Tools Required:
CommView for WiFi: http://tamos.com/download/main/ca.php
Aircarck-NG GUI: http://aircrack-ng.org/
Install CommView. While installation you maybe asked whether you want to install the application in VoIP mode or Standard mode. Both mode will work fine for our case. But I usually used the VoIP mode. It will automatically seraches and installs the available drivers needed for making the wirless adapter to enable the packet capture (by turning on promiscuous mode). Just allow it to install the needed drivers an you are good to go to the next step. And please note that while using CommView, your WiFi networks will get disconnected. Don’t panic, you are doing right!
After the installation, start the application and click on the left arrow on the left side.
You will be prompted with a new window. Click on the Start Scanning button.
In the right column, all the available networks around you will be shown. Just click the network you want to get the password, and click on “Capture”. Please note that, this tutorial is for WEP networks only!
Now the newely opened windows will be closed and you can now see that the CommView started capturing the packets.
Click on Settings> Options> Memory Usage. Change the value of maximum packets in buffer to 20000.
Now you can click on the logging tab. Select “Auto Logging”. Enter 2000 in the “Maximum Directory Size” and 20 in the “Average Log File Size”. We just told the CommView to capture *.ncp packets with each file of 20MB size and store it in the directory we chosed.
Again go to “Logging” tab and select “Concatenate Logs” to join all the split logs of 20 MB we just created. And now we have one *.ncf file.
Go to File>Log Viewer> Load CommView Logs> and choose the *.ncf file that we just got form the above Concatenation step.
Click File> Export> Wireshark/Tco dump format. This will create a .cap file
Go to the Aircrack application folder and then traverse to the bin file inside. Double click on Aircrack-ng GUI.exe in the application, choose the *.cap file we just created in the step 10.
And that’s it! If you sufficient data to crack the password, you will get the password. It is advisable to proceed from step 8 to 11 only after receiving enough packets. You will need a minimum of 100000 packets to start the cracking. So after step 7, it is advisable to leave the system alone for 2-3 hours and then proceed to the further steps!
NOTE:
Recently CommView became a paid software with a rather ridiculous price tag. But, no worries. There are more than enough alternatives. Some of them are mentioned below and can be used to obtain the .cap file as explained above:
•Cain $ Abel:
oxid.it
•WireShark:
Wireshark · Go Deep.
www.wireshark.org www.wireshark.org
For about a couple dozen more, check out the wikipedia page (link below )listing almost every packet analyzer:
Comparison of packet analyzers - Wikipedia
en.wikipedia.org en.wikipedia.org
They all work the same way, basically all we need is a means to get the .cap file and after that the role of packet analyzers is over. For most purposes WireShark is more than enough, so kindly check out this one first. On a seemingly unrelated note, the war against piracy wages on and packet analyzers have become victims too. Proprietary softwares like CommView continue to be easily available on torrent websites which shows just how harmful hacking can be to a company.
CommView for WiFi: http://tamos.com/download/main/ca.php
Aircarck-NG GUI: http://aircrack-ng.org/
Install CommView. While installation you maybe asked whether you want to install the application in VoIP mode or Standard mode. Both mode will work fine for our case. But I usually used the VoIP mode. It will automatically seraches and installs the available drivers needed for making the wirless adapter to enable the packet capture (by turning on promiscuous mode). Just allow it to install the needed drivers an you are good to go to the next step. And please note that while using CommView, your WiFi networks will get disconnected. Don’t panic, you are doing right!
After the installation, start the application and click on the left arrow on the left side.
You will be prompted with a new window. Click on the Start Scanning button.
In the right column, all the available networks around you will be shown. Just click the network you want to get the password, and click on “Capture”. Please note that, this tutorial is for WEP networks only!
Now the newely opened windows will be closed and you can now see that the CommView started capturing the packets.
Click on Settings> Options> Memory Usage. Change the value of maximum packets in buffer to 20000.
Now you can click on the logging tab. Select “Auto Logging”. Enter 2000 in the “Maximum Directory Size” and 20 in the “Average Log File Size”. We just told the CommView to capture *.ncp packets with each file of 20MB size and store it in the directory we chosed.
Again go to “Logging” tab and select “Concatenate Logs” to join all the split logs of 20 MB we just created. And now we have one *.ncf file.
Go to File>Log Viewer> Load CommView Logs> and choose the *.ncf file that we just got form the above Concatenation step.
Click File> Export> Wireshark/Tco dump format. This will create a .cap file
Go to the Aircrack application folder and then traverse to the bin file inside. Double click on Aircrack-ng GUI.exe in the application, choose the *.cap file we just created in the step 10.
And that’s it! If you sufficient data to crack the password, you will get the password. It is advisable to proceed from step 8 to 11 only after receiving enough packets. You will need a minimum of 100000 packets to start the cracking. So after step 7, it is advisable to leave the system alone for 2-3 hours and then proceed to the further steps!
NOTE:
Recently CommView became a paid software with a rather ridiculous price tag. But, no worries. There are more than enough alternatives. Some of them are mentioned below and can be used to obtain the .cap file as explained above:
•Cain $ Abel:
oxid.it
•WireShark:
Wireshark · Go Deep.
www.wireshark.org www.wireshark.org
For about a couple dozen more, check out the wikipedia page (link below )listing almost every packet analyzer:
Comparison of packet analyzers - Wikipedia
en.wikipedia.org en.wikipedia.org
They all work the same way, basically all we need is a means to get the .cap file and after that the role of packet analyzers is over. For most purposes WireShark is more than enough, so kindly check out this one first. On a seemingly unrelated note, the war against piracy wages on and packet analyzers have become victims too. Proprietary softwares like CommView continue to be easily available on torrent websites which shows just how harmful hacking can be to a company.