Molweni nonke. Ngokulindela ukuqala kwekhosi Sikulungiselele inguqulelo yenqaku elinomdla kuwe.
Isifundo sanamhlanje siya kukuhamba ngeziseko zokuqalisa ngephakheji iqhekeza-ng. Ngokuqinisekileyo, akunakwenzeka ukunika lonke ulwazi oluyimfuneko kunye nokugubungela yonke imeko. Ngoko kulungele ukwenza umsebenzi wakho wasekhaya kunye nophando ngokwakho. Vula kunye Zininzi izifundo ezongezelelweyo kunye nolunye ulwazi oluluncedo.
Nangona ingawaquki onke amanyathelo ukusuka ekuqaleni ukuya ekugqibeleni, isikhokelo ityhila ngakumbi umsebenzi nge iqhekeza-ng.
Ukumisela izixhobo, ukufaka i-Aircrack-ng
Inyathelo lokuqala ekuqinisekiseni ukusebenza ngokufanelekileyo iqhekeza-ng kwindlela yakho yeLinux kukupeyisha kwaye ufake umqhubi ofanelekileyo wekhadi lakho lomsebenzi womnatha. Amakhadi amaninzi asebenza nabaqhubi abaninzi, ezinye zazo zibonelela ngokusebenza okuyimfuneko ukuze zisetyenziswe iqhekeza-ng, abanye abakwenzi.
Ndicinga ukuba ihamba ngaphandle kokutsho ukuba ufuna ikhadi lenethiwekhi elihambelana nephakheji iqhekeza-ng. Oko kukuthi, i-hardware ehambelana ngokupheleleyo kwaye inokuphumeza inaliti yepakethe. Ukusebenzisa ikhadi lomnatha elihambelanayo, unokukrazula indawo yokufikelela ngaphandle kwamacingo ngaphantsi kweyure.
Ukumisela ukuba loluphi udidi ikhadi lakho, jonga iphepha . Funda , ukuba awuyazi indlela yokusingatha itafile. Nangona kunjalo, oku akuyi kukuthintela ukuba ufunde le ncwadana, eya kukunceda ufunde into entsha kwaye uqiniseke ngeempawu ezithile zekhadi lakho.
Okokuqala, kufuneka wazi ukuba yeyiphi i-chipset esetyenziswa yikhadi lakho lenethiwekhi kunye nomqhubi oza kuyidinga. Kufuneka uqikelele oku usebenzisa ulwazi olukumhlathi ongasentla. Kwisahluko uya kufumanisa ukuba yeyiphi na abaqhubi oyifunayo.
Ukufakela i-aircrack-ng
Uguqulelo lwamva nje lwe-aircrack-ng lunokufumaneka , okanye ungasebenzisa unikezelo lovavanyo lokungena olufana neKali Linux okanye iPentoo, enenguqulelo yamva nje iqhekeza-ng.
Ukufakela i-aircrack-ng bhekisa ku .
IEEE 802.11 Basics
Kulungile, ngoku sele siseti, lixesha lokuba sime phambi kokuba siqalise kwaye sifunde into okanye ezimbini malunga nendlela iinethiwekhi ezingenazingcingo ezisebenza ngayo.
Inxalenye elandelayo ibalulekile ukuba uyiqonde ukuze ukwazi ukuyifumanisa ukuba kukho into engasebenzi njengoko bekulindelekile. Ukuqonda indlela esebenza ngayo yonke into kuya kukunceda ufumane ingxaki, okanye ubuncinci uyichaze ngokuchanekileyo ukuze omnye umntu akuncede. Izinto ziba ne-arcane encinci apha kwaye unokufuna ukutsiba le ndawo. Nangona kunjalo, ukugqekeza iinethiwekhi ezingenazingcingo kufuna ulwazi oluncinci, ke ukungcakaza kungaphezulu kancinane kunokuchwetheza nje umyalelo omnye kunye nokuvumela i-aircrack ikwenzele yona.
Indlela yokufumana inethiwekhi engenazingcingo
Le nxalenye yintshayelelo emfutshane kuthungelwano olulawulwayo olusebenza ngeendawo zokufikelela (AP). Indawo nganye yofikelelo ithumela malunga ne-10 ebizwa ngokuba yi-beacon frames ngomzuzwana. Ezi phakheji ziqulethe ulwazi olulandelayo:
- Igama lothungelwano (ESSID);
- Ingaba i-encryption isetyenzisiwe (kwaye yintoni uguqulelo olusetyenzisiweyo, kodwa qaphela ukuba olu lwazi lusenokungabi yinyani ngenxa yokuba indawo yofikelelo iyayixela);
- Ziziphi iireyithi zokudlulisa idatha ezixhaswayo (kwi-MBit);
- Ingaba inethwekhi ikuliphi ijelo?
Yile ngcaciso eboniswa kwisixhobo esidibanisa ngokukodwa kule nethiwekhi. Ibonakala xa uvumela ikhadi ukuba liskene uthungelwano lisebenzisa iwlist <interface> scan
Indawo nganye yokufikelela inedilesi ekhethekileyo ye-MAC (i-48 bits, i-6 hex pairs). It looks something like this: 00:01:23:4A:BC:DE. Isixhobo ngasinye sothungelwano sinedilesi enjalo, kwaye izixhobo zenethiwekhi zinxibelelana kunye zisebenzisa. Ngoko luhlobo lwegama elilodwa. Iidilesi ze-MAC zahlukile kwaye akukho zixhobo zimbini zinedilesi ye-MAC efanayo.
Ukuqhagamshela kwinethiwekhi
Kukho iinketho ezininzi zokuqhagamshela kwinethiwekhi engenazingcingo. Kwiimeko ezininzi, Vula iNkqubo yoQinisekiso iyasetyenziswa. (Ngokuzikhethela: Ukuba ufuna ukufunda ngakumbi malunga nokuqinisekisa, .)
Vula uQinisekiso lweSixokelelwano:
- Icela uqinisekiso lwendawo yofikelelo;
- Indawo yofikelelo iyaphendula: Kulungile, uqinisekisiwe.
- Ucela umbutho wofikelelo;
- Indawo yofikelelo iyaphendula: Kulungile, uqhagamshelwe.
Lo ngowona mzekelo ulula, kodwa iingxaki zivela xa ungenawo amalungelo ofikelelo kuba:
- Isebenzisa i-WPA/WPA2 kwaye ufuna uqinisekiso lwe-APOL. Indawo yokufikelela iya kwala kwisinyathelo sesibini.
- Indawo yokufikelela inoluhlu lwabathengi abavunyelweyo (idilesi ye-MAC) kwaye ayiyi kuvumela nabani na ukuba adibanise. Oku kubizwa ngokuba kuhluzo lwe-MAC.
- Indawo yofikelelo isebenzisa uQinisekiso lweSitshixo ekwabelwana ngaso, oku kuthetha ukuba kufuneka unikeze isitshixo esichanekileyo se-WEP ukudibanisa. (Jonga icandelo ukufumana okungakumbi ngayo)
Ukusezela okulula kunye nokugqekeza
Ukufunyanwa kwenethiwekhi
Into yokuqala ekufuneka uyenzile kukufumana into ekujoliswe kuyo. Iphakheji ye-aircrack-ng inayo oku , kodwa ungasebenzisa ezinye iinkqubo ezinje, umzekelo, .
Ngaphambi kokuba ukhangele uthungelwano, kufuneka utshintshe ikhadi lakho kwinto ebizwa ngokuba "yimo yokubeka iliso". Imowudi yokubeka iliso yindlela ekhethekileyo evumela ikhompyuter yakho ukuba imamele iipakethi zenethiwekhi. Le mowudi ikwavumela iinaliti. Siza kuthetha ngezitofu kwixesha elizayo.
Ukubeka ikhadi lenethiwekhi kwimowudi yokubeka iliso, sebenzisa :
airmon-ng start wlan0Ngale ndlela uya kwenza olunye ujongano kwaye wongeze kuyo "mon"... Ke, wlan0 iya kuba wlan0mon. Ukujonga ukuba ikhadi lenethiwekhi likwimo yokubeka iliso na, sebenzisa iwconfig kwaye uzibonele.
Emva koko, baleka ukukhangela inethiwekhi:
airodump-ng wlan0monukuba yomoya-ng ayizukwazi ukuqhagamshela kwisixhobo seWLAN, uya kubona into enje:
itsiba ukusuka kwisitishi ukuya kwisitishi kwaye ibonise zonke iindawo zofikelelo apho ifumana khona iibhikhoni. Imijelo ye-1 nge-14 isetyenziselwa i-802.11 b kunye nemigangatho ye-g (e-US kuphela i-1 nge-11 ivumelekile; eYurophu 1 nge-13 ngaphandle kwezinye izinto; e-Japan 1 nge-14). I-802.11a isebenza kwibhendi ye-5 GHz, kwaye ukufumaneka kwayo kuyahluka ukusuka kwilizwe ukuya kwelinye ilizwe kunebhendi ye-2,4 GHz. Ngokubanzi, iziteshi ezaziwayo-kakuhle ziqala ukusuka kwi-36 (32 kwamanye amazwe) ukuya kwi-64 (i-68 kwamanye amazwe) kwaye ukusuka kwi-96 ukuya kwi-165. Unokufumana ulwazi oluthe kratya malunga nokufumaneka kwesiteshi kwi-Wikipedia. Kwi-Linux, ithatha inkathalo yokuvumela/ ukwala usulelo kwiitshaneli ezithile zelizwe lakho ; nangona kunjalo, kufuneka iqwalaselwe ngokufanelekileyo.
Ijelo langoku liboniswa kwikona ephezulu ngasekhohlo.
Emva kwexesha kuya kubakho iindawo zofikelelo kwaye (ngethemba) abanye abathengi abanxulumene nabo.
Ibhloko ephezulu ibonisa iindawo zofikelelo ezichongiweyo:
bssid
idilesi ye-mac yendawo yokufikelela
Iifayile
umgangatho wesignali xa itshaneli ikhethiwe
Iifayile
amandla omqondiso. abanye abaqhubi abayixeli.
beacons
inani leebhakana ezifunyenweyo. ukuba awunaso isalathisi samandla esignali, ungasilinganisa kwiibhikhoni: ngakumbi iibhikhoni, kokukhona umqondiso ungcono.
idata
inani lezakhelo zedatha ezifunyenweyo
ch
umjelo apho indawo yofikelelo isebenza kuyo
mb
isantya okanye indlela yofikelelo. I-11 ihlambulukile 802.11b, i-54 ihlambulukile 802.11g. amaxabiso phakathi kokubini ngumxube.
nc
uguqulelo oluntsonkothileyo: opn: akukho luguqulelo oluntsonkothileyo, wep: wep encryption, wpa: wpa okanye wpa2, wep?: wep okanye wpa (ayikacaci)
isiseko
Igama lomnatha, ngamanye amaxesha lifihliwe
Ibhloko esezantsi ibonisa abathengi abachongiweyo:
bssid
idilesi ye-mac apho umxhasi adityaniswe nale ndawo yofikelelo
isitishi
idilesi ye-mac yomthengi ngokwakhe
Iifayile
amandla omqondiso. abanye abaqhubi abayixeli.
iipakethi
inani lezakhelo zedatha ezifunyenweyo
imibuzo
amagama womnatha (essids) asele evavanyiwe lo mxhasi
Ngoku kufuneka ujonge inethiwekhi ekujoliswe kuyo. Ubuncinci umxhasi omnye kufuneka aqhagamshelwe kuyo, kuba ukugqekeza uthungelwano ngaphandle kwabaxhasi sisihloko esinzima ngakumbi (jonga icandelo ). Kufuneka isebenzise i-WEP encryption kwaye ibe nomqondiso olungileyo. Uyakwazi ukutshintsha indawo ye-eriyali ukuphucula ulwamkelo lomqondiso. Ngamanye amaxesha iisentimitha ezimbalwa zinokugqiba amandla omqondiso.
In the example above there is a network 00:01:02:03:04:05. Kwavela ukuba yiyona nto ijoliswe kuyo kuphela, kuba yiyona kuphela edibeneyo nomxhasi. Ikwanayo nomqondiso olungileyo, oyenza ibe yinto ekujoliswe kuyo ngokufanelekileyo ukuziqhelanisa nayo.
Ukusezela iiVektha zokuQalisa
Ngenxa yekhonkco lokutsiba, awuyi kubamba zonke iipakethi kwinethiwekhi ekujoliswe kuyo. Ke ngoko, sifuna ukumamela kuphela kwisitishi esinye kwaye ukongeza, sibhale yonke idatha kwidisk, ukuze kamva siyisebenzisele ukugqekeza:
airodump-ng -c 11 --bssid 00:01:02:03:04:05 -w dump wlan0mon Ukusebenzisa ipharamitha -с ukhetha itshaneli kunye neparameter emva koko -w sisimaphambili sokulahla umsebenzi womnatha obhalwe kwidisk. Iflegi –bssid kunye nedilesi ye-MAC yendawo yokufikelela, imida iipakethi ezifunyenwe kwindawo enye yofikelelo. Iflegi –bssid ifumaneka kuphela kwiinguqulelo ezintsha yomoya-ng.
Ngaphambi kokuqhekeka kwe-WEP, uya kufuna phakathi kwe-40 kunye ne-000 eyahlukeneyo yeVectors Initialization (IV). Ipakethi nganye yedatha iqulethe i-vector yokuqalisa. Zingaphinda zisetyenziswe, ngoko ke inani lee-vectors lihlala lingaphantsi kancinane kunenani leepakethi ezifakiweyo.
Ke kuya kufuneka ulinde ukubamba i-40k ukuya kwi-85k iipakethi zedatha (nge-IV). Ukuba inethiwekhi ayixakekanga, oku kuya kuthatha ixesha elide kakhulu. Unokukhawulezisa le nkqubo ngokusebenzisa uhlaselo olusebenzayo (okanye uhlaselo lokudlala kwakhona). Siza kuthetha ngazo kwinxalenye elandelayo.
Ukuqhaqha
Ukuba sele unee-IVs ezaneleyo zokubamba ezigcinwe kwifayile enye okanye ngaphezulu, ungazama ukuqhekeza isitshixo seWEP:
aircrack-ng -b 00:01:02:03:04:05 dump-01.cap Idilesi ye-MAC emva kweflegi -b yi-BSSID ekujoliswe kuyo, kwaye dump-01.cap yifayile equlathe iipakethi ezicatshuliweyo. Ungasebenzisa iifayile ezininzi, yongeza nje onke amagama kumyalelo okanye usebenzise ikhadi lasendle, umzekelo dump*.cap.
Ulwazi oluninzi malunga neeparamitha , imveliso kunye nokusetyenziswa onokufumana kuyo .
Inani leevektha zokuqalisa ezifunekayo ukukrazula isitshixo alinamda. Oku kwenzeka ngenxa yokuba ezinye ii-vectors zibuthathaka kwaye zilahlekelwa lulwazi oluphambili kunabanye. Ngokwesiqhelo ezi vectors zokuqalisa zixutywa nezo zinamandla. Ke ukuba unethamsanqa, ungaqhekeza isitshixo ngee-IVs ezingama-20 kuphela. Nangona kunjalo, amaxesha amaninzi oku akwanele, iqhekeza-ng inokuqhuba ixesha elide (iveki okanye ngaphezulu ukuba impazamo iphezulu) kwaye ke akuxelele ukuba isitshixo asinakuqhekeka. Okukhona iivektha zokuqalisa onazo, kokukhona i-hack inokwenzeka ngokukhawuleza kwaye ihlala ikwenza oko kwimizuzu embalwa okanye nakwimizuzwana. Amava abonisa ukuba i-40 - 000 ye-vectors yanele ukukhwabanisa.
Kukho iindawo zofikelelo eziphambili ngakumbi ezisebenzisa ii-algorithms ezikhethekileyo zokucoca ii-IV ezibuthathaka. Ngenxa yoko, awuyi kukwazi ukufumana ngaphezu kwe-N vectors ukusuka kwindawo yokufikelela, okanye uya kufuna izigidi ze-vectors (umzekelo, i-5-7 yezigidi) ukukrazula isitshixo. Unga ukwenza ntoni kwiimeko ezinjalo.
Uhlaselo olusebenzayo
Uninzi lwezixhobo azixhasi isitofu, ubuncinci ngaphandle kwabaqhubi abakhutshiweyo. Abanye baxhasa kuphela uhlaselo oluthile. Thetha no kwaye ujonge ikholamu i-aireplay. Ngamanye amaxesha le theyibhile ayiboneleli ngolwazi lwangoku, ke ukuba ubona igama "HAYI" Ngokuchasene nomqhubi wakho, musa ukucaphuka, kodwa jonga iphepha lasekhaya lomqhubi, uluhlu lokuposa lomqhubi luvuliwe. . Ukuba ukwazile ukuphinda udlale ngempumelelo kunye nomqhubi ongazange afakwe kuluhlu oluxhaswayo, zikhululeke ukucebisa utshintsho kwiphepha letafile ehambelanayo kwaye ungeze ikhonkco kwisikhokelo sokuqala ngokukhawuleza. (Ukwenza oku, kufuneka ucele i-akhawunti ye-wiki kwi-IRC.)
Okokuqala kufuneka uqiniseke ukuba inaliti yepakethe isebenza ngekhadi lakho lenethiwekhi kunye nomqhubi. Eyona ndlela ilula yokujonga kukuqhuba uhlaselo lwesitofu sovavanyo. Qinisekisa ukuba uluphumelele olu vavanyo phambi kokuba uqhubeke. Ikhadi lakho kufuneka likwazi ukutofa ukuze ugqibezele la manyathelo alandelayo.
Uya kufuna i-BSSID (idilesi ye-MAC yendawo yofikelelo) kunye ne-ESSID (igama lenethiwekhi) yendawo yokufikelela engahluziyo ngeedilesi ze-MAC (ezifana neyakho) kwaye ikuluhlu olukhoyo.
Zama ukuqhagamshela kwindawo yofikelelo usebenzisa :
aireplay-ng --fakeauth 0 -e "your network ESSID" -a 00:01:02:03:04:05 wlan0mon Intsingiselo emva -а iya kuba yi-BSSID yendawo yakho yofikelelo.
Isitofu sisebenze ukuba ubona into enje:
12:14:06 Sending Authentication Request
12:14:06 Authentication successful
12:14:06 Sending Association Request
12:14:07 Association successful :-)Ukuba akukho njalo:
- Jonga kwakhona ukuchaneka kwe-ESSID kunye ne-BSSID;
- Qinisekisa ukuba ukuhluzwa kwedilesi ye-MAC kuvaliwe kwindawo yakho yofikelelo;
- Zama okufanayo kwenye indawo yofikelelo;
- Qinisekisa ukuba umqhubi wakho uqwalaselwe ngokufanelekileyo kwaye uyaxhaswa;
- Endaweni ka-"0" zama "6000 -o 1 -q 10".
Ukudlala kwakhona kwe-ARP
Ngoku siyazi ukuba inaliti yepakethe iyasebenza, sinokwenza into eya kuthi ikhawulezise ukuthintela ii-IVs: uhlaselo lwenaliti. .
Ingcamango e phambili
Ngamagama alula, i-ARP isebenza ngokusasaza isicelo kwidilesi ye-IP, kunye nesixhobo esinaloo dilesi ye-IP sithumela impendulo. Kuba i-WEP ayikhuseli ngokuchasene ne-replay, unokusezela ipakethi kwaye uyithumele ngokuphindaphindiweyo ukuba nje isebenza. Ke, kufuneka nje uthintele kwaye udlale kwakhona isicelo se-ARP esithunyelwe kwindawo yokufikelela ukuvelisa i-traffic (kwaye ufumane ii-IVs).
Indlela eyonqenayo
Qala uvule ifestile nge yomoya-ng, eya kuphunga i-traffic (jonga ngasentla). Umdlalo-ng и yomoya-ng inokusebenza ngaxeshanye. Lindela ukuba umxhasi avele kwinethiwekhi ekujoliswe kuyo kwaye uqale uhlaselo:
aireplay-ng --arpreplay -b 00:01:02:03:04:05 -h 00:04:05:06:07:08 wlan0mon-b ikhomba kwi-BSSID ekujoliswe kuyo, -h kwidilesi ye-MAC yomthengi oqhagamshelweyo.
Ngoku kufuneka ulinde ipakethe ye-ARP ukuba ifike. Ngokuqhelekileyo kufuneka ulinde imizuzu embalwa (okanye ufunde inqaku ngakumbi).
Ukuba unethamsanqa, uya kubona into efana nale:
Saving ARP requests in replay_arp-0627-121526.cap
You must also start airodump to capture replies.
Read 2493 packets (got 1 ARP requests), sent 1305 packets...Ukuba ufuna ukuyeka ukudlala, akunyanzelekanga ukuba ulinde ipakethe elandelayo ye-ARP ukuba ifike, ungasebenzisa ngokulula iipakethi ebezibanjiwe ngaphambili usebenzisa iparameter. -r <filename>
Xa usebenzisa inaliti ye-ARP, ungasebenzisa indlela ye-PTW ukukrazula isitshixo se-WEP. Inciphisa kakhulu inani leephakheji ezifunekayo, kunye nabo ixesha lokuqhekeka. Kufuneka ubambe ipakethi epheleleyo nge yomoya-ng, oko kukuthi, musa ukusebenzisa ukhetho “--ivs” xa usenza umyalelo. Kuba iqhekeza-ng sebenzisa “aircrack -z <file name>”
Ukuba inani leepakethi zedatha ezifunyenweyo yomoya-ng iyeka ukwanda, kungafuneka unciphise isantya sokudlala. Yenza oku ngeparameter -x <packets per second>
Indlela ndlongo
Uninzi lweenkqubo zokusebenza zicima i-cache ye-ARP xa ivala. Ukuba bafuna ukuthumela ipakethi elandelayo emva kokudibanisa kwakhona (okanye sebenzisa nje i-DHCP), bathumela isicelo se-ARP. Njengomphumo wecala, unokufunxa i-ESSID kwaye mhlawumbi i-keystream ngexesha lokudibanisa kwakhona. Oku kulungele ukuba i-ESSID yenjongo yakho ifihliwe okanye ukuba isebenzisa ungqinisiso lwesitshixo ekwabelwana ngaso.
Vumela yomoya-ng и i-aireplay-ng bayasebenza. Vula enye ifestile kwaye ubaleke :
kuyinto -a - le yi-BSSID yendawo yokufikelela, -с Idilesi ye-MAC yomthengi okhethiweyo.
Yima imizuzwana embalwa kwaye umdlalo we-ARP uya kusebenza.
Uninzi lwabaxumi luzama ukuqhagamshela kwakhona ngokuzenzekelayo. Kodwa umngcipheko womntu oqaphela olu hlaselo, okanye ubuncinane ukunikela ingqalelo kwinto eyenzekayo kwi-WLAN, iphezulu kunolunye uhlaselo.
Izixhobo ezininzi kunye nolwazi malunga nabo, wena .
umthombo: www.habr.com