AirSnort for Windows:
Project homepage:
http://airsnort.shmoo.com/
AirSnort is a wireless LAN (WLAN) tool which recovers encryption
keys. AirSnort operates by passively monitoring transmissions, computing the
encryption key when enough packets have been gathered.
Whilst always having implemented the the WEP key attack
identified by the Weaknesses in the Key Scheduling Algorithm of RC4 paper by
Fluhrer, Mantin and Shamir as of version 0.2.7, AirSnort also incorporates
Aircrack style cracking in real time.
There is a superb installation
guide for AirSnort on windows available at the Shmoo website:
http://airsnort.shmoo.com/win_setup.html
It can be a little tricky to determine which interface you need
to use under windows as they appear in the form
\Device\{C4748374-F81D-4E40-AFFD-16CCED00F221}. I found the easiest
way to determine the name of your wireless card as to use Windump
http://www.winpcap.org/windump/
(which also requires the installation of WinPcap
http://www.winpcap.org/install/default.htm) and running:
windump -D
NOTE: \Device\{C4748374-F81D-4E40-AFFD-16CCED00F221}
is clearly identified as the Orincoco card.
One thing to watch out
for is to ensure that you start AirSnort in scan mode not
channel mode (or else you will see very few packets) once packets are being
collected you can speed the process up by changing to channel mode.
On a saturated 802.11b network AirSnort for windows cracked a
128 bit WEP key in under 10 minutes:
Whilst AirSnort under windows
(tested on Windows XP SP2) appears a little bit rough around the edges it
still does a great job of cracking those WEP keys.
|
Linux
