Aircrack-ng for Windows - Aircrack:

Project Homepage: http://www.aircrack-ng.org/index.php?title=Main_Page

Aircrack-ng is the next generation of Christophe Devine's excellent aircrack suite of tools.

INSTALLING AIRCRACK-NG FOR WINDOWS

RUNNING AIRCRACK-NG FOR WINDOWS

BREAKING WEP

BREAKING WPA

Running Aircrack-ng for Windows:

Once as many IVs as required have been captured using the airodump packet capture utility
the resultant [filename].cap file can be imported into aircrack to break the static WEP or
WPA-PSK keys.

To view all available switches:

cd c:\aircrack-ng-[version]

aircrack-ng.exe
Basic usage: aircrack -q -n [WEP key length] -b [BSSID] [filename].cap

C:\aircrack\bin\aircrack -q -n -b capture2.cap

Breaking WEP:

As you can see the capture file in use below (capture1.ivs) was created with airodump
capture option "Only capture WEP IVs (y/n)" set to "y" as the resultant file is in the .ivs
format. If n had been selected the resultant file would be in the .cap format.
Whilst this will work, we can could have cut down the cracking options for Aircrack-ng by
specifying the WEP key length (-n) or by specifying the target AP MAC address (-b) on the
command line:

aircrack -a 1 -q -n 128 -b 11:11:11:11:11:11 capture1.ivs (Where

11:11:11:11:11:11 = Target AP's MAC address)

As you can see aircrack found the WEP key for our 1008195 IV capture file (capture1.ivs) in
only 4 seconds.

The capture file itself (capture1.ivs) is included here to test your own aircrack installs (note:
the file is a 5.77mb download).

Breaking WPA:

In order to be carry out the WPA dictionary attack using aircrack-ng we either have to:

1. Wait for a WPA client to associate to the network (This could take a while)

2. Force a WPA client off the network, forcing it to reassociate.

Either of these two method allows us to capture the WPA handshake, which is what we require
to perform a dictionary attack.

The downside to using this Windows version of aircrack-ng is that there are not any freely
available tools to perform this attack. So we have to either use a Linux tools (e.g. aireplay or
void11) or wait for an association to occur.

Which ever way we gather the WPA handshake we still use the same tool; airodump.
Once we think we have captured the WPA handshake, we simply run the capture file through
aircrack for confirmation:

If have confirmed we have the WPA handshake (as above) we can attempt the dictionary
attack:

As you can see above aircrack found the WPA PSK of "passphrase"

The capture file itself (capture2.cap) is included here to test your own aircrack installs
Installing Aircrack-ng

From sources
Requirements

Linux
Kernel headers and gcc as well as make have to be installed on your system.

On Debian-based distros (Debian, Ubuntu, Xubuntu, …), issue the following command in a
console to install them:

sudo apt-get install build-essential

Development version require additional libraries to be installed:

• OpenSSL (development). It is called openssl-dev or libssl-dev depending on your

distribution.
• SQLite (development) > 3.3.17 (but latest version is recommended); patching is
not needed.

Windows
Development version require additional libraries to be installed:

• OpenSSL (development): openssl-devel

• SQLite (development) > 3.3.17 (but latest version is recommended). No package
exist on cygwin and thus it has to be compiled.

Compiling SQLite on cygwin

In order to compile SQLite on cygwin, additional packages have to be installed:

• autoconf 2.50 (autoconf2.5)

• libtool (libtool1.5)

wget http://www.sqlite.org/sqlite-3.5.5.tar.gz
tar -zxf sqlite-3.5.5.tar.gz
cd sqlite-3.5.5
./configure --disable-tcl
wget http://patches.aircrack-ng.org/sqlite-3.5.4-lib_cygwin.diff
patch -i sqlite-3.5.4-lib_cygwin.diff
# Some things (we don't need) don't compile on cygwin.
# We remove them with this patch.
make
make install
Compiling and installing

Stable
wget http://download.aircrack-ng.org/aircrack-ng-0.9.2.tar.gz
tar -zxvf aircrack-ng-0.9.2.tar.gz
cd aircrack-ng-0.9.2
make
make install

Latest stable sources

svn co http://trac.aircrack-ng.org/svn/trunk/ aircrack-ng
cd aircrack-ng
#and as usual
make
make install

Development
Development version require some additional libraries:

• OpenSSL (libssl-dev on Debian-based system)

• SQLite > 3.2.17 (latest version is recommended) if you want to use airolib-ng

wget http://download.aircrack-ng.org/aircrack-ng-1.0-beta2.tar.gz
tar -zxvf aircrack-ng-1.0-beta2.tar.gz
cd aircrack-ng-1.0-beta2
make
make install

Compiling with airolib-ng support

Simply append 'sqlite=true' parameter to make and make install:

make sqlite=true
make sqlite=true install

Compiling with Airpcap support (cygwin only)

1. Copy 'developer' directory from the Airpcap CD at the same level as 'aircrack-ng'
directory
2. Append 'airpcap=true' parameter to make:

make airpcap=true
make install

Compiling with airolib-ng and Airpcap support

Simply append both parameter to make and make install:

make sqlite=true airpcap=true

make sqlite=true install

Latest development sources

svn co http://trac.aircrack-ng.org/svn/branch/1.0-dev aircrack-ng
cd aircrack-ng
#and as usual
make
make install

Troubleshooting Tips

"build" - No such file or directory

On Debian-based distros, if you get something similar to:

/bin/sh: line 0: cd: /lib/modules/2.6.15-28-amd64-generic/build: No

such file or directory
Makefile.inc:66: *** /lib/modules/2.6.15-28-amd64-generic/build is
missing, please set KERNELPATH.
Stop.

Solution:

The build directory gets installed together with the kernel headers, so either you lack the
correct headers or your KERNELPATH is wrong. Please check that `uname -r` returns “2.6.15-
28-amd64-generic”.

Do a “sudo apt-get install linux-headers-`uname -r`” or just “sudo apt-get install linux-
headers”.

If uname returns exactly that string and the current headers are installed, the remove the
headers and install them again. Also check /usr/src for installed header files, maybe it got
mixed up for whatever reason.

In the above examples, needless to say, change “2.6.15-28-amd64-generic” to whatever you

are running.

"openssl/hmac.h" - No such file or directory

If you get something similar to:

crypto.h:12:26: error: openssl/hmac.h: No such file or directory

crypto.h:13:25: error: openssl/sha.h: No such file or directory
crypto.h:15:25: error: openssl/rc4.h: No such file or directory
crypto.h:16:25: error: openssl/aes.h: No such file or directory

Solution: You are missing the OpenSSL development package. Depending on the distribution,
download and install openssl-devel or libssl-devel. Or worst case, install it from source:
http://www.openssl.org.
"zlib.h" No such file or directory
If you get something similar to:

wesside-ng.c:54:18: error: zlib.h: No such file or directory

Solution: You are missing the zlib development package. Depending on the distribution,
download and install zlib-devel. Or worst case, install it from source: http://www.zlib.net.

Installing pre-compiled binaries

Linux
Open your package manager and install 'aircrack-ng' package.

Windows
The Windows version of the aircrack-ng suite does not have an install program. You must
manually install (unzipping archive) the software.

Here are the steps to follow for Windows XP:

• Download the latest version of the aircrack-ng suite for Windows to your PC. The
link for the zip file can be found on the Wiki home page.

• Unzip the contents of the aircrack-ng zip file into “C:\”. This will create a
directory called “aircrack-ng-0.9.2-win”. This directory name will vary based on
the exact version that you downloaded. This main directory contains three
subdirectories - “bin”, “src” and “test”.

• Manually download the following files and place them in the same directory as
the airodump-ng.exe file. Peek.dll and Peek5.sys

Prior to using the software, make sure to install the drivers for your particular wireless card.
See this link for the instructions.

To now use the aircrack-ng suite, start Windows Explorer and double click on Aircrack-ng
GUI.exe inside “bin” subdirectory. The GUI requires .NET Framework 2.0 to run (.NET
Framework 3.0 or 1.0/1.1 are not able to run this executable, 2.0 MUST be installed).

Alternatively, open a command prompt (Start menu → Execute → cmd.exe) and change to the
“C:\aircrack-ng-0.9-win\bin” directory and execute the individual commands.

Important notes:

• Remember that Windows only supports a limited subset of the commands.

• Some troubleshooting tips specific to XP and Vista can be found on this page.
Mac OSX
Make sure you have Xcode installed on your Mac, which can be found on the installer CD/DVD
which came with your Mac. After getting the source you can do a simple “make && sudo make
install” from the untarred directory. When you use the stable, you need to rename the
Makefile.osx to Makefile and when you use the dev version it will autodetect you are using
Darwin and compile fine.

Mind you, airodump-ng and aireplay-ng are linux only and will not work under OSX native, so
for reinjecting and sniffing you will have to use other means.

If you have an intel Mac check out the VMware Fusion option which is mentioned lower on this
page.

Optional is openssl-dev and sqlite3 which can be installed through fink

VMware image
Requirements

• VMWare Workstation 6.02, VMWare Player 2.02 (freeware) or VMWare Fusion

beta for intel based Mac's
• Wireless USB adapter with either rtl8187 or rt2570 chipset
• Approximately 3 gigs of hard disk space

Starting

1. Install VMWare Workstation or Player

2. Download this VMware image here and unpack it somewhere (on a NTFS file
system)
3. Start VMware and select “open”. Open the virtual machine.
4. Attach your USB adapter.
5. If the USB adapter is recognized automatically you'll find a small USB icon in the
lower right corner of your VMWare window. If not you have to activate it
manually.

Notes:

• You don't need a driver for the device on the OS running VMware.
• The login credentials for the image are user id “root” with password “root”.
• The FAQ has some limited information about running the aircrack-ng suite under
VMWare.

Manually attaching USB device

On VMware Player, the device should be shown in the title bar, click on it to activate it. On
VMware Workstation, use menu “VM→Removable devices→USB” and then select the device:
It will automatically unplug the device from windows and attach it to the virtual machine.