[Maemo 5] FAS (FRuMMaGe Aircrack Script) - Page 5 - maemo.org

mail_e36 | # 41 | 2011-01-19, 18:21 | Report

This looks wonderful, we are looking forward to the GUI.

roondar | # 42 | 2011-01-19, 18:43 | Report

Hi i see your code and you should use the case command for menus like this

PHP Code:


			
case $first in 

    1)menu ;;

    2)wpamode;;

    3)exit 0;;

    *)menu;;

esac

And if you want to do a GUI you can easly use zenety .

The Following 3 Users Say Thank You to roondar For This Useful Post:
FRuMMaGe, lolloo, theonelaw

angelbratz | # 43 | 2011-01-20, 05:08 | Report

Originally Posted by FRuMMaGe View Post

Any plain text format is fine. I use .lst dictionaries but .txt work just as well.

As far as the sudo command goes, each xterm launched in ubuntu was a child window and retained all directories and permissions of the parent. However in Maemo, each xterm is a completely new entity based in the /home/user directory and as a normal user.

I'll try rewriting the code to pipe it through to the sudo gainroot command as suggested earlier. Not in the mood now though, I just found out that my girlfriend of 3 years cheated on me so I am a bit preoccupied

If its not too much to ask...can you provide the exact file itself?

No need to have the full dictionary inside...a few sample inside on how the format to add the words in it..

Ive did some reading...just want to verify if its correct or not...

I created a abc.txt file...in there i put..

abcdefghijklmnopqrstuvwxyz1234567890abcdefghijklmn opqrstwvxyz

Is this correct? or Wrong?

but when the 3 option come out:

1. Current Cap
2. XXX cap
3. Dictionary (specify

i type 3 and the this appear...

Dictionary

Then is goes back to the

1.xxx
2.xxx
3. Dictionary

Am not really clear on how to do bruteforce for WPA...Still reading thru and learning...

Any recommendation or tutorial or guides to read?

Thank you

Bingley Joe | # 44 | 2011-01-20, 13:37 | Report

This is a very cool script!

I set one of my routers up with a WEP key last night, and was able to crack it within about 15 minutes. Pretty interesting

Anyway, one thing I was wondering is what is the best procedure for shutting everything down and returning the N900 to 'standard' mode after running this?

Is it just as simple as loading the stock driver and closing all the terminal windows, or do we need to do anything else?

FRuMMaGe | # 45 | 2011-01-20, 14:40 | Report

Originally Posted by angelbratz View Post

If its not too much to ask...can you provide the exact file itself?

No need to have the full dictionary inside...a few sample inside on how the format to add the words in it..

Ive did some reading...just want to verify if its correct or not...

I created a abc.txt file...in there i put..

abcdefghijklmnopqrstuvwxyz1234567890abcdefghijklmn opqrstwvxyz

Is this correct? or Wrong?

but when the 3 option come out:

1. Current Cap
2. XXX cap
3. Dictionary (specify

i type 3 and the this appear...

Dictionary

Then is goes back to the

1.xxx
2.xxx
3. Dictionary

Am not really clear on how to do bruteforce for WPA...Still reading thru and learning...

Any recommendation or tutorial or guides to read?

Thank you

I think you have misunderstood this a little. Go to THIS SITE for some good links to some big wordlists. Download/extract it to your MyDocs/FAS/diction folder.

Now when you get to the bruteforce menu, select option 3 and this will show you the names of all the wordlists in your diction folder. Simply type the name of the one you want to use (just the filename, not the full path) and now select a cap file (either specify one or use current).

Originally Posted by Bingley Joe View Post

This is a very cool script!

I set one of my routers up with a WEP key last night, and was able to crack it within about 15 minutes. Pretty interesting

Anyway, one thing I was wondering is what is the best procedure for shutting everything down and returning the N900 to 'standard' mode after running this?

Is it just as simple as loading the stock driver and closing all the terminal windows, or do we need to do anything else?

Go back to the "Enable/Disable Monitor Mode" section and then option 4 (stock drivers) then 2 (disable monitor mode)

Last edited by FRuMMaGe; 2011-01-20 at 14:48.

The Following User Says Thank You to FRuMMaGe For This Useful Post:
Bingley Joe

gnasgame3 | # 46 | 2011-01-20, 15:24 | Report

sir
i really appreciate yr effort to put all the commands into a script.

i have installed the driver successfully but just cant follow your tutorial on running yr script.

1) are we suppose to run the authentication and airodump-ng at the same time ?
2) in authentication window what are the value for
AP ESSID, MY MAC
and how to obtain this value.
In scanning for networks it shows only the BSSID
and ifconfig -a show confusing MAC address

thank you in advance

James_Littler | # 47 | 2011-01-20, 15:52 | Report

AP ESSID = (Zoom out) the alphanumeric name of the network e.g. linksys
My MAC = Install macchanger, then open a terminal and type macchanger -s wlan0

so e.g. you would type

linksys 00:22:33:44:55:66
(essid) (my MAC)

The Following User Says Thank You to James_Littler For This Useful Post:
FRuMMaGe

gnasgame3 | # 48 | 2011-01-20, 16:13 | Report

Originally Posted by James_Littler View Post

AP ESSID = (Zoom out) the alphanumeric name of the network e.g. linksys
My MAC = Install macchanger, then open a terminal and type macchanger -s wlan0

so e.g. you would type

linksys 00:22:33:44:55:66
(essid) (my MAC)

got the AP ESSID right can you please explain the second part.
do we only put the MAC address or the essid and Mac Address of the N900

FRuMMaGe | # 49 | 2011-01-21, 00:20 | Report

Originally Posted by gnasgame3 View Post

1) are we suppose to run the authentication and airodump-ng at the same time ?

Yes. Airodump is left open the whole time as it is capturing packets for you to eventually crack.

Originally Posted by gnasgame3 View Post

2) in authentication window what are the value for
AP ESSID, MY MAC
and how to obtain this value.
In scanning for networks it shows only the BSSID
and ifconfig -a show confusing MAC address

thank you in advance

Make sure you have the font set to 10 to see the whole airodump window. The "confusing" mac still shows your actual mac. Eg:

sudo gainroot
ifconfig

Will give you: HWaddr 00-1F-CF-B0-89-93-00-00-00-00-00-00-00-00-00-00

Your mac is the first 6 pairs of numbers with colons ( : ) instead of hyphens.

Eg. 00:1F:CF:B0:89:93

Or as suggested you could use macchanger

Last edited by FRuMMaGe; 2011-01-21 at 00:22.

The Following User Says Thank You to FRuMMaGe For This Useful Post:
gnasgame3

angelbratz | # 50 | 2011-01-21, 07:23 | Report

Successfully obtained my WEP...

Now learning how to Bruteforce WPA/WPA2...

Huhuhuhuhu.....Keep up the Excellent work...

Thank youuuuu....^.^

Just to verify my steps for bruteforcing my WPA/WPA2...

sh fas.sh

i choose 3 (load)
Then 1 (Enable)
Then 2 (Scan Ap)
Then 4 (brutefoce)
Then 3 Choose Dictionary
Then i enter (test.txt)
Then I choose 2 (Specify Cap)
Then it open a New Window and close it immediately...
It brings me back to the mainmenu.. (1-5)

There is no option to inject or authenticate with client like cracking the WEP...

Did i miss something here?

^.^""

Sorry...

Also...during Deauthentication...

I should enter

(AP MAC) (MYPC MAC) INTERFACE (wlan0)

Right?

Last edited by angelbratz; 2011-01-21 at 08:48.