WEP Cracking for Mac OS X

Randar the Lava Liza writes "Finally there is a tool to put default Apple AirPort hardware into monitoring mode for wireless security analysis. KisMAC is a variant of Kismet that runs natively on Mac OS X. It requires a special driver to be installed to run the AirPort hardware in monitoring mode, and has built-in WEP cracking tools once enough weak packets have been sniffed."

Re:Apple Laptops are not ideal for WiFi hacking

[sco08y]

You're in the thick of it, granted, but as far as they can tell you haven't got any 80211.b card at all. You can tell them, hey, I'm just using my laptop. Go look for someone with an external antenna.

Re:Great

[Permission Denied]

Consider this analogy:

MacOS X Server 10.1 used netinfo for authentication of client machines. The way it worked is that password hashes were stored in netinfo and netinfo was readable to the world (eg, it posted /etc/passwd on the Internet).

The bosses would not believe this was a problem until I showed them how I could download all the password hashes from any arbitrary machine on the Internet and subsequently ran a cracker which found a large number of weak passwords.

In fact, they failed to see the scope of the problem (it was completely debilitating) as they only saw me typing a bunch of commands and their eyes glazed over. If there were some point-and-click Mac toy that would download the hashes, run Crack in the background and report results, it may have convinced them of just how serious a problem it was. In fact, I considered writing such a GUI tool because I'm genuinely concerned about shops that buy MacOS X Server and don't have a *nix admin.

Similarly, some people still don't understand that WEP is 100% useless (you can break it from a Palm for God's sake). I recommend completely turning off WEP so your users understand that any traffic going over wireless is world-readable. This may convince them to avoid plain-text password protocols and check that when they type their credit card numbers the site is using strong SSL. I've seen people send their credit card numbers over email, so this is absolutely necessary.

WEP crackers are not in any way "hacker" or "cracker" tools, and I doubt they are widely used for illegitimage purposes - I would venture that many more people use netstumbler and airsnort to convince others that WEP is useless. Lowering the bar so there's some point-and-click tool that your grandmother can download is a good thing, since there is nothing "hard" about cracking WEP and people need to understand that.

Re:bah!

[Pathwalker]

Yep - seems to be down now.

If you want the binary, you can grab it from my box here [ofdoom.com] - I didn't save any of the web pages.

Kismac not related to kismet

[Anonymous Coward]

Just for the record - kismac is NOT a variant of kismet. Kismac is, to the best of my knowledge, closed source and as such is unrelated to the Kismet GPL codebase.

For those interested, Kismet SHOULD have native OSX support, also using the viha drivers, in the 2.8 release. Stay tuned to the development changelogs. Anyone interested in furthering development (I don't have an OSX box) are welcome to drop by in #kismet on openprojects.net

-dragorn