Consider Grimwepa a front-end to many famous Wired Equivalent Privacy (WEP) and Wi-Fi Protected Access (WPA) password auditors. We haven’t been able to use this one as we have been very busy with various assignments. But, still this is worth a mention.
Grimwepa is a password cracker for both WEP and WPA-encrypted access points (routers). It is written in Java and is intended for use with the Linux Operating System, more specifically for the BackTrack distro’s. It has only two modes: Crack WEP-encrypted access points (routers) and crack WPA-encrypted access points. It can search for new targets, and auto-selects your cracking method! Pretty much everything is done for you.
Grimwepa uses the following applications and suites:
aircrack-ng suite:
o aircrack-ng, to crack WPA and WEP;
o airodump-ng, to capture packets and find access points;
o airmon-ng, to enumerate devices in monitor mode;
o aireplay-ng, to forge and replay packets;
o packetforge-ng, to create replay packets.
iwconfig, to see if devices are in monitor mode;
xterm, to show output to user;
ifconfig, to get the MAC address of devices;
macchanger, to change MAC address of wifi cards.
Since these applications exist on the current distribution of BackTrack, you can use this application without having to install all these.
The author built Grimwepa because the default cracker on BackTrack 4 did not work from him. It supports a lot of attack methods.
Attacks for WEP-encrypted Access Points:
ARP-Replay attack
Chop-chop attack
Fragmentation attack
p0841 attack
Cafe-Latte attack
Cracking options:
o aircrack-ng is able to crack just about any WEP password after about 20,000 IV (Initialization Vector) data packets have been captured. The capture usually takes about 2 minutes, and the crack another 2-3 minutes.
Attacks for WPA-encrypted Access Points:
Basic de-authorization attack to get handshake.
Cracking:
o GRIM WEPA includes a 2MB default password list containing approximately 250,000 commonly-used passwords.
o Wordlist / Dictionary / Brute-force attack: Currently, there is only one consistent method of cracking WPA, and that is by brute force.
This is a Java application and so it could work on almost all *Nix distributions. Executing Grimwepa is also pretty simple.
http://www.pentestit.com/2010/06/04/grimwepa-wep-wpa-password-cracker/
No comments:
Post a Comment