• 224 | Chapter 7: Wireless Security Testing
    		•

    Password Cracking on WiFi | 223




    Download 22,59 Mb.
    Pdf ko'rish
    bet203/225
    Sana14.05.2024
    Hajmi22,59 Mb.
    #232856
    1   ...   199   200   201   202   203   204   205   206   ...   225
    Bog'liq
    learningkalilinux

    Password Cracking on WiFi | 223

    Password Cracking Guarantees
    Keep in mind that you are not guaranteed to obtain a password by
    using this approach. If the actual password is not in the password
    list you provide, there is no way to get a match. You will end up
    with a failed crack attempt.
    Fern
    Fear not if you are reluctant to take multiple steps using the command line to go after
    WiFi networks. You can use 
    Fern
    , a GUI-based application that can be used to attack
    different encryption mechanisms. 
    Figure 7-6
    shows the interface that Fern presents.
    You can see from the screen capture that Fern supports cracking WEP and WPA net‐
    works.
    Figure 7-6. Fern GUI
    Once you have Fern running, you need to select the wireless interface you plan to use
    and then you need to scan for networks. The selection of the interface is in the left‐
    most box in the top row. Next to that is a Refresh button if you have made changes
    outside the GUI in order to get them picked up in the interface. “Scan for Access
    224 | Chapter 7: Wireless Security Testing

    points” is the next button down. That populates a list that Fern will provide to you.
    When you select the type of network you want to crack, either WEP or WPA, you will
    be presented with the box shown in 
    Figure 7-7
    . This gives you a list of the networks
    that were found. This list is basically the same list we’ve been dealing with up to now.
    Figure 7-7. Fern network selection
    You may also notice that at the bottom right of the dialog box is a selection button to
    provide Fern with a dictionary to use. Just like 
    aircrack-ng
    , Fern uses a dictionary to
    run cracks with, and just as with 
    aircrack_ng
    , you won’t be able to crack the password
    if it is not provided in the dictionary that Fern is given. To get Fern started, you select
    one of the networks provided, provide it with a dictionary file, and then click the
    Attack button.
    Going Rogue
    Rogue APs come in two, possibly three, flavors. First, you may get an AP that just
    tries to lure you in. It may be named FreeWiFi, or it may be a variation on a legiti‐
    mate AP. There is no attempt to do anything other than get people to connect. In the
    second kind, an attacker attempts to take over a legitimate SSID. The attacker mas‐
    querades as the real network, possibly jamming the legitimate signal. The third one is

    Download 22,59 Mb.
    1   ...   199   200   201   202   203   204   205   206   ...   225




    Download 22,59 Mb.
    Pdf ko'rish