Join GitHub today
GitHub is home to over 20 million developers working together to host and review code, manage projects, and build software together.
Fetching latest commit…
Cannot retrieve the latest commit at this time.
|Failed to load latest commit information.|
Documentation, tutorials, ... can be found on http://www.aircrack-ng.org See also manpages and the forum. Installing ========== This version now requires more libraries than 0.X versions to be compiled. See INSTALLING file for more information OpenWrt Devices =============== You can use airodump-ng on OpenWrt devices. You'll have to use specify prism0 as interface. Airodump-ng will automatically create it. Rq: Aireplay DOESN'T work on OpenWrt (2.4 kernel) with broadcom chipset since the driver doesn't support injection. It *may* work with 2.6 kernels >= 2.6.24 (kamikaze 8.09+ custom-built). Known bugs: =========== Drivers ------- Madwifi-ng ---------- The cause of most of these problems (1, 2 and 3) is that Madwifi-ng cannot easily change the rate in monitor mode. Technically, when changing rate while in monitor mode, the raw socket gets invalidated and we have to get it again. Madwifi-ng is getting replaced by several drivers: ath5k, ath9k and ar9170. Problem 1: No client can associate to an airbase soft AP. Solution 1: None at this time. Problem 2: When changing rate while you are capturing packet makes airodump-ng stall Solution 2: Restart airodump-ng or change rate before starting it. Problem 3: After some time it stops capturing packets and you're really sure no network manager are running at all. Solution 3: That's a known bug in the driver, it may happen at any time (the time before it fails can vary a lot: from 5 minutes to 50 or even more). Try (as root) unloading completely the driver with 'madwifi-unload' and then run 'modprobe ath_pci autocreate=monitor'. Problem 4: When creating a new VAP airodump-ng takes up to 10-15 seconds to see the first packet Solution 4: It's the behaviour of madwifi-ng, don't worry (... be happy ;)). Orinoco ------- Problem: BSSID is not reported correctly or is 00:00:00:00:00:00 or signal is not reported correctly. Solution: None. Consider replacing your card, orinoco is really really old. Aircrack-ng ----------- Aireplay-ng ----------- Problem: Fakeauth on a WRT54G with WEP (shared authentication) doesn't work. Solution: None at this time (we'll try to fix it for next release). Airolib-ng ---------- Problem: On windows only, opening/creating a database doesn't work when airolib-ng is in directories containing special characters like 'ç', 'é', 'è', 'à', ... (directories containing spaces are not affected). Reason: It's a SQLite issue. Solution: Rename the directory or move the database into another directory. Airbase-ng ---------- Problem: SSID are not displayed correctly (when scanning for networks) when using airbase-ng with r8187 driver. Reason: Beacons are truncated (the beginning is missing) when sent in the air. Solution: None at this time (we'll try to fix it for next release) Airodump-ng ----------- Problem: Airodump-ng stop working after some time. Solution 1: You may have a network manager running that puts back the card in managed mode. You'll have to disable it (the fastest solution is killing the process) then restart airodump-ng. Solution 2: See Problem 3 of Madwifi-ng. Problem: Airodump-ng corrupts pcap file when using GPSd (--gpsd). Solution: None at this time (will be fixed in next release). Problem: On windows, it doesn't display a list of adapters like the old 0.X Solution: It requires you to develop your own DLL. Aircrack-ng ----------- Problem: Aircrack-ng can't use dictionnaries/wordlists bigger than 2GB Solution: Split your files. Cleaning can also help because WPA only use passphrases of 8 to 63 characters. Sample files ============ wep.open.system.authentication.cap: It show a connexion (authentication then association) to a WEP network (open authentication). wep.shared.key.authentication.cap: It shows a connexion (authentication then association to a WEP network (shared authentication). The difference with open authentication is that the client has to encrypt a challenge text and send it back (encrypted) to the AP to prove it has the right key. wpa.cap: This is a sample file with a WPA handshake. It is located in the test/ directory of the install files. The passphrase is 'biscotte'. Use the password file (password.lst) which is in the same directory. wpa2.eapol.cap: This is a sample file with a WPA2 handshake. It is located in the test/ directory of the install files. The passphrase is '12345678'. Use the password file (password.lst) which is in the same directory. test.ivs (http://download.aircrack-ng.org/wiki-files/other/test.ivs): This is a 128 bit WEP key file. The key is AE:5B:7F:3A:03:D0:AF:9B:F6:8D:A5:E2:C7. ptw.cap (http://dl.aircrack-ng.org/ptw.cap): This is a 64 bit WEP key file suitable for the PTW method. The key is '1F:1F:1F:1F:1F'. password.lst This is a sample wordlist for WPA key cracking. More wordlists can be found at http://www.aircrack-ng.org/doku.php?id=faq#where_can_i_find_good_wordlists password.db This is a sample airolib-ng database for WPA key cracking.