Crack-wifi.com FORUM

LE FORUM DU SITE

Wifi, Backtrack, crack WEP et WPA...

Vous n'êtes pas identifié(e).  

Annonce

Visitez la boutique Wifi-highpower.com, votre revendeur agr Alfa Network: du matriel Wifi slectionn, cartes Wifi USB Awus036h et Awus036nh, antennes omnis, yagis, panel, amplis wifi, accessoires...

#1 28-03-2010 04:49:43

shabbaranks
Nouveau membre
Inscription : 10-03-2010
Messages : 5

Default WPA key based on SSIS

Hi,

I am new to this so please be patient with me, also is there a way I can browse this site in English as my French isnt that great. As soon as you login from the redirect on the site it removes the translator.

Anyway - the bbkeyswin what a great application!!! It worked for me fine on the Australian speedtouch boxes but only for SSID'd with 6 numeric characters some have 4 for example BigPond4878 and I cant get bbkeyswin or stkeys to figure out the WPA key.

Does anyone know a solution to this? And again this is a great site to for learning...

Merci beucoup

Shabba!

Hors Ligne

Annonce

Visitez la boutique Wifi-highpower.com, votre revendeur agr Alfa Network: du matriel Wifi slectionn, cartes Wifi USB Awus036h et Awus036nh, antennes omnis, yagis, panel, amplis wifi, accessoires...

#2 28-03-2010 12:00:42

antares145
Membre d'honneur
Inscription : 29-09-2009
Messages : 5 199
Site Web

Re : Default WPA key based on SSIS

Hi Shabbaranks, and be welcome on our forum ! smile I don't remember having seen any aussie around here before you tongue

I don't know any way to browse this site in english (I admit that I never searched, either ^_^), but what if you try to browse it whithout login ? I've just tested, you go on Google > Language tools > translate a web page then you provide the base address of the forums, and then you can browse in english. Did not try with a login step, though... Hope it helps wink

For you bbkeys/stkeys problem, the first thing you must check is that the wpa passphrase is still the default one. Obviously, if the owner of the modem changed it, these two programs become useless hmm
But if they are still default and you just need the missing two hexa characters, they are quite easy to get (if you can use BackTrack) : you launch airodump-ng, then you look at the bssid of the AP ; normally the 6 characters you need are the last 6 ones of this MAC address smile

This requires that you have some basic skills in linux (preferably BackTrack), but I dunno if you have these hmm If you prefer staying on Windows, I assume that you can grab a copy of Netstumbler and use it to know the BSSID of the AP smile

Hors Ligne

#3 28-03-2010 14:38:14

shabbaranks
Nouveau membre
Inscription : 10-03-2010
Messages : 5

Re : Default WPA key based on SSIS

Hey... Thanks for the quick response. I have a bit of a confession though I'm not an Ozzie but a backpacker travelling around. My backtrack knowledge is pretty good although isnt it quicker to launch kismet and that'll show you the mac of the bssid? As for the having 2 pages up - 1 logged in and the other through google, thats my method at the mo but wasnt sure if there is another way.

I checked the last 6 digits of the mac address and they arent the digits I need (or did you mean those plus the other 4 I have are the complete set?) Its just the last 6 mac digits are 712B49 and the SSID numbers are 4878.

Hope to crack this one as limited internet on my travels is a pain.

Thanks loads
Shabba the not so Ozzie Ozzie smile

Hors Ligne

#4 28-03-2010 15:43:43

antares145
Membre d'honneur
Inscription : 29-09-2009
Messages : 5 199
Site Web

Re : Default WPA key based on SSIS

My mistake, my memory was wrong ! Default WPA keys are based on router's serial number, not the BSSID sad So it's normal if the characters don't match...

I don't know any other way to retrieve the key from the SSID, but when you look at the [c]stkeys[/c] source code (the python version for linux), it states that the possible keys are computed from the years 2005 -> 2007. You might want to add other years to this set (easy to do) and grab the keys. There will be much more (243 keys if I extend the years from 2004 to 2009, for SSID ending with 4878), but that's not a problem : you copy all the possible keys in a textfile, and you ask aircrack-ng to try to crack the key with this "wordlist" and an handshake pre-captured. You can expect a rate of 500keys/sec, so testing all the possible keys shouldn't be long smile

Other possibility : you can assume that the two missing characters are hexadecimal, so 16 possibilities for each (0 > 9 & A > F). You can write a bash script with a for loop to bruteforce all the possibilities with stkeys.py. Of course it will need some time (there are 256 possibilities), but it will (should) be exhaustive wink Once again, you can just pass this list to aircrack, get an handshake and see if the key is in the list or not smile

Just a remark : On this site, we do not accept the members who want to crack someone else's network without his consentment (--> rules, #3). One might think that you just want to crack some WiFi to get free internet access... As a moderator I have to warn you : beware on your intentions or you risk to be banned from here hmm

Hors Ligne

#5 29-03-2010 11:04:10

shabbaranks
Nouveau membre
Inscription : 10-03-2010
Messages : 5

Re : Default WPA key based on SSIS

Totally understand about the rules etc.. I have internet so its not to achieve that goal, just want to learn about it all as I find it really interesting.

Hors Ligne

#6 29-03-2010 11:08:04

shabbaranks
Nouveau membre
Inscription : 10-03-2010
Messages : 5

Re : Default WPA key based on SSIS

Are there any instrutions to achieve the creating a text file and piping into airmon-ng. I need to download an iso/vmbox image of backtrack as my pen drive one doesnt map through the virual software. I need to have the vm so I can browse the internet on my xp box and get the necessary steps smile

Hors Ligne

#8 29-03-2010 12:25:28

antares145
Membre d'honneur
Inscription : 29-09-2009
Messages : 5 199
Site Web

Re : Default WPA key based on SSIS

Hi again Shabbaranks

If I get it right, you would like to be able to pentest some WiFi network around through a VM, while you are browsing the net on the "physical" machine ? This cannot be achieved with a single wireless card hmm
I mean, the VM won't be able to use the internal WiFi card of your PC (it won't even detect it), so no way to play around with the Aircrack toys wink
As [email protected] told you, to use your internal card, you have to be in "Live" mode, for example LiveUSB (with persistance if you like).

I may be wrong, but I think that on BT4, you are able to use the same card in managed and monitor at the same time (because the system creates a virtual interface mon0), as long as you keep on the same channel. But U think that this solution is not efficient, so you'd better remain in Live mode, or get a second wireless adapter (a USB one !) that you will be able to use inside your VM, while keeping connected with the primary internal card smile (I hope I'm clear enough...)

By the way, what's the point with airmon-ng ? Why do you want to pipe a textfile to it, it juste needs 2 arguments (start/stop <iface>) big_smile Maybe you thought about aircrack-ng, or another tool ?

Hors Ligne

#9 02-04-2010 02:15:30

shabbaranks
Nouveau membre
Inscription : 10-03-2010
Messages : 5

Re : Default WPA key based on SSIS

Hey... Thanks again for the info. Do you think the best source for me to use is bt4? I have downloaded the iso and installed LiLi USB Creator but it doesnt seem to boot BT4 in either live mode or persistance (if I have got that right??) Also another problem is my wifi usb dongle. Its a ZD1211 ZyDAS and backtrack doesnt seem to recognise it. I had the same problem with bt3 but I had to add it as a source in the kismet config - how do I do that in BT4?

Thanks and merci beaucoup smile

Hors Ligne

Annonce

Visitez la boutique Wifi-highpower.com, votre revendeur agr Alfa Network: du matriel Wifi slectionn, cartes Wifi USB Awus036h et Awus036nh, antennes omnis, yagis, panel, amplis wifi, accessoires...

Pied de page des forums


Le coin des bonnes affaires, achats informatiques:


|   Alfa 1000 mW AWUS036H   |    Linksys WRT54GL   |    Misco, informatique   |   
 |    Ebay   |    PC portables   |    PC Gamers & Tuning   |    Cles USB   |   
|   Disques durs externes 2 To   |   
|   Wifi-highpower.com   |   


Server Stats - [ Generated in 0.03 seconds ]   Forum Stat - [ Most users ever online on the forum was : 150 on 20-09-2009 17:06:59 ]