlations between the RC4 keystream and the key than the ones found by Fluhrer, Mantin, and Shamir and these may be additionally used to break WEP.  The PTW method extends Klein'​s attack and optimizes it for usage against WEP.  It essentially uses enhanced FMS techniques described in the following section. ​ One particularly important constraint is that it only works with arp request/​reply packets and cannot be employed against other traffic.
  
 The second method is the FMS/Korek method which incorporates multiple techniques. ​ The  [[links#​technique_papers|Techniques Papers]] on the links page lists many papers which describe these techniques in more detail and the mathematics behind them. The second method is the FMS/Korek method which incorporates multiple techniques. ​ The  [[links#​technique_papers|Techniques Papers]] on the links page lists many papers which describe these techniques in more detail and the mathematics behind them.
Line 82: Line 85:
   aircrack-ng [options] <capture file(s)>   aircrack-ng [options] <capture file(s)>
  
-You can specify multiple input files (either in .cap or .ivs format). Also, you can run both [[airodump-ng]] and aircrack-ng at the same time: aircrack-ng will auto-update when new IVs are available.+You can specify multiple input files (either in .cap or .ivs format) ​or use file name wildcarding See [[aircrack-ng#​other_tips|Other Tips]] for examples.  ​Also, you can run both [[airodump-ng]] and aircrack-ng at the same time: aircrack-ng will auto-update when new IVs are available.
  
-Here's a summary of all available ​options:+=== Options === 
 +== Common ​options ​==
  
 ^Option^Param.^Description^ ^Option^Param.^Description^
-|-a|amode|Force attack mode (1 = static WEP, 2 = WPA/​WPA2-PSK).+|-a|amode|Force attack mode (1 = static WEP, 2 = WPA/​WPA2-PSK)| 
-|-e|essid|If set, all IVs from networks with the same ESSID will be used. This option is also required for WPA/​WPA2-PSK cracking if the ESSID is not broadcasted (hidden).+|-e|essid|If set, all IVs from networks with the same ESSID will be used. This option is also required for WPA/​WPA2-PSK cracking if the ESSID is not broadcasted (hidden)| 
-|-b|bssid|Select the target network based on the access point'​s MAC address.+|-b|bssid|Long version -''''​-bssid. ​Select the target network based on the access point'​s MAC address| 
-|-p|nbcpu|On SMP systems: # of CPU to use.  This option is invalid on non-SMP systems.+|-p|nbcpu|On SMP systems: # of CPU to use.  This option is invalid on non-SMP systems| 
-|-q|//​none//​|Enable quiet mode (no status output until the key is found, or not).| +|-q|//​none//​|Enable quiet mode (no status output until the key is found, or not)
-|-c|//​none//​|(WEP cracking) ​Restrict the search space to alpha-numeric characters only (0x20 - 0x7F).+|-C|MACs|Long version -''''​-combine Merge the given APs (separated by a comma) into virtual one| 
-|-t|//​none//​|(WEP cracking) ​Restrict the search space to binary coded decimal hex characters.+|-l|file name|(Lowercase L, ell) logs the key to the file specified. Overwrites the file if it already exists| 
-|-h|//​none//​|(WEP cracking) ​Restrict the search space to numeric characters (0x30-0x39) These keys are used by default in most Fritz!BOXes.+ 
-|-d|start|(WEP cracking) ​Set the beginning of the WEP key (in hex), for debugging purposes.+== Static WEP cracking options == 
-|-m|maddr|(WEP cracking) ​MAC address to filter WEP data packets. Alternatively,​ specify -m ff:​ff:​ff:​ff:​ff:​ff to use all and every IVs, regardless of the network.+ 
-|-n|nbits|(WEP cracking) ​Specify the length of the key: 64 for 40-bit WEP, 128 for 104-bit WEP, etc. The default value is 128.+^Option^Param.^Description^ 
-|-i|index|(WEP cracking) ​Only keep the IVs that have this key index (1 to 4). The default behaviour is to ignore the key index.+|-c|//​none//​|Restrict the search space to alpha-numeric characters only (0x20 - 0x7F)| 
-|-f|fudge|(WEP cracking) ​By default, this parameter is set to 2 for 104-bit WEP and to 5 for 40-bit WEP. Specify a higher value to increase the bruteforce level: cracking will take more time, but with a higher likelyhood of success.+|-t|//​none//​|Restrict the search space to binary coded decimal hex characters| 
-|-k|korek|(WEP cracking) ​There are 17 korek statistical attacks. Sometimes one attack creates a huge false positive that prevents the key from being found, even with lots of IVs. Try -k 1, -k 2, ... -k 17 to disable each attack selectively.+|-h|//​none//​|Restrict the search space to numeric characters (0x30-0x39) These keys are used by default in most Fritz!BOXes| 
-|-x/​-x0|//​none//​|(WEP cracking) ​Disable last keybytes brutforce.+|-d|start|Long version -''''​-debug.  ​Set the beginning of the WEP key (in hex), for debugging purposes| 
-|-x1|//​none//​|(WEP cracking) ​Enable last keybyte bruteforcing (default).+|-m|maddr|MAC address to filter WEP data packets. Alternatively,​ specify -m ff:​ff:​ff:​ff:​ff:​ff to use all and every IVs, regardless of the network| 
-|-x2|//​none//​|(WEP cracking) ​Enable last two keybytes bruteforcing.+|-n|nbits|Specify the length of the key: 64 for 40-bit WEP, 128 for 104-bit WEP, etc. The default value is 128| 
-|-X|//​none//​|(WEP cracking) ​Disable bruteforce multithreading (SMP only).+|-i|index|Only keep the IVs that have this key index (1 to 4). The default behaviour is to ignore the key index| 
-|-y|//none//|(WEP cracking) This is an experimental ​single bruteforce attack which should only be used when the standard attack mode fails with more than one million IVs| +|-f|fudge|By default, this parameter is set to 2 for 104-bit WEP and to 5 for 40-bit WEP. Specify a higher value to increase the bruteforce level: cracking will take more time, but with a higher likelyhood of success| 
-|-w|words|(WPA cracking) Path to a wordlist ​or "​-"​ without the quotes for standard in (stdin).| +|-k|korek|There are 17 korek statistical attacks. Sometimes one attack creates a huge false positive that prevents the key from being found, even with lots of IVs. Try -k 1, -k 2, ... -k 17 to disable each attack selectively| 
-|-z|//none//|Invokes the PTW WEP cracking ​method.|+|-x/​-x0|//​none//​|Disable last keybytes brutforce| 
 +|-x1|//​none//​|Enable last keybyte bruteforcing (default)| 
 +|-x2|//​none//​|Enable last two keybytes bruteforcing| 
 +|-X|//​none//​|Disable bruteforce multithreading (SMP only)| 
 +|-s|//none//|Show the key in ASCII while cracking
 +|-y|//​none//​|Experimental ​single bruteforce attack which should only be used when the standard attack mode fails with more than one million IVs| 
 +|-z|//none//|Invokes the PTW WEP cracking method ​(Default in v1.x)| 
 +|-P|number|Long version -''''​-ptw-debug. ​ Invokes the PTW debug mode: 1 Disable klein, 2 PTW.| 
 +|-K|//​none//​|Invokes the Korek WEP cracking ​method. (Default in v0.x)
 +|-D|//​none//​|Long version -''''​-wep-decloak. ​ Run in WEP decloak mode| 
 +|-1|//​none//​|Long version -''''​-oneshot. ​ Run only 1 try to crack key with PTW| 
 +|-M|number|(WEP cracking) Specify the maximum number of IVs to use| 
 +|-V|//​none//​|Long version -''''​-visual-inspection. ​ Run in visual inspection mode (only with KoreK)| 
 + 
 +== WEP and WPA-PSK cracking options == 
 + 
 +^Option^Param.^Description^ 
 +|-w|words|Path to a wordlists ​or "​-"​ without the quotes for standard in (stdin). ​Separate multiple wordlists by comma
 +|-N|file|Create a new cracking session and save it to the specified file| 
 +|-R|file|Restore cracking session from the specified file| 
 + 
 +== WPA-PSK options == 
 + 
 +^Option^Param.^Description^ 
 +|-E|file>​|Create EWSA Project file v3| 
 +|-j|file|Create Hashcat v3.6+ Capture file (HCCAPX)| 
 +|-J|file|Create Hashcat Capture file| 
 +|-S|//none//|WPA cracking ​speed test| 
 +|-Z|sec|WPA cracking speed test execution length in seconds| 
 +|-r|database|Utilizes a database generated by [[airolib-ng]] as input to determine the WPA keyOutputs an error message if aircrack-ng has not been compiled with sqlite support| 
 + 
 +== SIMD Selection == 
 + 
 +^Option^Param.^Description^ 
 +|-''''​-simd|optimization|Use user-specified SIMD optimization instead of the fastest one| 
 +|-''''​-simd-list|//​none//​|Shows a list of the SIMD optimizations available| 
 + 
 +== Other options == 
 + 
 +^Option^Param.^Description^ 
 +|-H|//​none//​|Long version -''''​-help. ​ Output help information| 
 +|-u|//​none//​|Long form -''''​-cpu-detect. ​ Provide information on the number of CPUs and features available such as MMX, SSE2, AVX, AVX2, AVX512|
  
 ===== Usage Examples ===== ===== Usage Examples =====
 ==== WEP ==== ==== WEP ====
-The simplest case is to crack a WEP key. If you want to try this out yourself, here is a test [[http://wiki-files.aircrack-ng.org/​other/​test.ivs|file]]. ​ The key to the test file matches the screen image above, it does not match the following example.+The simplest case is to crack a WEP key. If you want to try this out yourself, here is a test [[https://download.aircrack-ng.org/wiki-files/​other/​test.ivs|file]]. ​ The key to the test file matches the screen image above, it does not match the following example.
  
-aircrack-ng 128bit.ivs\\ ​+aircrack-ng ​-K 128bit.ivs\\ ​
 Where: Where:
   *128bit.ivs is the file name containing IVS.   *128bit.ivs is the file name containing IVS.
 +  *-K: Use KoreK attacks only
  
 The program responds: The program responds:
Line 132: Line 178:
 The cracking process starts and once cracked, here is what it looks like: The cracking process starts and once cracked, here is what it looks like:
  
-                                                Aircrack-ng ​0.7 r130+                                                Aircrack-ng ​1.4
   ​   ​
   ​   ​
Line 152: Line 198:
   ​   ​
              KEY FOUND! [ AE:​66:​5C:​FD:​24:​E3:​92:​A9:​14:​39:​D4:​27:​4B ]               KEY FOUND! [ AE:​66:​5C:​FD:​24:​E3:​92:​A9:​14:​39:​D4:​27:​4B ] 
 +
 +**NOTE:** The ASCII WEP key is displayed only when 100% of the hex key can be converted to ASCII.
  
 This key can then be used to connect to the network. This key can then be used to connect to the network.
Line 185: Line 233:
 Here is a sample of the output: Here is a sample of the output:
  
-                                                Aircrack-ng ​0.7 r247+                                                Aircrack-ng ​1.4
        
        
Line 200: Line 248:
         Probability:​ 100%         Probability:​ 100%
  
-Lets look at a PTW attack example. ​ Remember that this method requires arp request/​reply packets as input. It must be the full packet and not just the IVs, meaning that the "- - ivs" option cannot be used when running airodump-ng. As well, it only works for 64 and 128 bit WEP encryption.+Lets look at a PTW attack example. ​ Remember that this method requires arp request/​reply packets as input. It must be the full packet and not just the IVs, meaning that the "-''''​- ivs" option cannot be used when running airodump-ng. As well, it only works for 64 and 128 bit WEP encryption.
  
 Enter the following command: Enter the following command:
Line 207: Line 255:
  
 Where: Where:
-  * -z means use the PTW methodology to crack the wep key.+  * -z means use the PTW methodology to crack the wep key. //Note:// in v1.x, this is the default attack mode; use -K to revert to Korek.
   * ptw*.cap are the capture files to use.   * ptw*.cap are the capture files to use.
  
Line 223: Line 271:
 Then: Then:
  
-                                                Aircrack-ng ​0.9+                                                Aircrack-ng ​1.4
        
                                 [00:01:18] Tested 0/140000 keys (got 30680 IVs)                                 [00:01:18] Tested 0/140000 keys (got 30680 IVs)
Line 261: Line 309:
 Notice in this case that since there are multiple networks we need to select which one to attack. ​ We select number 2.  The program then responds: Notice in this case that since there are multiple networks we need to select which one to attack. ​ We select number 2.  The program then responds:
  
-                                 ​Aircrack-ng ​0.7 r130+                                 ​Aircrack-ng ​1.4
   ​   ​
   ​   ​
Line 282: Line 330:
 Now you have the passphrase and can connect to the network. Now you have the passphrase and can connect to the network.
  
 +
 +=== SIMD ===
 +
 +Aircrack-ng is compiled with multiple optimizations based on CPU features we call crypto engines. CPU features are different based on the type of CPU.
 +
 +On x86 (and 64 bit), typically SSE2, AVX and AVX2 are available (AVX512 can be compiled in but it should only be done if the current CPU supports it). On ARM, neon and ASIMD are usually available and on PowerPC, ASIMD and altivec. A generic optimization is always available no matter what architecture it is compiled on or for. A limited set of optimizations may be available depending on the OS/​CPU/​compilers available.
 +
 +When running aircrack-ng,​ it will load the fastest optimization based on what your CPU supports. For package maintainers,​ it is very useful as they don't have to target the one supporting all the CPU which would be the slowest.
 +
 +In order to override, the option -''''​-simd can be used. Such as
 +
 +  aircrack-ng --simd=avx wpa.cap -w password.lst
 +
 +In order to list all the available SIMD optimization,​ use -''''​-simd-list. Such as
 +
 +  aircrack-ng --simd-list
 +
 +will display "avx2 avx sse2 generic"​ on x86.
 +
 +==== Cracking session ====
 +
 +Cracking can sometimes take a very long time and it is sometimes necessary to turn off the computer or put it to sleep for a while. In order to handle this kind of situation, a new set of option has been created.
 +
 +It will create and/or update a session file saving the current status of the cracking (every 10 minutes) as well as all the options used, wordlists and capture files used. Multiple wordlists can be used and it works with WEP and WPA.
 +
 +  aircrack-ng --new-session current.session -w password.lst,​english.txt wpa-01.cap ​
 +
 +In order to restore the session, use -''''​-restore-session:​
 +
 +  aircrack-ng --restore-session current.session
 +
 +It will keep updating //​current.session//​ every 10 minutes.
 +
 +Limitations:​
 +  * The wordlist must be files. For now, they cannot be //stdin// or [[airolib-ng]] databases
 +  * Session has to be restored from the same directory as when first using -''''​-new-session
 +  * No new options can be added when restoring session
 ===== Usage Tips ===== ===== Usage Tips =====
 ==== General approach to cracking WEP keys ==== ==== General approach to cracking WEP keys ====
 +
 +//FIXME This needs updating for v1.x!//
  
 Clearly, the simplest approach is just to enter "​aircrack-ng captured-data.cap"​ and let it go.  Having said that, there are some techniques to improve your chances of finding the WEP key quickly. ​ There is no single magic set of steps. ​ The following describes some approaches which tend to  yield the key faster. ​ Unless you are comfortable with experimentation,​ leave well enough alone and stick to the simple approach. Clearly, the simplest approach is just to enter "​aircrack-ng captured-data.cap"​ and let it go.  Having said that, there are some techniques to improve your chances of finding the WEP key quickly. ​ There is no single magic set of steps. ​ The following describes some approaches which tend to  yield the key faster. ​ Unless you are comfortable with experimentation,​ leave well enough alone and stick to the simple approach.
  
-If you are capturing arp request/​reply packets, then the fastest approach is to use "​aircrack-ng -z <data packet capture files>"​. ​ You can then skip the balance of this section since it will find the key very quickly assuming you have collected sufficient arp request/​reply packets!+If you are capturing arp request/​reply packets, then the fastest approach is to use "​aircrack-ng -z <data packet capture files>"​. ​ You can then skip the balance of this section since it will find the key very quickly assuming you have collected sufficient arp request/​reply packets! ​//NOTE:// -z is the default attack mode in aircrack-ng v1.x; use -K to revert to the attack mode used in previous versions.
  
 The overriding technique is capture as much data as possible. ​ That is the single most important task.  The number of initialization vectors (IVs) that you need to determine the WEP key varies dramatically by key length and access point. ​ Typically you need 250,000 or more unique IVs for 64 bit keys and 1.5 million or more for 128 bit keys.  Clearly a lot more for longer key bit lengths. ​ Then there is luck.  There will be times that the WEP key can be determined with as few as 50,000 IVs although this is rare.  Conversely, there will be times when you will need mulitple millions of IVs to crack the WEP key.  The number of IVs is extremely hard to predict since some access points are very good at eliminating IVs that lead the WEP key. The overriding technique is capture as much data as possible. ​ That is the single most important task.  The number of initialization vectors (IVs) that you need to determine the WEP key varies dramatically by key length and access point. ​ Typically you need 250,000 or more unique IVs for 64 bit keys and 1.5 million or more for 128 bit keys.  Clearly a lot more for longer key bit lengths. ​ Then there is luck.  There will be times that the WEP key can be determined with as few as 50,000 IVs although this is rare.  Conversely, there will be times when you will need mulitple millions of IVs to crack the WEP key.  The number of IVs is extremely hard to predict since some access points are very good at eliminating IVs that lead the WEP key.
Line 293: Line 380:
 Generally, don't try to crack the WEP key until you have 200,000 IVs or more.  If you start too early, aircrack tends to spend too much time brute forcing keys and not properly applying the statistical techniques. ​ Start by trying 64 bit keys "​aircrack-ng -n 64 captured-data.cap"​. ​ If they are using a 64 bit WEP, it can usually be cracked in less then 5 minutes (generally less then 60 seconds) with relatively few IVs.  It is surprising how many APs only use 64 bit keys.  If it does not find the 64 bit key in 5 minutes, restart aircrack in the generic mode: "​aircrack-ng captured-data.cap"​. ​ Then at each 100,000 IVs mark, retry the "​aircrack-ng -n 64 captured-data.cap"​ for 5 minutes. Generally, don't try to crack the WEP key until you have 200,000 IVs or more.  If you start too early, aircrack tends to spend too much time brute forcing keys and not properly applying the statistical techniques. ​ Start by trying 64 bit keys "​aircrack-ng -n 64 captured-data.cap"​. ​ If they are using a 64 bit WEP, it can usually be cracked in less then 5 minutes (generally less then 60 seconds) with relatively few IVs.  It is surprising how many APs only use 64 bit keys.  If it does not find the 64 bit key in 5 minutes, restart aircrack in the generic mode: "​aircrack-ng captured-data.cap"​. ​ Then at each 100,000 IVs mark, retry the "​aircrack-ng -n 64 captured-data.cap"​ for 5 minutes.
  
-Once you hit 600,00 IVs, switch to testing 128 bit keys.  At this point it is unlikely (but not impossible) that it is a 64 bit key and 600,000 IVs did not crack it.  So now try "​aircrack-ng captured-data.cap"​.+Once you hit 600,000 IVs, switch to testing 128 bit keys.  At this point it is unlikely (but not impossible) that it is a 64 bit key and 600,000 IVs did not crack it.  So now try "​aircrack-ng captured-data.cap"​.
  
 Once you hit 2 million IVs, try changing the fudge factor to "-f 4"​. ​ Run for at least 30 minutes to one hour.  Retry, increasing the fudge factor by adding 4 to it each time.  Another time to try increasing the fudge factor is when aircrack-ng stops because it has tried all the keys. Once you hit 2 million IVs, try changing the fudge factor to "-f 4"​. ​ Run for at least 30 minutes to one hour.  Retry, increasing the fudge factor by adding 4 to it each time.  Another time to try increasing the fudge factor is when aircrack-ng stops because it has tried all the keys.
Line 305: Line 392:
 While aircrack-ng is running, you mostly just see the beginning of the key.  Although the secret WEP key is unknown at this point, there may be clues to speed things up.  If the key bytes have a fairly large number of votes, then they are likely 99.5% correct. ​ So lets look at what you can do with these clues. While aircrack-ng is running, you mostly just see the beginning of the key.  Although the secret WEP key is unknown at this point, there may be clues to speed things up.  If the key bytes have a fairly large number of votes, then they are likely 99.5% correct. ​ So lets look at what you can do with these clues.
  
-If the bytes (likely secret keys) are for example: 75:​47:​99:​22:​50 then it is quite obvious, that the whole key may consist only of numbers, like the first 5 bytes. ​ So it MAY improve your cracking speed to use the -t option only when trying such keys.  See [[http://​en.wikipedia.org/​wiki/​Binary-coded_decimal|Wikipedia Binary Coded Decimal]] for a description of what characters -t looks for.+If the bytes (likely secret keys) are for example: 75:​47:​99:​22:​50 then it is quite obvious, that the whole key may consist only of numbers, like the first 5 bytes. ​ So it MAY improve your cracking speed to use the -t option only when trying such keys.  See [[https://​en.wikipedia.org/​wiki/​Binary-coded_decimal|Wikipedia Binary Coded Decimal]] for a description of what characters -t looks for.
  
 If the bytes are 37:​30:​31:​33:​36 which are all numeric values when converted to Ascii, it is a good idea to use -h option. ​ The FAQ entry [[faq#​how_do_i_convert_the_hex_characters_to_ascii|Converting hex characters to ascii]] provides links to determine if they are all numeric. If the bytes are 37:​30:​31:​33:​36 which are all numeric values when converted to Ascii, it is a good idea to use -h option. ​ The FAQ entry [[faq#​how_do_i_convert_the_hex_characters_to_ascii|Converting hex characters to ascii]] provides links to determine if they are all numeric.
Line 329: Line 416:
 You may use this key without the ":"​ in your favorite client. ​ This means you enter "​1122334455"​ into the client and specify that the key is in hexadecimal format. ​ Remember that most keys cannot be converted to ASCII format. ​ If the HEX key is in fact valid ASCII characters, the ASCII will also be displayed. You may use this key without the ":"​ in your favorite client. ​ This means you enter "​1122334455"​ into the client and specify that the key is in hexadecimal format. ​ Remember that most keys cannot be converted to ASCII format. ​ If the HEX key is in fact valid ASCII characters, the ASCII will also be displayed.
  
-If you wish to experiment a bit with converting HEX to ASCII, see this [[http://​aircrack-ng.org/​doku.php?​id=faq#​how_do_i_convert_the_hex_characters_to_ascii|FAQ entry]].+If you wish to experiment a bit with converting HEX to ASCII, see this [[faq#​how_do_i_convert_the_hex_characters_to_ascii|FAQ entry]].
  
-We do not specifically provide support or the details on how to configure your wireless card to connect to the AP.  For linux, this [[http://​wirelessdefence.org/​Contents/​LinuxWirelessCommands.htm|page]] has an excellent writeup. ​ As well, search the internet for this information regarding linux and Windows systems. ​ As well, see the documentation for your card's wireless client. ​ If you are using linux, check the mailing lists and forums specific to the distribution.+We do not specifically provide support or the details on how to configure your wireless card to connect to the AP.  For linux, this [[https://​web.archive.org/​web/​20080212235953/​http://​wirelessdefence.org/​Contents/​LinuxWirelessCommands.htm|page]] has an excellent writeup. ​ As well, search the internet for this information regarding linux and Windows systems. ​ As well, see the documentation for your card's wireless client. ​ If you are using linux, check the mailing lists and forums specific to the distribution.
  
 Additionally,​ Aircrack-ng prints out a message indicating the likelihood that the key is correct. ​ It will look something similar to "​Probability:​ 100%"​. ​ Aircrack-ng tests the key against some packets to confirm the key is correct. ​ Based on these tests, it prints the probability of a correct key. Additionally,​ Aircrack-ng prints out a message indicating the likelihood that the key is correct. ​ It will look something similar to "​Probability:​ 100%"​. ​ Aircrack-ng tests the key against some packets to confirm the key is correct. ​ Based on these tests, it prints the probability of a correct key.
Line 347: Line 434:
 So there is no way to know the how long the original passphrase was.  It could as short as one character. ​ It all depends on the who developed the software. So there is no way to know the how long the original passphrase was.  It could as short as one character. ​ It all depends on the who developed the software.
  
-Knowing all this, if you still wish to try to obtain the original passphrase, Latin SuD has a tool which attempts reverse the process. Click [[http://​www.latinsud.com/​wepconv.html|here]] for the tool.+Knowing all this, if you still wish to try to obtain the original passphrase, Latin SuD has a tool which attempts reverse the process. Click [[https://​www.latinsud.com/​wepconv.html|here]] for the tool.
  
 Nonetheless,​ these passphrases result in a WEP Key that is as easily cracked as every other WEP Key.  The exact conversion method really does not matter in the end. Nonetheless,​ these passphrases result in a WEP Key that is as easily cracked as every other WEP Key.  The exact conversion method really does not matter in the end.
Line 360: Line 447:
 There are a number of sample files that you can try with aircrack-ng to gain experience: There are a number of sample files that you can try with aircrack-ng to gain experience:
  
-  * wpa.cap: ​ This is a sample file with a wpa handshake. ​ It is located in the "​test"​ directory of the install files. ​ The passphrase is "​biscotte"​. ​ Use the password file (password.lst) which is in the same directory. +  * [[https://​github.com/​aircrack-ng/​aircrack-ng/​raw/​master/​test/​wpa.cap|wpa.cap]]:  This is a sample file with a wpa handshake. ​ It is located in the "​test"​ directory of the install files. ​ The passphrase is "​biscotte"​. ​ Use the password file (password.lst) which is in the same directory. 
-  * wpa2.eapol.cap:​ This is a sample file with a wpa2 handshake. ​ It is located in the "​test"​ directory of the install files. ​ The passphrase is "​12345678"​. ​ Use the password file (password.lst) which is in the same directory. +  * [[https://​github.com/​aircrack-ng/​aircrack-ng/​raw/​master/​test/​wpa2.eapol.cap|wpa2.eapol.cap]]: This is a sample file with a wpa2 handshake. ​ It is located in the "​test"​ directory of the install files. ​ The passphrase is "​12345678"​. ​ Use the password file (password.lst) which is in the same directory. 
-  * [[http://​download.aircrack-ng.org/​wiki-files/​other/​test.ivs|test.ivs]]:​ This is a 128 bit WEP key file.  The key is "​AE:​5B:​7F:​3A:​03:​D0:​AF:​9B:​F6:​8D:​A5:​E2:​C7"​. +  * [[https://​download.aircrack-ng.org/​wiki-files/​other/​test.ivs|test.ivs]]:​ This is a 128 bit WEP key file.  The key is "​AE:​5B:​7F:​3A:​03:​D0:​AF:​9B:​F6:​8D:​A5:​E2:​C7"​. 
-  * [[http://dl.aircrack-ng.org/ptw.cap|ptw.cap]]:​ This is a 64 bit WEP key file suitable for the PTW method. ​ The key is "​1F:​1F:​1F:​1F:​1F"​.+  * [[https://github.com/aircrack-ng/​aircrack-ng/​raw/​master/​test/​wep_64_ptw.cap|ptw.cap]]:​ This is a 64 bit WEP key file suitable for the PTW method. ​ The key is "​1F:​1F:​1F:​1F:​1F". 
 +  * [[https://​github.com/​aircrack-ng/​aircrack-ng/​raw/​master/​test/​wpa-psk-linksys.cap|wpa-psk-linksys.cap]]:​ This is a sample file with a WPA1 handshake along with some encrypted packets. Useful for testing with airdecap-ng. The password is "​dictionary"​. 
 +  * [[https://​github.com/​aircrack-ng/​aircrack-ng/​raw/​master/​test/​wpa2-psk-linksys.cap|wpa2-psk-linksys.cap]]:​ This is a sample file with a WPA2 handshake along with some encrypted packets. Useful for testing with airdecap-ng. The password is "​dictionary".
  
 ==== Dictionary Format ==== ==== Dictionary Format ====
Line 369: Line 458:
 Dictionaries used for WPA/WPA bruteforcing need to contain one passphrase per line. Dictionaries used for WPA/WPA bruteforcing need to contain one passphrase per line.
  
-The linux and Windows end of line format is slightly different. ​ See this [[http://​en.wikipedia.org/​wiki/​Line_feed|Wikipedia entry]] for details. There are conversion tools are available under both linux and Windows which can convert one format to another. ​ As well, editors are available under both operating systems which can edit both formats correctly. ​ It is up to the reader to use an Internet search engine to find the appropriate tools.+The linux and Windows end of line format is slightly different. ​ See this [[https://​en.wikipedia.org/​wiki/​Line_feed|Wikipedia entry]] for details. There are conversion tools are available under both linux and Windows which can convert one format to another. ​ As well, editors are available under both operating systems which can edit both formats correctly. ​ It is up to the reader to use an Internet search engine to find the appropriate tools.
  
 However both types should work with the linux or Windows versions of aircrack-ng. ​ Thus, you really don't need to convert back and forth. However both types should work with the linux or Windows versions of aircrack-ng. ​ Thus, you really don't need to convert back and forth.
Line 377: Line 466:
 Although it is not part of aircrack-ng,​ it is worth mentioning an interesting piece of work is by SuD.  It is basically a wep hex dictionary already prepared and the program to run it: Although it is not part of aircrack-ng,​ it is worth mentioning an interesting piece of work is by SuD.  It is basically a wep hex dictionary already prepared and the program to run it:
  
-   http://tv.latinsud.com/​wepdict/​+   https://www.latinsud.com/pub/wepdict/ 
 + 
 + 
 +==== Tools to split capture files ==== 
 + 
 +There are times when you want to split capture files into smaller pieces. ​ For example, files with a large number of IVs can sometimes cause the PTW attack to fail.  In this case, it is worth splitting the file into smaller pieces and retrying the PTW attack. 
 + 
 +So here are two tools to split capture files: 
 + 
 +  * https://​www.badpenguin.co.uk/​files/​pcap-util 
 +  * https://​www.badpenguin.co.uk/​files/​pcap-util2 
 + 
 +Another technique is to use Wireshark / tshark. ​ You can mark packets then same them to a separate file. 
 + 
 + 
 +==== How to extract WPA handshake from large capture files ==== 
 + 
 +Sometimes you have a very large capture file and would like to extract the WPA/WPA2 handshake packets from it to a separate file.  The can be done with "​tshark"​ which is a command line version of the Wireshark suite. ​ Installing the linux version of the [[https://​www.wireshark.org|Wireshark suite]] on your system should also install tshark. 
 + 
 +The following command will extract all handshake and beacon packets from your pcap capture file and create a separate file with just those packets: 
 + 
 +   ​tshark -r <input file name> -R "eapol || wlan.fc.type_subtype == 0x08" -w <output file name> 
 + 
 +Remember you must use a pcap file as input, not an IVs file.
  
 ==== Other Tips ==== ==== Other Tips ====
Line 394: Line 506:
   * aircrack-ng -w firstlist.txt,​secondlist.txt,​thirdlist.txt wpa2.eapol.cap   * aircrack-ng -w firstlist.txt,​secondlist.txt,​thirdlist.txt wpa2.eapol.cap
  
-Aircrack-ng comes with a small dictionary called password.lst. ​ The password.lst file is located in the "​test"​ directory of the source files. ​ This [[http://​aircrack-ng.org/​doku.php?​id=faq#​where_can_i_find_good_wordlists|FAQ entry]] has a list of web sites where you can find extensive wordlists (dictionaries). ​ Also see this [[http://​forum.aircrack-ng.org/​index.php?​topic=1373|thread]] on the Forum.+Aircrack-ng comes with a small dictionary called password.lst. ​ The password.lst file is located in the "​test"​ directory of the source files. ​ This [[faq#​where_can_i_find_good_wordlists|FAQ entry]] has a list of web sites where you can find extensive wordlists (dictionaries). ​ Also see this [[https://​forum.aircrack-ng.org/​index.php?​topic=1373|thread]] on the Forum.
  
 Determining the WPA/WPA2 passphrase is totally dependent on finding a dictionary entry which matches the passphrase. ​ So a quality dictionary is very important. ​ You can search the Internet for dictionaries to be used.  There are many available. Determining the WPA/WPA2 passphrase is totally dependent on finding a dictionary entry which matches the passphrase. ​ So a quality dictionary is very important. ​ You can search the Internet for dictionaries to be used.  There are many available.
Line 441: Line 553:
 So just use -e "<​REAL_ESSID>"​ instead of -e ""​ and aircrack-ng should find the passphrase. So just use -e "<​REAL_ESSID>"​ instead of -e ""​ and aircrack-ng should find the passphrase.
  
- 
- 
-You have successfully captured a handshake then when you run aircrack-ng,​ you get similar output: 
- 
-   ​Opening wpa.cap 
-   Read 4 packets. 
-    
-            #     ​BSSID ​                     ESSID                   ​ENCRYPTION 
-            1     ​00:​13:​10:​F1:​15:​86 ​                               WPA (1) handshake 
-   ​Choosing first network as target. 
-    
-   An ESSID is required. Try option -e. 
- 
-Solution: You need to specify the real essid, otherwise the key cannot be calculated, as the essid is used as salt when generating the pairwise master key (PMK) out of the pre-shared key (PSK). 
- 
-So just use -e "<​REAL_ESSID>"​ instead of -e ""​ and aircrack-ng should find the passphrase. 
  
 ==== The PTW method does not work ==== ==== The PTW method does not work ====
  
-One particularly important constraint is that it only works against arp request/​reply packets. ​ It cannot be used against any other data packets. ​ So even if your data capture file contains a large number of data packets, if there insufficient arp request/​reply packets, it will not work.  Using this technique, 64-bit WEP can be cracked with as few as 20,000 data packets and 128-bit WEP with 40,000 data packets. ​ As well, it requires the full packet to be captured. ​ Meaning you cannot use the "- - ivs" option when running airodump-ng. ​ It also only works for 64 and 128 bit WEP encryption+One particularly important constraint is that it only works against arp request/​reply packets. ​ It cannot be used against any other data packets. ​ So even if your data capture file contains a large number of data packets, if there insufficient arp request/​reply packets, it will not work.  Using this technique, 64-bit WEP can be cracked with as few as 20,000 data packets and 128-bit WEP with 40,000 data packets. ​ As well, it requires the full packet to be captured. ​ Meaning you cannot use the "-''''​- ivs" option when running airodump-ng. ​ It also only works for 64 and 128 bit WEP encryption.
- +
-==== Error message "fixed channel"​ ==== +
- +
-Notice the message "fixed channel wlan0: 8" on the first line below on the right-hand side.  It references channel 8 but the channel on the left says 9. +
- +
-   ​CH ​ 9 ][ Elapsed: 28 s ][ 2007-09-03 13:23 ][ fixed channel wlan0: 8                                          +
-                                                                                                                  +
-    BSSID              PWR RXQ  Beacons ​   #Data, #/s  CH  MB  ENC  CIPHER AUTH ESSID +
-                                                                                                                  +
-    00:​14:​6C:​7E:​40:​80 ​  ​64 ​ 73      208        0    0   ​9 ​ 11  WEP  WEP         ​teddy ​                            +
-                                                                                                                  +
-    BSSID              STATION ​           PWR   ​Rate ​ Lost  Packets ​ Probes  +
- +
-In the case where you start airodump-ng with a fixed channel (not channel hopping) and then you or some process changes the wireless channel, then this message appears. ​ This will lead to problems since you are now on a different channel then what you want. +
- +
-An example of starting airodump-ng on a fixed channel is as follows: +
- +
-   ​airodump-ng --channel 9 wlan0 or airodump-ng -c 9 wlan0 +
- +
-To resolve this, first identify what changed the wireless channel. ​ The most common problem is having one or more network connection managers running. ​ Be sure to stop all of them.  As well, you could have manually changed the channel with iwconfig, airodump-ng,​ etc. +
- +
-Once the problem has been resolved, reset the channel to the correct one and restart airodump-ng.+
  
 ==== Error message "​read(file header) failed: Success"​ ==== ==== Error message "​read(file header) failed: Success"​ ====
Line 494: Line 568:
 Simply delete the files with zero bytes and run the command again. Simply delete the files with zero bytes and run the command again.
  
-==== Release Candidate or SVN Version Notes ==== 
  
-This section ONLY applies the latest SVN version ​and to some release candidate versions of the aircrack-ng ​suite Once they are released as "​stable" ​then the documentation above will be updated.+==== WPA/WPA2 Handshake Analysis Fails ==== 
 + 
 +Capturing WPA/WPA2 handshakes can be very tricky. ​ A capture file may end up containing a subset of packets from various handshake attempts ​and/or handshakes from more then one client. ​ Currently aircrack-ng can sometimes fail to parse out the handshake properly. ​ What this means is that aircrack-ng ​will fail to find a handshake in the capture file even though one exists. 
 + 
 +If you are sure your capture file contains a valid handshake ​then use Wireshark or an equivalent piece of software and manually pull out the beacon packet plus a set of handshake packets. 
 + 
 +There is an open [[https://​github.com/​aircrack-ng/​aircrack-ng/​issues/​651|GitHub issue]] to correct this incorrect behavior.
  
-  * For WPA handshakes, a full handshake is composed of 4 packets. ​ However, aircrack-ng is able to work successfully with just 2 packets. ​ EAPOL packets (2 and 3) or packets (3 and 4) are considered a full handshake. 
-  * SSE2 support is now included. ​ This dramatically speeds up WPA/WPA2 key processing. 
-  * "​--cpu-detect"​ will provide information on the number of CPUs and MMX support. ​ Example responses to "​aircrack-ng --cpu-detect"​ are "Nb CPU detected: 2" or "Nb CPU detected: 1  (MMX available)"​. 
-  * The ASCII WEP key is displayed only when 100% of the hex key can be converted to ASCII. 
-  * -p : Allows you to specify the number of threads for cracking even if you have a non-SMP computer. 
-  * Outputs an error message if using -r and it wasn't compiled with sqlite support. 
-  * -C <​macs> ​ : merge the given APs to a virtual one 
-  * -l <​file> ​ : write key to file 
aircrack-ng.1241389388.txt.gz · Last modified: 2009/05/04 00:23 by mister_x