Fern is a tool to discover weaknesses in a network. It uses aircrack-ng behind the scenes to achieve this. The best feature of Fern is its excellent GUI written in Python-Qt4. For those who don’t want to get into the cmdline options of complex tools like aircrack-ng, Fern is Godsent.
Fern Wifi Cracker is a GUI for Aircrack-ng, it makes cracking WEP it so damn simple. I’m on Backtrack 4 here and the only thing you will need download and installing Fern Wifi cracker is to open the terminal and use these two commands: (if you on another distro you might need to install some packets first ).
Note that Fern is intended for testing and strengthening your own network, it is not meant to penetrate others’ networks.
- I like 5 GHz because of the superior speeds, but realistically if you're pentesting a WiFi network you don't really need the speed, just the reliability and a decent connection. 100Mbps would be fine. I like the idea of having a phone with an in-built Nethunter-capable WiFi adapter but I don't think there are many like that.
- Richardsonlima / Cracking WPA2 WEP Wifi Aircrack 10 seconds guide For Mac OSX Sierra. Last active Dec 4, 2020.
- Fern Wifi Cracker Fern WiFi Cracker is a python based tool that can be used for WEP/WPA/WPA2 cracking, session hijacking, ARP request replays, and performing brute force attacks. It is able to save the key in the database on a.
Features
- WEP Cracking with Fragmentation,Chop-Chop, Caffe-Latte, Hirte, ARP Request Replay or WPS attack
- WPA/WPA2 Cracking with Dictionary or WPS based attacks
- Automatic saving of key in database on successful crack
- Automatic Access Point Attack System
- Session Hijacking (Passive and Ethernet Modes)
- Access Point MAC Address Geo Location Tracking
- Internal MITM Engine
- Bruteforce Attacks (HTTP,HTTPS,TELNET,FTP)
- Update Support (restart required to apply update)
Installation
To install Fern Wifi Cracker on Ubuntu, first install the dependencies:
Fern Wifi Cracker Linux Install
Download the Fern Open Source version. Then run:
Usage
Fern Wifi Cracker No Mac Address
The Fern installer adds a start menu icon. If you can’t find it, run:
NOTE: The information contained in this tutorial is directed toward the Kali Linux distribution, but can also apply to other Linux varieties if the appropriate tools are installed. All tools used in this tutorial are freely available.
For the purposes of this article, all ESSIDs and BSSIDs have been pixelated. When you run actual scans, you will be able to see these values.
SETTING YOUR WIRELESS CARD TO MONITOR MODE:
Before using any wifi pen testing tool, you will need to set your wireless interface to Monitor mode. First, find out which wireless interfaces are available by running iwconfig from the command line.
The response to this command tells you a few things. We know that the wireless interface on this system is wlan0 (Be wary as this may not be wlan0 after a reboot. Some systems shuffle the interface name on reboot.), we know that Wlan0 is not associated with an access point (not connected to a wireless network), and we know that the Tx-Power (transmit power) of this interface is 15dBm. Depending on your drivers, you can bump this setting as high as 30dBm, though most systems are now limited to 20dBm to conserve power and avoid over-heating your wireless card.
To adjust your transmit power, run the following:
# iwconfig wlan0 txpower 30
In order to set an interface to Monitor Mode (Using the example of wlan0), you should run airmon-ng start wlan0**
.
Airmon-ng (part of the Aircrack suite) has now created a new interface called mon0 which is a sub-interface of wlan0 and is set to Monitor Mode. You can now use the command airodump-ng mon0
to view the wireless traffic in your area.
THIS IS NOT AN ATTACK OF ANY KIND - IT SIMPLY LISTENS TO PASSING TRAFFIC IN YOUR AREA. FEEL FREE TO TRY IT OUT
While using airomon-ng, the BSSID field shows the MAC addresses of nearby wireless networks. ESSID shows the names (SSIDs) of these networks. PWR shows the power of each network, which helps to determine its location and your likelihood of cracking the wifi password (the greater the power, the better your chances. NOTE: Power is never negative, but is shown that way in airodump-ng depending upon the version of the rt18187 module that is installed. This can be fixed by accessing the terminal and running airdriver-ng unload 36
, then running airdriver-ng load 35
.) CH shows the channel on which a given network is broadcasting. ENC shows the encryption standard employed by each network. WEP networks are the easiest to crack, followed by WPA, and then WPA2. CIPHER and AUTH both provide further information as to how the network is secured.
In the lower section of the terminal, you will notice that each BSSID entry is associated with a STATION. The STATION is a device which is reaching out for a network. PROBE indicates the network that the STATION is trying to reach. More often than not, you'll see a response of (not associated), meaning that the desired network isn't available, the device didn't connect, etc. If you see a real MAC address in the BSSID field, then the STATION has just connected to that network.
Now it's time to actually do something with all this traffic!
USING FERN-WIFI-CRACKER TO PEN TEST WIRELESS NETWORKS
Fern-Wifi-Cracker is a free, GUI-based tool that uses the aircrack suite to attack wireless networks. Fern can be launched from the Kali Linux application menu under Wireless Attacks >> Wireless Tools >> fern-wifi-cracker
.
The Fern interface is pretty intuitive and will allow you to point and click your way through a wireless assessment (to an extent). In order to search for available networks, simply choose an interface from the dropdown Interface list and click the button to Scan for Access Points.
After a few seconds, you'll see networks begin showing up next to both the WEP button and the WPA button.
Click either the WEP or WPA button to choose a target. As the names suggest, each button is related to an encryption standard and will list the available wireless access points using that particular encryption standard.
Now choose your target network from the list, click the Attack button, and wait...
NOTE: If you choose to update Fern, it will stop working. This is because the updater is broken. Don't worry though – it's an easy fix. From the command line, run the following: chmod x /usr/share/fern-wifi-cracker/resources/execute.py
. As soon as you run this command, Fern will begin operating normally again.
USING WIFITE TO PEN TEST A WIRELESS NETWORK
If you are comfortable using the command line, a somewhat more powerful tool available to you is Wifite. You can call wifite directly from the command line by running wifite
.
Wifite will begin scanning for local networks and start gathering data on devices which connect to these networks. Once you are satisfied that you have gathered enough data (I recommend waiting about 3-5 minutes), hit CTRL C
to stop scanning and select a target.
Enter the number of your target network and hit ENTER to begin an attack against that network. You want to target networks that are marked with client or clients - These networks are actively communicating with a wireless device, making them even more vulnerable.
Wifite automatically iterates through multiple attack types supported by Aircrack-ng in order to give you the best chances of success.
Further Information on Aircrack-ng:
For more information / tutorials around Aircrack-ng, visit http://www.aircrack-ng.org/doku.php?id=Main#tutorials.
NEVER MISS A BLOG
Get the latest stories, expertise, and news about security today.