First step, obviously, is to install Ubuntu. Just boot from the CD and follow the directions. This should be fairly straightforward and I’m not going to get into it any more than this. Once you have it installed and the layout and theme is how you want it, go on. But do everything in order, because otherwise it won’t really work.
Next step is to install the extra repositories and all the programs that Ubuntu doesn’t preinstall. Make sure your box can connect to the internet. If you can only connect via wireless and are having problems, there is a package called Wi-Fi radar that is helpful. To install the extra repositories, open a terminal window and type the following:
Save the file and exit the text editor. Next type the command:
Now we have to install the packages we’ll need later on:
Next, you should update your entire system by going to the System Menu>Administration>Update Manager. Click ‘Check’ and begin installing updates. Then reboot your system. After this is done, it’s time to patch the Madwifi drivers.
This is where everything can be tricky. My wireless card (Linksys WPC55AG) uses the Atheros driver, which I needed to patch. If you have a different driver, you’re going to need to find out whether or not you need to patch your drivers, or if they’ll even work with the Aircrack suite. The forums at aircrack-ng.org are a good place to look and so is a google search. If you have an Atheros card, it will be called ath0 when you type iwconfig in the terminal window, or there will be a line that says Ethernet controller: Atheros Communications… when you type lspci in the terminal.
Let’s apply the madwifi patch which you’ll need if you’re using the Atheros driver. This will temporarily disable your wireless card when it deletes the old drivers of the disk. First we’re going to navigate to the /usr/src directory, download the new drivers, delete the old drivers, then install the new ones and apply the patch. You can just copy and paste the commands below into the terminal or type them yourself.
However, during Madwifi Installation I got this warning:
When I ran “modprobe ath_pci” it gave me an error message and “dmesg” gave me some gibberish about “disagrees about version of symbol”.
I browsed the web and found the solution: You have to delete the linux-restricted modules. Just search for “linux-restricted” in Synaptic. I removed everything but “linux-restricted-modules-common”. Then I compiled the madwifi again and ran “modeprobe ath_pci” again. NO ERROR this time! Authenticating and injecting works!
Karl, maybe you can add this to your tutorial cuz I did everything exactly as you wrote. Apparently some network cards with atheros chipset cause problems if you don’t remove the linux-restricdet-modules.
Thanks again!
Cheers,
mcgyver100
If you are using the Atheros driver, next we need to configure kismet to use the right source. If you are using another driver you’ll have to look up what syntax you use. First navigate to the Kismet config, then change the source line.
Change the line that begins with ’source=’ to ’source=madwifi_ag,ath0,madwifi’. Now reboot the computer. After it boots back up you should be able to access the internet again via your wireless card.
Now we can begin cracking. Open up a terminal window, enter monitor mode, and run kismet.
Locate the wireless network you want to crack, and note its ESSID and channel. Then exit by pressing Ctrl-C.
Next, run airodump.
The one at the end lets Airodump know we only want to capture IV’s. The filename can be anything you want, and will be saved in your home directory (or whatever directory you run the command from) as filename.ivs.
Copy the bssid of the wireless network from the airodump window by selecting it and pressing Shift+Ctrl+C. Open up a new terminal window so we can run aireplay to start injecting packets so our data count goes up. We want the data column in airodump to reach between 100,000 and 400,000. The more packets we have, the faster aircrack can find the WEP key. If the WEP key is 128 bits, we may need up to 1,000,000 packets.
This should associate the network with the wireless connection. If it times out repeatedly, you need to be closer to the wireless router or change your interface rate by typing ’sudo iwconfig ath0 rate 1M’.
Next we want to start injecting packets.
At first, it will only read packets, and say 0 ARP requests and 0 packets sent. Just wait a minute or two and it will start sending packets in large quantities. If it returns text that says it has been deauthorized, press Ctrl+C and run the command again. You can try to speed things up by entering this command:
Otherwise just sit back and wait. As soon as packets begin to be sent, the data field in Airodump should start flying. Wait until the desired number of packets have been recieved, then open a new terminal window and run aircrack.
After a minute, aircrack should return the WEP key. If it doesn’t, collect more packets.
Published under a Creative Commons license by Karl Blitz
Update: Looking for compatible WiFi cards? Read here: http://ubuntulinuxhelp.com/how-to-setup-a-wireless-ubuntu-router/
Next step is to install the extra repositories and all the programs that Ubuntu doesn’t preinstall. Make sure your box can connect to the internet. If you can only connect via wireless and are having problems, there is a package called Wi-Fi radar that is helpful. To install the extra repositories, open a terminal window and type the following:
sudo cp /etc/apt/sources.list /etc/apt/sources.list_backup
sudo gedit /etc/apt/sources.listSave the file and exit the text editor. Next type the command:
sudo apt-get updateNow we have to install the packages we’ll need later on:
sudo apt-get install build-essential
sudo apt-get install aircrack
sudo apt-get install kismet
sudo apt-get install airsnort
sudo apt-get install linux-source
sudo apt-get install linux-headers
sudo apt-get install sharutilsNext, you should update your entire system by going to the System Menu>Administration>Update Manager. Click ‘Check’ and begin installing updates. Then reboot your system. After this is done, it’s time to patch the Madwifi drivers.
This is where everything can be tricky. My wireless card (Linksys WPC55AG) uses the Atheros driver, which I needed to patch. If you have a different driver, you’re going to need to find out whether or not you need to patch your drivers, or if they’ll even work with the Aircrack suite. The forums at aircrack-ng.org are a good place to look and so is a google search. If you have an Atheros card, it will be called ath0 when you type iwconfig in the terminal window, or there will be a line that says Ethernet controller: Atheros Communications… when you type lspci in the terminal.
Let’s apply the madwifi patch which you’ll need if you’re using the Atheros driver. This will temporarily disable your wireless card when it deletes the old drivers of the disk. First we’re going to navigate to the /usr/src directory, download the new drivers, delete the old drivers, then install the new ones and apply the patch. You can just copy and paste the commands below into the terminal or type them yourself.
sudo -iUPDATE: Some people have been having problems with the modprobe command. A comment below contains a fix in some cases:
cd /usr/src
wget http://*******PLEASE SEE COMMENTS FOR URL'S*******
wget http://*******PLEASE SEE COMMENTS FOR URL'S*******
ifconfig ath0 down
rmmod ath_rate_sample wlan_wep ath_rate_onoe ath_pci wlan ath_hal
find /lib/modules -name ‘ath*’ -exec rm -v {} \;
find /lib/modules -name ‘wlan*’ -exec rm -v {} \;
tar zxvf madwifi-cvs-20051025.tar.gz
cd madwifi
patch -Np1 -i ../madwifi-cvs-20051025.patch
make && make install
modprobe ath_pci
However, during Madwifi Installation I got this warning:
Warning: could not find /usr/src/madwifi/ath_hal/.hal.o.cmd for /usr/src/madwifi/ath_hal/hal.oThis warning can be IGNORED.
When I ran “modprobe ath_pci” it gave me an error message and “dmesg” gave me some gibberish about “disagrees about version of symbol”.
I browsed the web and found the solution: You have to delete the linux-restricted modules. Just search for “linux-restricted” in Synaptic. I removed everything but “linux-restricted-modules-common”. Then I compiled the madwifi again and ran “modeprobe ath_pci” again. NO ERROR this time! Authenticating and injecting works!
Karl, maybe you can add this to your tutorial cuz I did everything exactly as you wrote. Apparently some network cards with atheros chipset cause problems if you don’t remove the linux-restricdet-modules.
Thanks again!
Cheers,
mcgyver100
If you are using the Atheros driver, next we need to configure kismet to use the right source. If you are using another driver you’ll have to look up what syntax you use. First navigate to the Kismet config, then change the source line.
sudo gedit /etc/kismet/kismet.confChange the line that begins with ’source=’ to ’source=madwifi_ag,ath0,madwifi’. Now reboot the computer. After it boots back up you should be able to access the internet again via your wireless card.
Now we can begin cracking. Open up a terminal window, enter monitor mode, and run kismet.
sudo airmon start ath0
sudo kismet
Locate the wireless network you want to crack, and note its ESSID and channel. Then exit by pressing Ctrl-C.
Next, run airodump.
sudo airodump ath0 filename channel# 1The one at the end lets Airodump know we only want to capture IV’s. The filename can be anything you want, and will be saved in your home directory (or whatever directory you run the command from) as filename.ivs.
Copy the bssid of the wireless network from the airodump window by selecting it and pressing Shift+Ctrl+C. Open up a new terminal window so we can run aireplay to start injecting packets so our data count goes up. We want the data column in airodump to reach between 100,000 and 400,000. The more packets we have, the faster aircrack can find the WEP key. If the WEP key is 128 bits, we may need up to 1,000,000 packets.
sudo aireplay -1 0 -e ESSID -a BSSID -h 0:1:2:3:4:5 ath0This should associate the network with the wireless connection. If it times out repeatedly, you need to be closer to the wireless router or change your interface rate by typing ’sudo iwconfig ath0 rate 1M’.
Next we want to start injecting packets.
sudo aireplay -3 -b BSSID -h 0:1:2:3:4:5 ath0At first, it will only read packets, and say 0 ARP requests and 0 packets sent. Just wait a minute or two and it will start sending packets in large quantities. If it returns text that says it has been deauthorized, press Ctrl+C and run the command again. You can try to speed things up by entering this command:
sudo aireplay -0 ath0 -a BSSID ath0Otherwise just sit back and wait. As soon as packets begin to be sent, the data field in Airodump should start flying. Wait until the desired number of packets have been recieved, then open a new terminal window and run aircrack.
sudo aircrack filename.ivsAfter a minute, aircrack should return the WEP key. If it doesn’t, collect more packets.
Published under a Creative Commons license by Karl Blitz
Update: Looking for compatible WiFi cards? Read here: http://ubuntulinuxhelp.com/how-to-setup-a-wireless-ubuntu-router/
No comments:
Post a Comment