Aircrack and John the Ripper: Difference between revisions
From charlesreid1
(Created page with "=What is Aircrack= We have met Aircrack before - it's a tool used for sniffing out the right WEP and WPA packets to crack the network's encryption. One of the last steps,...") |
|||
| Line 13: | Line 13: | ||
To use Aircrack with John, you'll need to make sure you have both installed. If you're on [[Kali]] you're good to go. | To use Aircrack with John, you'll need to make sure you have both installed. If you're on [[Kali]] you're good to go. | ||
The way that we'll call John is: | The way that we'll call John is: | ||
Revision as of 05:37, 1 August 2015
What is Aircrack
We have met Aircrack before - it's a tool used for sniffing out the right WEP and WPA packets to crack the network's encryption. One of the last steps, once you've captured the proper packets, is to brute-force guess the WPA passphrase. This is where John can help.
What is John
John the Ripper is a tool for guessing weak passwords on user accounts. It's good at generating a whole bunch of random passwords that are based on words, or modifications of words, or numbers.
You can use John in conjunction with Aircrack, by telling John to just print out all of the words it has generated to stdout, and then using stdout as the aircrack wordlist/dictionary. This allows you to just let John crank away. There are certainly better ways to do it, but this can be a quick check for weak passwords.
Getting Set Up
To use Aircrack with John, you'll need to make sure you have both installed. If you're on Kali you're good to go.
The way that we'll call John is:
$ john --incremental=all --session=attack1 --stdout | aircrack-ng -a 2 -e ASDF asdf-01.cap -w -
Let's go through this one bit at a time:
--incremental=all: specifies incremental mode, which will go through every single painstaking combination. This means we don't have to supply a wordlist, but it also means we're going to be coming up with a lot of garbage guesses.
--session=attack1: this tells John to keep track of where it is at in the process and what passwords it has guessed, which will make it possible to restore the session in case the process dies or is interrupted.
--stdout: print all words that John would have otherwise tried itself to stdout, so that some other program can use them
-a 2: this specifies the encryption protocol as WPA2
-e ASDF: this is the name of the wireless network whose WPA passphrase we're trying to crack
asdf-01.cap: this is the capture file from our earlier-run airomon-ng command.
-w -: the -w flag specifies a wordlist. Since, in this case, - by itself represents stdin (what John is piping in), this means we're using John's generated words as an aircrack wordlist.