|
sterileeden
Stranger


Registered: 04/25/04
Posts: 52
Last seen: 9 years, 1 month
|
converting sniffed WEP traffic to something readable
#8017858 - 02/13/08 02:07 PM (15 years, 11 months ago) |
|
|
Heey all you techno wizards. I have learned how to sniff traffic and figure out WEP passwords with a Linux distro called BackTrack3. First i tried the program KisMAC because it would easily run on my macbook but it doesnt allow for real packet sniffing because of Driver issues.
BT3 however, does. I want to be able to take the packets i capture and rebuild them into something that i can see. I know there is this program airsnort (for windows?) and then there is ettercap which is on BT. I guess i am asking which program is the best/easiest. I am pretty sure that i cant sniff with airsnort on my macbook, but if you are able to say, load a capture file from airodump (i believe airodump is the prog that saves a .cap file) into airsnort and use it there then i would be happy.
Also, if anyone has questions on WEP or BT3 i can help in answering some of them. Hopefully one of you out there can help me with rebuilding sniffed packets. I do have windows on my macbook and also have the linux distro but am still at the bottom of the learning curve on that. (except for cracking WEP which i can do cuz its so easy!)
|
FrizzleFry07
Stranger

Registered: 10/29/07
Posts: 7
Last seen: 15 years, 7 months
|
Re: converting sniffed WEP traffic to something readable [Re: sterileeden]
#8017969 - 02/13/08 02:38 PM (15 years, 11 months ago) |
|
|
airsnort and its for linux. it will run on windows but there is no support for it due to wireless card driver issues. if you have a supported card, it will work tho you may need to use 3rd party drivers. if your windows runs airopeek, chances are that your card will work. do a google search for "Mike's Guide to Airsnort on Windows XP" you will have to click to see the google cached version because the website is no longer up. (dontbeevilgoogle.com/win_setup.html)
|
sterileeden
Stranger


Registered: 04/25/04
Posts: 52
Last seen: 9 years, 1 month
|
Re: converting sniffed WEP traffic to something readable [Re: FrizzleFry07]
#8018581 - 02/13/08 05:15 PM (15 years, 11 months ago) |
|
|
ok, i see the tutorial. I probly have to use my linux distro. I havent checked to see if airsnort is on there or not.
Do you know if my thoughts about saving my airodump .cap file in linux and loading the .cap into some program in windows or mac will work, and if so what program? airsnort or airopeek or something else? I guess i could use a linux program too but i am wondering how graphic the program will be or if it is a command line setup.
If i am forced to go command line i will but i am just hoping for some info on a program that will load a .cap file and allow me to play with it in a windows/mac gui setting.
thanks
Edited by sterileeden (02/13/08 05:41 PM)
|
Alan Rockefeller
Mycologist


Registered: 03/10/07
Posts: 48,276
Last seen: 2 hours, 3 minutes
|
Re: converting sniffed WEP traffic to something readable [Re: sterileeden]
#8018690 - 02/13/08 05:43 PM (15 years, 11 months ago) |
|
|
Wireshark is a good program for capturing the packets in the first place and for decoding the data.
You can put the WEP key in that you cracked with one of the tools on BackTrack3 and it will show you the data.
|
sterileeden
Stranger


Registered: 04/25/04
Posts: 52
Last seen: 9 years, 1 month
|
Re: converting sniffed WEP traffic to something readable [Re: Alan Rockefeller]
#8019136 - 02/13/08 07:36 PM (15 years, 11 months ago) |
|
|
im downloading this program called Iris that i found. It costs like 1300$$$ but free on tpb.
As far as wireshark goes, is that the new name of ettercap? and i do believe it is usable on windows but you have to compile it or something. Im not used to compiling at all. If there are any good guides on how to use ettercap/wireshark in either windows or linux i think that would be cool. Once i get Iris up and running hopefully i will be able to load in a .cap and see some data.
|
FrizzleFry07
Stranger


Registered: 10/29/07
Posts: 7
Last seen: 15 years, 7 months
|
Re: converting sniffed WEP traffic to something readable [Re: sterileeden]
#8020924 - 02/14/08 02:09 AM (15 years, 11 months ago) |
|
|
what exactly are you trying to do? what data are you trying to see? if you just wanna crack wep/wpa encryption just say it. i really dont know what else your trying to do lol
|
sterileeden
Stranger


Registered: 04/25/04
Posts: 52
Last seen: 9 years, 1 month
|
Re: converting sniffed WEP traffic to something readable [Re: FrizzleFry07]
#8022046 - 02/14/08 11:38 AM (15 years, 11 months ago) |
|
|
no i know how to crack wep. i just want to be able to see what is happening on certain networks. i want to see what others are seeing. just kinda want to get better at hacking!
|
Alan Rockefeller
Mycologist


Registered: 03/10/07
Posts: 48,276
Last seen: 2 hours, 3 minutes
|
Re: converting sniffed WEP traffic to something readable [Re: sterileeden]
#8022229 - 02/14/08 12:23 PM (15 years, 11 months ago) |
|
|
> As far as wireshark goes, is that the new name of ettercap?
Wireshark is the new name for Ethereal. All versions of Ethereal and early version of wireshark have remote root vulnerabilities and should be upgraded.
> and i do believe it is usable on windows but you have to compile it or something.
Windows binaries are available, they make installation very easy.
> If there are any good guides on how to use ettercap/wireshark in either windows or linux i think that would be cool.
Wireshark is easy to use and is well documented.
> Once i get Iris up and running hopefully i will be able to load in a .cap and see some data.
I don't see what Iris gives you over Wireshark. I think its always best to use the open source alternative.
I think its pretty safe to download music and video files on tpb, but I would never trust someone else's executables. They are very likely to have a keystroke logger installed.
|
|