Sanibonani nonke. Sekulindelwe ukuqala kwezifundo Sikulungiselele ukuhunyushwa kwesihloko esithandekayo.
Isifundo sanamuhla sizokuhambisa ezintweni eziyisisekelo zokuthi uqalise ngephakheji i-aircrack-ng. Yiqiniso, akunakwenzeka ukunikeza lonke ulwazi oludingekayo futhi uhlanganise zonke izimo. Ngakho-ke zilungiselele ukwenza umsebenzi wakho wesikole futhi ucwaninge uwedwa. Vuliwe futhi ku Kunezifundo eziningi ezengeziwe nolunye ulwazi oluwusizo.
Nakuba ingafaki zonke izinyathelo kusukela ekuqaleni kuze kube sekupheleni, umhlahlandlela yembula ngokuningiliziwe umsebenzi nge i-aircrack-ng.
Ukusetha okokusebenza, ukufaka i-Aircrack-ng
Isinyathelo sokuqala sokuqinisekisa ukusebenza okufanele i-aircrack-ng ohlelweni lwakho lwe-Linux ukuchibiyela nokufaka umshayeli ofanele wekhadi lakho lenethiwekhi. Amakhadi amaningi asebenza nabashayeli abaningi, amanye ahlinzeka ngokusebenza okudingekayo ukuze asetshenziswe i-aircrack-ng, abanye abakwenzi.
Ngicabanga ukuthi akusho ukuthi udinga ikhadi lenethiwekhi elihambisana nephakheji i-aircrack-ng. Okungukuthi, i-hardware ehambisana ngokugcwele futhi engasebenzisa umjovo wephakethe. Usebenzisa ikhadi lenethiwekhi elihambisanayo, ungagenca indawo yokufinyelela okungenantambo esikhathini esingaphansi kwehora.
Ukuze unqume ukuthi ikhadi lakho elikusiphi isigaba, hlola ikhasi . Funda , uma ungazi ukuthi uphatha kanjani itafula. Kodwa-ke, lokhu ngeke kukuvimbele ukuthi ufunde imanuwali, okuzokusiza ukuthi ufunde okuthile okusha futhi uqiniseke ngezakhiwo ezithile zekhadi lakho.
Okokuqala, udinga ukwazi ukuthi iyiphi i-chipset esetshenziswa yikhadi lakho lenethiwekhi nokuthi uzoyidinga muphi umshayeli. Udinga ukunquma lokhu usebenzisa ulwazi olusesigabeni esingenhla. Esahlukweni uzothola ukuthi yibaphi abashayeli obadingayo.
Ukufaka i-aircrack-ng
Inguqulo yakamuva ye-aircrack-ng ingatholakala ku , noma ungasebenzisa ukusatshalaliswa kokuhlola ukungena okufana ne-Kali Linux noma i-Pentoo, enenguqulo yakamuva i-aircrack-ng.
Ukufaka i-aircrack-ng bheka ku .
IEEE 802.11 Okuyisisekelo
Kulungile, manje njengoba sesimi ngomumo, sekuyisikhathi sokuthi sime ngaphambi kokuthi siqale futhi sifunde into eyodwa noma ezimbili mayelana nendlela amanethiwekhi angenantambo asebenza ngayo.
Ingxenye elandelayo ibalulekile ukuyiqonda ukuze ukwazi ukuyithola uma okuthile kungasebenzi njengoba bekulindelekile. Ukuqonda ukuthi konke kusebenza kanjani kuzokusiza ukuthi uthole inkinga, noma okungenani uyichaze ngendlela efanele ukuze omunye umuntu akwazi ukukusiza. Izinto ziba ne-arcane encane lapha futhi ungase ufune ukweqa le ngxenye. Nokho, ukugebenga amanethiwekhi angenawaya kudinga ulwazi oluncane, ngakho ukugebenga kungaphezu nje kokuthayipha umyalo owodwa nokuvumela i-aircrack ikwenzele kona.
Ungayithola kanjani inethiwekhi engenantambo
Le ngxenye isingeniso esifushane samanethiwekhi aphethwe asebenza ngezindawo zokufinyelela (AP). Indawo ngayinye yokufinyelela ithumela cishe ozimele abayi-10 beacon ngomzuzwana. Lawa maphakheji aqukethe ulwazi olulandelayo:
- Igama lenethiwekhi (ESSID);
- Ukuthi ukubethela kuyasetshenziswa (futhi yikuphi ukubethela okusetshenziswayo, kodwa qaphela ukuthi lolu lwazi lungase lungabi yiqiniso ngenxa yokuthi indawo yokufinyelela iyalubika);
- Yiziphi izilinganiso zokudluliswa kwedatha ezisekelwayo (ku-MBit);
- Inethiwekhi ikusiphi isiteshi?
Yilolu lwazi oluboniswa ethuluzini elixhuma ngokuqondile kule nethiwekhi. Kubonakala uma uvumela ikhadi ukuthi liskene amanethiwekhi lisebenzisa iwlist <interface> scan
Indawo ngayinye yokufinyelela inekheli le-MAC eliyingqayizivele (amabhithi angu-48, amapheya angu-6 hex). It looks something like this: 00:01:23:4A:BC:DE. Idivayisi ngayinye yenethiwekhi inekheli elinjalo, futhi amadivayisi enethiwekhi ayaxhumana ewasebenzisa. Ngakho-ke uhlobo lwegama eliyingqayizivele. Amakheli e-MAC ahlukile futhi awekho amadivayisi amabili anekheli elifanayo le-MAC.
Ixhuma kunethiwekhi
Kunezinketho ezimbalwa zokuxhuma kunethiwekhi engenantambo. Ezimweni eziningi, kusetshenziswa i-Open System Authentication. (Ongakukhetha: Uma ufuna ukufunda okwengeziwe mayelana nokuqinisekisa, .)
Vula Ukuqinisekiswa Kwesistimu:
- Icela ukuqinisekiswa kwephoyinti lokufinyelela;
- Indawo yokufinyelela iyaphendula: KULUNGILE, ugunyaziwe.
- Icela ukuhlangana kwendawo yokungena;
- Indawo yokufinyelela iyaphendula: KULUNGILE, uxhumekile.
Lesi yisimo esilula, kodwa izinkinga ziyavela uma ungenawo amalungelo okufinyelela ngoba:
- Isebenzisa i-WPA/WPA2 futhi udinga ukuqinisekiswa kwe-APOL. Indawo yokufinyelela izokwenqaba esinyathelweni sesibili.
- Indawo yokufinyelela inohlu lwamaklayenti avunyelwe (amakheli e-MAC) futhi ngeke ivumele noma ubani omunye ukuthi axhume. Lokhu kubizwa ngokuhlunga kwe-MAC.
- Indawo yokufinyelela isebenzisa Ukuqinisekisa Ukhiye Owabelwe, okusho ukuthi udinga ukunikeza ukhiye olungile we-WEP ukuze uxhume. (Bheka isigaba ukuze uthole okwengeziwe ngayo)
Ukuhogela okulula nokugebenga
Ukutholwa kwenethiwekhi
Into yokuqala okufanele uyenze ukuthola inhloso engase ibe khona. Iphakheji ye-aircrack-ng inakho lokhu , kodwa ungasebenzisa ezinye izinhlelo ezifana, isibonelo, .
Ngaphambi kokucinga amanethiwekhi, kufanele ushintshele ikhadi lakho kulokho okubizwa ngokuthi “imodi yokuqapha”. Imodi yokuqapha iyimodi ekhethekile evumela ikhompyutha yakho ukuthi ilalele amaphakethe enethiwekhi. Le modi ivumela nemijovo. Sizokhuluma ngemijovo ngokuzayo.
Ukufaka ikhadi lenethiwekhi kumodi yokuqapha, sebenzisa :
airmon-ng start wlan0Ngale ndlela uzodala esinye isixhumi esibonakalayo futhi wengeze kuso "mon". Ngakho, Wlan0 ziyoba wlan0mon. Ukuhlola ukuthi ingabe ikhadi lenethiwekhi likumodi yokuqapha, sebenzisa iwconfig futhi uzibonele.
Bese, gijima ukucinga amanethiwekhi:
airodump-ng wlan0monUma i-airodump-ng ngeke ikwazi ukuxhuma kudivayisi ye-WLAN, uzobona into efana nale:
yeqa isuka esiteshini iye esiteshini futhi ikhombisa zonke izindawo lapho ithola khona amabhikhoni. Iziteshi 1 kuya ku-14 zisetshenziselwa amazinga angu-802.11 b no-g (e-US kuphela oku-1 kuya ku-11 okuvunyelwe; e-Europe 1 kuya ku-13 ngaphandle kokunye okuhlukile; e-Japan 1 kuya ku-14). I-802.11a isebenza kubhendi engu-5 GHz, futhi ukutholakala kwayo kuyahlukahluka kakhulu kuye ngamazwe kunebhendi engu-2,4 GHz. Ngokuvamile, iziteshi ezaziwayo ziqala kusukela ku-36 (32 kwamanye amazwe) kuya ku-64 (68 kwamanye amazwe) futhi kusukela ku-96 kuya ku-165. Ungathola ulwazi oluthe xaxa mayelana nokutholakala kwesiteshi ku-Wikipedia. Ku-Linux, inakekela ukuvumela/ukwenqaba ukudluliswa kweziteshi ezithile zezwe lakini ; nokho, kufanele imiswe ngokufanele.
Isiteshi samanje sikhonjiswe ekhoneni eliphezulu kwesokunxele.
Ngemva kwesikhashana kuzoba nezindawo zokufinyelela futhi (ngethemba) namanye amaklayenti ahlotshaniswa nawo.
Ibhulokhi ephezulu ibonisa izindawo zokufinyelela ezitholiwe:
bssid
Ikheli le-mac lendawo yokufinyelela
pwr
ikhwalithi yesignali uma isiteshi sikhethiwe
pwr
amandla esignali. abanye abashayeli ababiki.
ama-beacons
inombolo yezibani ezitholiwe. uma ungenayo inkomba yamandla esignali, ungayilinganisa ngamabhikhoni: uma amabhakhoni amaningi, isignali iba ngcono.
idatha
inombolo yozimele bedatha etholiwe
ch
isiteshi lapho indawo yokufinyelela isebenza khona
mb
isivinini noma imodi yephoyinti lokufinyelela. 11 imsulwa 802.11b, 54 imsulwa 802.11g. amanani phakathi kwakho kokubili ayingxube.
ku
ukubethela: opn: akukho ukubethela, i-wep: i-wep encryption, i-wpa: i-wpa noma i-wpa2, i-wep?: i-wep noma i-wpa (ayikacaci)
essid
igama lenethiwekhi, kwesinye isikhathi lifihliwe
Ibhulokhi engezansi ibonisa amaklayenti atholiwe:
bssid
Ikheli le-mac iklayenti elihlotshaniswa nalo nendawo yokufinyelela
isiteshi
mac ikheli leklayenti ngokwalo
pwr
amandla esignali. abanye abashayeli ababiki.
amaphakethe
inombolo yozimele bedatha etholiwe
phenyo
amagama enethiwekhi (ama-essids) leli klayenti eselivele liwahlolile
Manje udinga ukuqapha inethiwekhi eqondiwe. Okungenani iklayenti elilodwa kufanele lixhunywe kuyo, njengoba ukugebenga amanethiwekhi ngaphandle kwamakhasimende kuyisihloko esiyinkimbinkimbi (bheka isigaba ). Kufanele isebenzise ukubethela kwe-WEP futhi ibe nesignali enhle. Ungakwazi ukushintsha ukuma kwe-antenna ukuze uthuthukise ukwamukela isignali. Kwesinye isikhathi amasentimitha ambalwa anganquma amandla esignali.
In the example above there is a network 00:01:02:03:04:05. Kuvele ukuthi ukuphela kwethagethi engenzeka, njengoba iyona kuphela exhunywe kwiklayenti. Ibuye ibe nesignali enhle, okuyenza ibe inhloso efanelekile yokuzijwayeza.
Ukuhogela AmaVektha Okuqalisa
Ngenxa yokugxumagxuma kwesixhumanisi, ngeke uthwebule wonke amaphakethe kunethiwekhi eqondiwe. Ngakho-ke, sifuna ukulalela esiteshini esisodwa kuphela futhi ngaphezu kwalokho sibhale yonke idatha kudiski, ukuze kamuva siyisebenzisele ukugebenga:
airodump-ng -c 11 --bssid 00:01:02:03:04:05 -w dump wlan0mon Ukusebenzisa ipharamitha -с ukhetha isiteshi kanye nepharamitha ngemuva -w isiqalo sokulahlwa kwenethiwekhi okubhalwe kudiski. Hlaba umkhosi –bssid kanye nekheli le-MAC lendawo yokufinyelela, ikhawulela amaphakethe atholiwe endaweni eyodwa yokufinyelela. Hlaba umkhosi –bssid itholakala kuphela ezinguqulweni ezintsha i-airodump-ng.
Ngaphambi kokuqhafaza i-WEP, uzodinga phakathi kuka-40 no-000 amaVektha Okuqalisa ahlukene (IV). Iphakethe ngalinye ledatha liqukethe i-vector yokuqalisa. Angasetshenziswa kabusha, ngakho inani lama-vector ngokuvamile lingaphansi kwenani lamaphakethe athathiwe.
Ngakho-ke kuzodingeka ulinde ukuze uthwebule amaphakethe wedatha angu-40k kuya ku-85k (nge-IV). Uma inethiwekhi ingekho matasa, lokhu kuzothatha isikhathi eside kakhulu. Ungakwazi ukusheshisa le nqubo ngokusebenzisa ukuhlasela okusebenzayo (noma ukuhlasela kwe-replay). Sizokhuluma ngabo engxenyeni elandelayo.
Ukugenca
Uma usuvele unama-IV abanjwayo anele agcinwe kufayela elilodwa noma amaningi, ungazama ukuqhekeza ukhiye we-WEP:
aircrack-ng -b 00:01:02:03:04:05 dump-01.cap Ikheli le-MAC ngemva kwefulegi -b i-BSSID yethagethi, futhi dump-01.cap yifayela eliqukethe amaphakethe abanjiwe. Ungasebenzisa amafayela amaningi, vele wengeze wonke amagama emyalweni noma usebenzise ikhadi lasendle, isibonelo dump*.cap.
Ulwazi olwengeziwe mayelana namapharamitha , okukhiphayo nokusebenzisa ongathola kukho .
Inani lama-vector okuqalisa adingekayo ukuze kuqhekezwe ukhiye alinqunyelwe. Lokhu kwenzeka ngoba amanye ama-vector abuthakathaka futhi alahlekelwa ulwazi olubalulekile oluningi kunamanye. Ngokuvamile lawa ma-vectors okuqalisa axutshwa nanamandla. Ngakho-ke uma unenhlanhla, ungaqhekeza ukhiye ngama-IV angu-20 kuphela. Nokho, ngokuvamile lokhu akwanele, i-aircrack-ng ingase isebenze isikhathi eside (isonto noma ngaphezulu uma iphutha liphezulu) bese ikutshela ukuthi ukhiye awukwazi ukuqhekeka. Uma unamavekhtha amaningi wokuqalisa, kulapho ukugebenga kungenzeka ngokushesha futhi kuvamise ukwenza kanjalo emizuzwini embalwa noma imizuzwana. Okuhlangenwe nakho kubonisa ukuthi ama-vector angu-40 - 000 anele ukugetshengwa.
Kunamaphoyinti okufinyelela athuthuke kakhulu asebenzisa ama-algorithm akhethekile ukuhlunga ama-IV abuthaka. Ngenxa yalokho, ngeke ukwazi ukuthola ama-vector angaphezu kuka-N endaweni yokufinyelela, noma uzodinga izigidi zama-vector (isibonelo, izigidi ezingu-5-7) ukuze uqhekeze ukhiye. Ungakwazi yini okufanele uyenze ezimweni ezinjalo.
Ukuhlasela okusebenzayo
Amadivayisi amaningi awasekeli umjovo, okungenani ngaphandle kwabashayeli abanamathiselwe. Abanye basekela ukuhlasela okuthile kuphela. Khuluma no bese ubheka ikholomu i-aireplay. Kwesinye isikhathi leli thebula alinikezi ulwazi lwakamuva, ngakho-ke uma ubona igama “CHA” maqondana nomshayeli wakho, ungathukutheli, kodwa bheka ikhasi lasekhaya lomshayeli, uhlu lwamakheli omshayeli luvuliwe. . Uma ukwazile ukudlala kabusha ngempumelelo nomshayeli obengafakwanga ohlwini olusekelwayo, zizwe ukhululekile ukuphakamisa izinguquko ekhasini lethebula lokusebenzisana futhi wengeze isixhumanisi kumhlahlandlela wokuqalisa osheshayo. (Ukuze wenze lokhu, udinga ukucela i-akhawunti ye-wiki ku-IRC.)
Okokuqala udinga ukwenza isiqiniseko sokuthi umjovo wephakethe usebenza ngempela nekhadi lakho lenethiwekhi nomshayeli. Indlela elula yokuhlola ukwenza ukuhlasela komjovo wokuhlola. Qiniseka ukuthi uphumelele lesi sivivinyo ngaphambi kokuqhubeka. Ikhadi lakho kufanele likwazi ukujova ukuze uqedele lezi zinyathelo ezilandelayo.
Uzodinga i-BSSID (ikheli le-MAC lendawo yokufinyelela) kanye ne-ESSID (igama lenethiwekhi) yendawo yokufinyelela engahlungi ngamakheli e-MAC (njengawakho) futhi ikububanzi obutholakalayo.
Zama ukuxhuma endaweni yokufinyelela usebenzisa :
aireplay-ng --fakeauth 0 -e "your network ESSID" -a 00:01:02:03:04:05 wlan0mon Okusho ngemva -а kuzoba yi-BSSID yendawo yakho yokufinyelela.
Umjovo usebenze uma ubona into efana nale:
12:14:06 Sending Authentication Request
12:14:06 Authentication successful
12:14:06 Sending Association Request
12:14:07 Association successful :-)Uma kungenjalo:
- Hlola kabili ukulunga kwe-ESSID ne-BSSID;
- Qiniseka ukuthi ukuhlunga ikheli le-MAC kuvaliwe endaweni yakho yokufinyelela;
- Zama okufanayo kwenye indawo yokufinyelela;
- Qinisekisa ukuthi umshayeli wakho ulungiswe kahle futhi uyasekelwa;
- Esikhundleni sokuthi "0" zama "6000 -o 1 -q 10".
Ukudlala kabusha kwe-ARP
Manje njengoba sesazi ukuthi umjovo wephakethe uyasebenza, singenza okuthile okuzosheshisa kakhulu ukuvimba ama-IV: ukuhlasela komjovo. .
Umbono oyinhloko
Ngamagama alula, i-ARP isebenza ngokusakaza isicelo ekhelini le-IP, futhi idivayisi enalelo kheli lasesizindeni se-inthanethi ithumela impendulo. Njengoba i-WEP ingavikeli ekudlaleni kabusha, ungakwazi ukuhogela iphakethe bese ulithumela ngokuphindaphindiwe inqobo nje uma lisasebenza. Ngakho-ke, udinga nje ukuvimbela futhi udlale kabusha isicelo se-ARP esithunyelwe endaweni yokufinyelela ukuze ukhiqize ithrafikhi (futhi uthole ama-IV).
Indlela evilaphayo
Qala uvule iwindi nge i-airodump-ng, okuzohogela ithrafikhi (bona ngenhla). I-Aireplay-ng и i-airodump-ng ingasebenza kanyekanye. Lindela iklayenti ukuthi livele kunethiwekhi eqondiwe bese uqala ukuhlasela:
aireplay-ng --arpreplay -b 00:01:02:03:04:05 -h 00:04:05:06:07:08 wlan0mon-b ukhomba i-BSSID eqondiwe, -h ekhelini le-MAC leklayenti elixhunyiwe.
Manje udinga ukulinda iphakethe le-ARP ukuthi lifike. Ngokuvamile udinga ukulinda imizuzu embalwa (noma ufunde isihloko ngokuqhubekayo).
Uma unenhlanhla, uzobona into efana nale:
Saving ARP requests in replay_arp-0627-121526.cap
You must also start airodump to capture replies.
Read 2493 packets (got 1 ARP requests), sent 1305 packets...Uma udinga ukuyeka ukudlala, asikho isidingo sokuthi ulinde iphakethe le-ARP elilandelayo ukuthi lifike, ungasebenzisa amaphakethe athathwe ngaphambilini usebenzisa ipharamitha. -r <filename>
Uma usebenzisa umjovo we-ARP, ungasebenzisa indlela ye-PTW ukuze uqhekeze ukhiye we-WEP. Inciphisa kakhulu inani lamaphakheji adingekayo, futhi kanye nabo isikhathi sokuqhekeka. Udinga ukuthwebula iphakethe eligcwele ngalo i-airodump-ng, okungukuthi, ungasebenzisi inketho “--ivs” ngenkathi senza umyalo. Ngoba i-aircrack-ng sebenzisa “aircrack -z <file name>”
Uma inani lamaphakethe edatha atholiwe i-airodump-ng iyeka ukwanda, kungase kudingeke wehlise isivinini sokudlala. Yenza lokhu ngepharamitha -x <packets per second>
Indlela enolaka
Amasistimu amaningi okusebenza asula inqolobane ye-ARP lapho ivala. Uma bedinga ukuthumela iphakethe elilandelayo ngemva kokuxhuma kabusha (noma bavele basebenzise i-DHCP), bathumela isicelo se-ARP. Njengomphumela ongaseceleni, ungakwazi ukuhogela i-ESSID futhi mhlawumbe nokusakaza kokhiye ngesikhathi sokuxhuma kabusha. Lokhu kulula uma i-ESSID yethagethi yakho ifihliwe noma uma isebenzisa ukuqinisekiswa kokhiye owabiwe.
Vumela i-airodump-ng и i-airplay-ng ziyasebenza. Vula elinye iwindi bese ugijima :
kuyinto -a - lena i-BSSID yendawo yokufinyelela, -с Ikheli le-MAC leklayenti elikhethiwe.
Linda imizuzwana embalwa bese ukudlala kabusha kwe-ARP kuzosebenza.
Amaklayenti amaningi azama ukuxhuma kabusha ngokuzenzakalelayo. Kodwa ubungozi bokuthi umuntu abone lokhu kuhlasela, noma okungenani anake okwenzeka ku-WLAN, bukhulu kunokunye ukuhlasela.
Amathuluzi amaningi nolwazi olumayelana nawo, wena .
Source: www.habr.com