Professional Documents
Culture Documents
Hack Wireless
Hack Wireless
khong hn 2 nm, ch yu l cc trang web bng ting Anh. S liu thng k cho thy y l
nhng trang c rt nhiu ngi ving thm chng t nhu cu rt ln v hc hack WEP. Tuy
nhin, nhiu ngi khi i theo nhiu hng dn trn cc trang web ny sm nhn ra rng h
khng c cp nht! Chng ti nghin cu t nhiu ngun trn internet, thc nghim
theo cc hng dn a n cc bn bi vit hng dn hack WEP ngy hm nay.
Trc khi i vo ni dung chi tit ca bi, chng ti c mt s lu nh nh sau:
- c th lm theo nhng hng dn trong bi vit ny, bn cn c nhng kin thc c
bn lin quan n cc thut ng v nguyn tc ca mng. Nu bn quen vi vic
dng cc dng lnh (command lines) ca h iu hnh Linux th s rt hu ch.
- Trong ni dung bi, chng ti lin tc s dng nguyn cc thut ng bng ting Anh, c
km ch thch i vi ln s dng u tin. iu ny gip bn lm quen dn vi giao
din v cc dng lnh khi s dng do gi chng trnh ny u bng ting Anh.
- Tin trnh crack WEP i hi phi c t nht 01 my tnh ang kt ni vi AP hoc
router. Bn s khng lm c g nu khng c my (nn nhn) no ang ni mng.
- Vic xm nhp vo mng ca ngi khc m khng c php ca ngi l BT
HP PHP. Nu hu s th ng trch v bi vit ny xui di.
Vietchovui & cc thnh vin khng khuyn khch v s khng tha th vic s dng hng
dn ny crack mng WEP ngi khc m khng c php!
l nhng vn ngoi l, cn gi th hy bt u! V sao bn cn phi v c th crack
mng WEP? Trc ht, hin nay bn c gn nh mi th cn thit lm iu ny. Cc bi
hng dn trn mng dn tham chiu n v vn nhng cng c khc nhau c vit bi c
m ngun m cng nh ng, c ph cng nh cha. Mt khc, nhng cng c mi ny
cng khng kn chn phn cng nh trc y. Bn khng cn phi i tm bng c card
wireless loi PRISM 2 Wi-Fi v cng khng cn dng n 02 my tnh ng thi hnh s.
Ngy nay, nhiu loi chipset h tr cc loi cng c ni trn v bn c th crack WEP vi
ch mt chic my tnh c nht.
B cng c crack WEP tt nht c pht trin bi nhm Aircrack-ng, y cng chnh l b
cng c m chng ti s dng. Aircrack-ng l b chng trnh c vit vi mc ch cng
ph kha mng WEP v WPA-PSK. Trong khi b chng trnh ny gm tng cng 07
chng trnh c lp v mt vi cng c nh khc, chng ti ch s dng 04 trong s chng,
l:
1. airmon-ng dng chuyn card wireless sang dng monitor (ch nghe ngng v
ti s s dng BackTrack 3 (beta version) live. Do y l h iu hnh chy trc tip trn a
CD hoc USB (chng ti dng USB) nn bn khng cn phi c ng tc ci t phin phc
v BackTrack 3 (BT3)cng khng h li du vt g trn a cng ci Windows ca bn
(tr khi bn c ). BT3 l bn Linux c iu ch chuyn dng cho crack WEP, trn
c b Aircrack-ng ci t sn cho bn s dng.
Bn c th tm thy nhiu thng tin hn v BT3 cng vi link download ti y.
Khi la chn c phn cng, bn cn la chn cho mnh mt s chng trnh phn mm.
Nh ni trn, chng ti s s dng BackTrack 3 (bn beta) chy trn USB. Nu my tnh
ca bn khng c kh nng boot t a flash USB th c th dng BT3 chy trc tip trn a
CD. H iu hnh BT3 c tt c nhng g cn thit thc hin cc cng vic v bo mt v
c bit l n khng h ghi li bt c th g trn cng ca bn.
Sau khi download file ISO, bn c hai la chn.
- Cch th nht, gii nn (bng Winrar) nhng g c bn trong file ISO ra a USB ca
bn sau kch hot chy \boot\bootinst.bat lm cho a USB (dung lng ti
thiu 1GB) c kh nng boot c. Nu dng BT3 trn USB th mi vic s nhanh
chng v m i hn so vi dng trn CD. ng nhin, trc khi mun boot c t
USB th bn cn thit lp th t boot u tin t BIOS cho USB ca bn. iu ny
chc hn ai tm c bi ny n y cng phi bit nn chng ti khng nhc
li nhiu.
- Cch th hai, ch thc hin khi bn khng c kh nng boot t USB, l dng chng
trnh ghi a burn file ISO vo a CD v s dng n boot chic my tnh ca
bn.
Cng vic to USB/CD khi ng bn c th lm vi Windows v nh th s quen thuc hn
nhiu cho nhng ai cha tip xc vi Linux.
Sau khi boot li my tnh ca bn vo BT3, bn cn kim tra rng WLAN adapter c
nhn ra v khi ng. Click vo biu tng chic my tnh c mn hnh mu en (bn cnh
nt start) m Shell Konsole (tng t cmd trong Windows). G vo dng lnh iwconfig
kim tra WLAN card ca bn. Kt qu ca dng lnh c dng di y:
Hnh 1: mn hnh kt qu
lnh iwconfig
Hy vit ra tn ca card wireless ca my tnh bn. Trong trng hp trn l ath0. Tuy nhin,
vi my bn c th l tn no dng nh wlan1, eth0, wi0,
mt s thng tin cn thit. Cc chuyn gia lm thc nghim xm nhp mng kim tra miu
t vic tn cng ny l tn cng zero knownledge.
Chng ta ang tm kim cc AP s dng ch m ha WEP v ang c t nht 01 my
khch (client) ang kt ni ti n. My khch i km ny l quan trng bi v bn cn c
c a ch MAC ca client ny s dng n tn cng vi ARP Replay to ra dng d
liu.Nu AP khng c client no ang kt ni, hy di chuyn n mt AP khc.
Chng ta cn c 03 thng tin bt dng d liu, to iu kin cho aircrack hot ng:
C nhiu cch qut mng wireless LANs, bao gm c chng trnh rt ni ting l Kismet
c tch hp sn trong BT3. Tuy nhin, chng trnh ny hon ton c lp vi b Aircrack,
Kismet c nhng yu cu ring ca n i vi adapters. Vic s dng Kismet kh n gin v
c c phin bn ca Kismet dnh cho Windows. Tuy nhin, mi vic n gin, chng ti
s tip tc vi airodump-ng, mt b phn ca b Aircrack, v cng rt tt lm c
nhng iu chng ta cn.
Khi ng airodump-ng bng cch g lnh:
airodump-ng --ivs --write capturefile ath0
Hnh 6: aireplay-ng lc
va khi ng, cn cha pht sng lp li
Ch du y l "sent 0 packets" dng cui. Ch rng nu drivers hoc card WLAN ca
bn khng h tr packet injection, aireplay s cho ra nhng dng tng t nh di y:
Hnh
7: aireplay trong trng hp khng c packet injection
Bn c th kim tra xem drivers ca mnh c h tr injection hay khng bng cch c qua
trang ti liu ca aircrack-ng y.
Hnh 9: airodump vi
ARP replay ang chy
Bn cn cho cc chng trnh ny tip tc chy cho n khi con s trong ct #Data t t
t nht 300,000 IVs i vi kha WEP 64 hoc khong 1,500,000 i vi kha WEP 128.
Vn l trong mt cuc tn cng dng "zero knowledge", bn khng h bit g v di
ca m kha.
Trong trng hp ca chng ti, v bit trc m kha thuc loi 128 bit, chng ti i n
lc c hn con s IVs d kin l 1.500.000. t c con s ny, chng ti mt khong
hn 01 gi ng h, vi AP mc tiu v ton b cc laptop lin quan nm trong cng mt
phng. Trong iu kin bnh thng, vi mt AP nm cch my ca bn mt khong kh xa,
Ch rng trong dng lnh c cha du sao (*) aircrack-ng s dng ton b cc file IVs
bt c c lu trn th mc gc. V d trong trng hp ca chng ti dng lnh s
nh sau:
aircrack-ng -b 00:06:25:B2:D4:19 capturefile*.ivs
Kha WEP 128 bit tm thy di dng h thp lc phn (hexadecimal) v bn c th dng
n nhp vo phn thit lp mng Wireless sau khi loi b cc du hai chm (:)