Crack the WI-FI THE "NEXT" IN 3 MINUTES Avete un pc portatile con scheda wi-fi ? Siete in giro , magari in un gran centro abitato (o se siete fortunati ne basta uno piccolo..) e non sapete da dove connettervi ?
Oppure semplicemente non volete pagare la connessione ?
Si può..e in pochissimi minuti… RICORDO CHE SI TRATTA SOLAMENTE DI UNA GUIDA, SCROCCARE LA CONNESSIONE AGLI ALTRI E’ REATO.
Se trovate una rete non protetta..ok potete connettervi senza alcun problema..ma quando vitrovate davanti ad una rete protetta in wep o wpa ?
Il 20 gennaio 2007 è stata rilasciata una nuova versione di Aircrack . Supportato da diversi sistemi operativi, si is one of the best tools for wireless cracking and wardriving. If you are using Linux you can follow the instructions on the web Wireless Defence (although English is intuitive to follow all steps through the various images to support the documentation). If you're using Windows, you can read this article (for the most part taken from Taz Forum ).
Conditions:
- Download and install Aircrack
- If you use " Winaircrack (Aircrack GUI) copy the files and peek.dll peek5.sys inside the folder of Aircrack
- Run the application from the DOS prompt: To run the program even though we are not in the directory that contains it, right-click-click "My Computer, Properties, Advanced, Environment Variables, Edit" bring the end of the line on which they are already written other environment variables, enter (";") a semicolon, and type the path where the Aircrack program (eg C: \\ Documents and Settings \\ 2BFree \\ Desktop \\ aircrack-ng-0.3-win \\ aircrack-ng- 0.3-win \\ bin)
- 'll also need to install the new drivers for your network adapter: the original drivers are not meant to do things like ( to find the drivers they can do for you visit WildPacket )
- To install the new drivers open "right-click on My Computer, Properties, Device Manager, right-click your network adapter, Properties, Driver, Update Driver, Install from a list or specific location" choose the path where you downloaded the drivers. Finally, make sure that your network adapter is now compatible with all
To facilitate understanding, during various steps of this tutorial, refer to the flow chart on the site Wireless Defense . If you are not familiar with "MAC Address" So before continuing, read also the related article: http://2befree.wordpress.com/2007/02/03/mac-address/ .
The first step is obviously to find a wireless network 
. You can go around with your laptop to do wardriving or you can use a special key "Wi-Fi Finder.
Type " airodump " in the DOS prompt (Start, Run, cmd). You will see a window containing le schede di rete trovate sulla vostra macchina. Notate che accanto al nome delle schede di rete è presente un numero identificativo. Ad e sempio:
14 NETGEAR WG511T 54 Mbps Wireless PC Card
22 NETGEAR WAG511 802.11a/b/g Dual Band Wireless PC Card
In questo caso digitate 22 , il numero identificativo della scheda che ci interessa utilizzare (in genere è quella che riporta una qualche identificazione del tipo “802.11x”).
Ora vi viene chiesto di indicare il chipset utilizzato dal vostro adattatore di rete. Ad example:
Interface types: 'o' = Hermes / Realtek
'a' = Aironet / Atheros
Select your own, in this case choosing "or" or "to . To find out which chipset is installed on your network card you can take a look at: http://www.linux-wlan.org/docs/wlan_adapters.html.gz
Now there will be prompted to enter the channel number to be checked (sniffing). Typically used for the U.S. el'UK 11, for Europe 14. If you want to scan all channels use the zero.
Following the program will ask you to type the name for the file that is created from the channel scan. Type the name that you like, for example, " WEP1 .
Now Aircrack will ask you whether to save the entire captured packets or just IVs. To crack a WEP key, you just simply save the IV (which will save you lots of space on your hard disk, then type "y ).
Now you will see a screen like:
BSSID = MAC address of the Access Point
PWR = indicates the strength of signal you are getting
beacons are = packages "in clear" that the access point transmits essentially say "I'm an access point connected to me"
= DATE is what interests us: it is the IV that will use to find
Aircrack WEP password
ENC = encapsulation type: WEP, WPA, OPEN ...
ESSID = The name of the wireless network . The SSID is a kind of network identifier. For example, if the Access Point's SSID as the name "foo" then the wireless cards that you want to connect must be set to turn SSID as "foo".
In the second part of the picture above we see the various clients that are "talking" with the Access Point ", more accurately see the various MAC addresses of the client. The information could be useful later then write down the MAC addresses. This is because in an Access Point can set a MAC address filter: in this mode only network adapters that have a MAC address listed in the filter can be connected. This means that even if we have the WEP key can not access the access point unless the MAC address of our network adapter is not set in the filter of the Access Point. However, a similar case will be discussed later, for the moment preoccupiamocene.
Aicrack IV will continue to collect until it stops. IV download more and more likely are you to decipher the key. There is no precise reference such as "long key = X number of IV to download. Generally good to take that to find a WEP key from 40 bits can be downloaded from 250,000 to 400,000 IV: Aircrack should find the key in seconds. However you should start with a few IV in fact, if they are not enough for Aircrack
to find the WEP key, no need to start from scratch: it will do when it asks you the name you want to insert the same file name that you had previously used (so the file will not be overwritten, but instead "continued," that is increased). For a key of 104 bits collected approximately 2,000,000 IV: sometimes you only need a lot less (although the program will take more tempo per trovare la chiave), altre volte purtroppo dovrete scaricarne di più…
Quando sarete soddisfatti del numero di IV collezionati premete “ CTRL + C ” per fermare il programma.
Scrivendo “ Aircrack-ng” nel prompt vi verrà mostrata la lista dei parametri che è possibile utilizzare. Supponiamo di aver scaricato intorno ai 400.000 IV, in genere sufficienti per scovare una chiave WEP da 40 bit. Digitiamo allora il comando “ aircrack-ng -n 64 WEP1.ivs ”. Con il parametro “-n 64” diciamo al programma che la chiave ha una maximum length of 64 bits and then try not to over (because, as already mentioned, we still have not downloaded enough IVs to more key lengths). The parameter "-f" in this example we used is used to specify the intensity of the brute-force, which by default is level 2: wishing you can specify a higher level, say 5.
Also note the file extension (WEP1. ivs) *. ivs will be if you decided to save only the IV, *. cap is if you decided to save the entire captured packets.
If you're lucky the program will return a message "KEY FOUND" and the name of the key.
Now that you have the key to use it just as if you connect your network to a "home". If the SSID of the access point is enabled follow this explanation, otherwise, I refer you to the last paragraph of this guide.
Start, Connect To, Wireless Network Connection, View Available Wireless Networks. If the SSID is enabled (visible), this will appear in the window of available connections (and usually you can also see if using the WPA encryption system or less). Double-click the connection icon and enter the password you found earlier: it is made. If you are unable to connect the cause may be:
1) The Access Point uses a MAC address filter
2) Too far from the Access Point
3) The key you found is incorrect
1) The AP uses a MAC address filter. Previously we had been told to write down the MAC addresses that were in dialogue with the PA. Now the easiest thing to do is:
- Wait a MAC address noted above disconnects
- Changing our MAC address to make it equal to what has just been disconnected (MAC Spoofing )
- Enter in the Access Point .
2) You are too far from the Access Point. Need an explanation?? Approach ...
3) The key you found is incorrect. Or better ... you are correct: Make sure you have written it in the right way. In particular, make sure di non aver scritto eventuali zeri (“0”) come delle “O” in quanto non ci possono essere delle “O”!
Se l’SSID dell’Access Point è disabilitato nessun problema. Voi conoscete già qual è, vi è stato rivelato da Aircrack: vedi immagine sopra, ESSID. Quello che dovete fare è semplicemente inserire l’SSID trovato nelle impostazioni di connessione.
Start, Connetti a, Connessioni di rete senza fili, Visualizza reti senza fili disponibili, Modifica impostazioni avanzate, Reti senza fili, Aggiungi: scrivete l’SSID così come lo ha trovato Aircrack, l’autenticazione alla rete è normalmente APERTA > scegliere la cifratura WEP, togliere il segno di spunta dalla voce “la chiave sarà fornita automaticamente” ed inserire invece la chiave WEP che avete trovato grazie ad Aircrack (nota: inserite la chiave tutta di seguito, senza i due punti (“:”) di separazione).
