Announcement: WEPBuster Beta Finally Released!

[sdkee]

Its a perl script... First you need to get aircrack-ng and airodump-ng precompiled version for wepbuster and install that. Then get yourself wepbuster....

1. cd /wepbuster
2. perl wepbuster
3. And you will be on ur way...

okay, i putted aircrack-ng and airodump-ng precompiled in the usr/bin and usr/sbin. but still i get the error cannt open airodump output..

[wif1bust3r]

New beta version (0.4) of wepbuster 1.0 has been released.

Summary of what has changed since beta 0.3

- slightly improved client-less attacks, now supports fragmentation and -p0841
- added elapsed time
- handles APs with special characters in SSID
- added European non-overlapping channel
- fixed mac address detection on non-english Linux
- fixed -D which caused aireplay to fail during mac filter checks
- added atheros interface detection



Note: In order to make fragmentation work, you must modify aireplay-ng.c as according to instructions. Check out the project page or the README.TXT
I've also uploaded a tarball of precompiled aircrack-ng, airodump-ng, and aireplay-ng.


Finally,

Project page:

wepbuster - Google Code

P.S. Please test it thoroughly, specially fragmentation attack.
Submit a new issue once you encountered any problem


Have fun!
- mark

[sdkee]

okay! I finally got it to work

thanks for all the help! I placed my airodump-ng, airplay-ng in the wrong map.. it works now! i'll keep this thread in sight so i can see for any updates

[newquaymarc]

this new version works great and fragmentation works perfect for me

but im still having to use airmon-ng to get my card in the monitor mode,
but hey that aint no problem, seeing the program has cut all the hard work\typing out for me...

cheers for your brilliant work

can you sort out a wpabuster now please.. (I am joking) but if ya can?

cheers again

[wif1bust3r]

this new version works great and fragmentation works perfect for me

but im still having to use airmon-ng to get my card in the monitor mode,
but hey that aint no problem, seeing the program has cut all the hard work\typing out for me...

cheers for your brilliant work

can you sort out a wpabuster now please.. (I am joking) but if ya can?

cheers again

Can you submit an issue and answer the questions relevant to the details of your card? It shouldn't really be a requirement to put the card in monitor mode or create a rtap interface. Let me know the details of your card so I can improve the script.

[newquaymarc]

Can you submit an issue and answer the questions relevant to the details of your card? It shouldn't really be a requirement to put the card in monitor mode or create a rtap interface. Let me know the details of your card so I can improve the script.

no probs will get the info for ya now

you will have to bear with me, im a linux newbie so i will more than likely get you the wrong info but i'll have a go

[newquaymarc]

I'm running on a HP pavilion laptop with onboard wifi Atheros AR5007
booting from the BT4 DVD

when run without setting card up.....
*******************************************

Detecting wireless interfaces...

---------------------------------------------------------

Found wifi0...
Getting monitor interface...
monitor interface --> ath0

---------------------------------------------------------

Found ath0...
Getting monitor interface...
monitor interface --> ath0

---------------------------------------------------------

Found ath1...
Getting monitor interface...
monitor interface --> ath1

Found 3 useable wireless card(s)

Select which one to use [1] (You HAVE 3 seconds)

1) ath0/ath0
2) ath0/ath0
3) ath1/ath1

================================================== =======

No valid channel entered. Using the default ( US = 1 6 11 )


MODE: crack (using: ath0/ath0 == XX:XX:XX:XX:XX:XX)
.
Scanning channel 6 for WEP-enabled Access Points
...........Cannot open airodump output.: No such file or directory
************************************************** *************************************
then when setup
***************
nterface Chipset Driver

wifi0 Atheros madwifi-ng
ath0 Atheros madwifi-ng VAP (parent: wifi0) (monitor mode enabled)

then perfect

etecting wireless interfaces...

---------------------------------------------------------

Found wifi0...
Getting monitor interface...
monitor interface --> ath0

---------------------------------------------------------

Found ath0...
Getting monitor interface...
monitor interface --> ath0

---------------------------------------------------------

Found ath1...
Getting monitor interface...
monitor interface --> ath1

Found 3 useable wireless card(s)

Select which one to use [1] (You HAVE 3 seconds)

1) ath0/ath0
2) ath0/ath0
3) ath1/ath1

================================================== =======

No valid channel entered. Using the default ( US = 1 6 11 )


MODE: crack (using: ath0/ath0 == XX:XX:XX:XX:XX:XX)
.
Scanning channel 6 for WEP-enabled Access Points
.....
Found 0 AP(s) on channel 6


.
Scanning channel 1 for WEP-enabled Access Points
.....
Found 1 AP(s) on channel 1

BSSID IV CHANNEL SSID ASSOCIATED CLIENTS

XX:XX:XX:XX:XX:XX 0 1 TalkTalking

.
Scanning channel 11 for WEP-enabled Access Points
.....
Found 1 AP(s) on channel 11

BSSID IV CHANNEL SSID ASSOCIATED CLIENTS

XX:XX:XX:XX:XX:XX 0 11 marc


Total AP found: 2

Now starting to crack...


################################################## #######

Pwning "marc" (XX:XX:XX:XX:XX:XX) Sun Jun 14 09:15:52 2009
Checking for mac filtering... NONE!! =)
Trying to associate... SUCCESS!!!
Starting to inject...
Sending Deauth...
Counting IVs...(hit ENTER to skip this AP)
0....1337.....10088....
Collected 17096 IVs. Trying to crack...
KEY FOUND! [ XX:XX:XX:XX:XX ] Decrypted correctly: 100%
OWNED USING 30291 IVs!
Elapsed Time: 01:55
.Stopping all forks...

################################################## #######

Pwning "TalkTalking" (XX:XX:XX:XX:XX:XX) Sun Jun 14 09:17:55 2009
Checking for mac filtering... NONE!! =)
Trying to associate... SUCCESS!!!
Starting to inject...
Sending Deauth...
Counting IVs...(hit ENTER to skip this AP)
0....2.
Still 2 after 10 seconds...
Sending Deauth...
Sleeping...
Sending Deauth...
Counting IVs...
....2.....2.....2.
Still 2 after 40 seconds. =(
This will take forever. Let's try Fragmentation!
Waiting for data...
Trying replay_src-0614-091830.cap...
GOT KEYSTREAM!! -> fragment-0614-091943.xor
Replaying "forged_arp.cap"...
....9438.....
Collected 17637 IVs. Trying to crack...
KEY FOUND! [ xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx ] (ASCII: XXXXXXXXXXXXX ) Decrypted correctly: 100%
OWNED USING 46280 IVs!
Elapsed Time: 03:31
Stopping all forks...

################################################## #######


PERFECT!!
I hope this is enough info
cheers

[wif1bust3r]

Ah... problem with atheros card detection. The script creates duplicate ath0/ath0. The first one by default, will be selected. Unfortunately, that is the one that (i'm not sure about the reason), doesn't work. I wish I have an atheros card to test this... =(

[newquaymarc]

Ah... problem with atheros card detection. The script creates duplicate ath0/ath0. The first one by default, will be selected. Unfortunately, that is the one that (i'm not sure about the reason), doesn't work. I wish I have an atheros card to test this... =(

well if there is any tests you want me to do and send you the results
id be happy to do them for you

[zentaa]

thank you for your reply, i have aircrack-ng and airodump-ng already in backtrack 4. i am using the backtrack 4 live cd.
and i have the wepbuster pl file on my hdd.


i will try what you said

ok so i did the perl wepbuster command, that worked fine.

i downloaded the precompield versions from the wepbuster google code page also. here is the output:

Code:

Detecting wireless interfaces...

---------------------------------------------------------

Found wlan0...
Getting monitor interface...
monitor interface --> mon3

Found 1 useable wireless card(s)

wlan0/mon3

=========================================================

No valid channel entered. Using the default ( US = 1 6 11 )


MODE: crack     (using: wlan0/mon3 == 00:c0:ca:22:19:96)

Scanning channel 6 for WEP-enabled Access Points
............Cannot open airodump output.: No such file or directory

it says error with airodump output. how can i fix this?

sdkee, you fixed it, how did you fix it?