Subtitles of the Movie

In continuing our discussion on wireless capture tools we're going to look at a few more tools that you may want to look at when looking at wireless penetration testing, capturing wireless traffic and so forth. We'll look at AirSnort, WiCrawl and Aircrack-NG for Linux and then we'll also take a look at the version of Aircrack-NG for Windows. Now AirSnort is a very good program, its been out for a little while and we're looking at the Linux Version right now that we would find on the Backtrack 3 Cd. Now AirSnort can do several things, first of all it can look around for wireless networks, just the same as net Stumbler can, so it can give you some of the same information that some of these other network scanning tools can give you. It can also capture packets as well and in addition to that you can also load packet captures in and it will try to crack WEP passwords as well. Now WiCrawl is another Linux Tool again from the Backtrack 3 CD and it basically uses plugins and profiles such as a Discovery profile and so forth to detect wireless networks out there and to give you information back on the wireless network. These plugins do different things to get responses from the wireless networks; try to determine what kind of encryption and channel and things like that they can get from the network. The last Linux Program we'll talk about during this session is Aircrack and Aircrack again has been around for awhile, we're looking at the usage for it on Backtrack and as you can see basically Aircrack does not capture packets per say itself but it does take saved packet captures from other programs. It'll take those packet captures in and then it will go ahead and try to crack the WEP and WPA Keys and as you can see you can field for certain items such as the SSID and so forth. You can also have WEP cracking Options as well to use with Aircrack-NG. Let's go ahead and take a look now at the Aircrack-NG version for Windows. Now this is the Aircrack-NG version for Windows, as you can see it's a very nice GUI that is a lot easier to use probably then the Linux version and it can give you several different options to crack to WEP and WPA Keys. You can select WEP or WPA, you can select your key size, you can also select a particular word list that can be used because essentially cracking WEP and WPA a lot of the times is simple password cracking. You would take a word list, generate a key, compare that against the keys that you might get from the packet capture and see if there's a match. Now there's also some Advanced Options as well. If you choose to import a packet capture file, you can specify certain items such as the SSID and so forth and you can do key search filters, you can even perform brute force attacks on this. Now Aircrack requires a few peculiar device drivers that you probably won't find from most modern windows based network cards, you will probably have to use an older network card to run this program with. Now there is some other tools that come with the Aircrack-NG Suite and as you can see there's not very many options for it, just the one button to launch. Air Dump, this particular tool basically is a packet capturing program and it will dump packets into a file for you. The same thing with Air Decap NG and other programs that come with Aircrack-NG in its Suite. Again this set of programs is a little bit older and only supports certain network cards under Windows, primarily it was designed for Linux and then ported over to Windows. Its still a very good program that's useful to crack WEP and WPA Keys, simple keys but you're definitely are going to want use some older hardware with this particular program.