Friday, June 24, 2011

Getting Started With Aircrack-ng [Linux]

As my first "real" post, I'll explain the basics to installing an important suite that I use quite often and is one of the most important tools to pentesting networks called Aircrack-ng (ng stands for new generation, like IPng or IPv6).

I use Ubuntu Backtrack 5 which comes preloaded with the aircrack-ng suite, but I'll explain how to install and configure this on a fresh Linux computer or laptop for those who aren't strictly into netsec and want to start or have fun with it.

Before starting on Linux, make sure you have all the necessary kernel headers and other files necessary to run aircrack. Issue the command "apt-get install build-essential" and add the prefix "sudo" (super user do) before if you are not running as root. This should install all necessary files if you do not already have them, and  you should be ready to begin.
Also, the aircrackng suite requires the "openssl-dev or libssl-dev" dependencies (thanks Anon in comments!); try apt-getting these as well.


  1. On your favorite browser, download the aircrack-ng tar file to your root, home (where your cd command leads), or desktop OR enter the following command into your terminal "wget http://download.aircrack-ng.org/aircrack-ng-1.1.tar.gz"
  2. Secondly, open an unused terminal and navigate (using the cd command) to where you downloaded the file and enter the command "tar -zxvf [file name]" where file name is of course, the name of the file that you downloaded above. If you used the wget command, it should be in the directory you were in when you issued that command and the file name should be aircrack-ng-1.1.tar.gz.

    Helpful note from an Anon in comments: "xvzf (x = decompress, v = verbose, z = ungzip);" the f stands for "file" and denotes which file you wish to perform these actions on, too.
  3. While in the same directory that you extracted the tar file in (that's what the tar command did), enter the command "cd aircrack-ng-1.1" to navigate into the folder (or if it's a different version, ls command out to find what the folder is called), then enter the commands "make" and then "make install"
Bam. Done. If you did everything correctly, the aircrack next generation suite should be installed with all its nerdy goodness and you can begin scanning networks, saving IVs, and cracking passwords.

My next posts will deal with actually using the Aircrack-ng suite to crack WEP, WPA, and WPA2 network passwords, as well as numerous ways to inject packets and other neat stuff that help cracking into these types of networks.

If you post below (anyone can, please keep it non-spammy and use at least semi-understandable English) with any errors you get or questions you have I'll respond as soon as I can, just try to explain it to the best of your ability.

27 comments:

  1. Hi,
    While I was installing aircrack I did the build essentials part and the terminal said that it was unable to locate package build-essentials. Also I get two errors when I try to make and make-install the aircrack program: aircrack-ng.c:4189:8: error: array subscript is below array bounds
    make[1]: *** [aircrack-ng.o] Error 1
    make[1]: Leaving directory `/home/greg/aircrack-ng-1.1/src'
    make: *** [install] Error 2

    Any help would be great! Thanks!

    ReplyDelete
  2. Pedantic note: you're untarring and ungzipping the .tar.gz aircrack file that you download, hence the -z command line parameter in tar xvzf (x = decompress, v = verbose, z = ungzip, f I've forgotten), not just untarring it.

    ReplyDelete
  3. @gblock, are you running as root or running your commands as sudo? Also, have you run "apt-get update" and "apt-get upgrade"?

    @Anon, thanks for the tips, people like you really help us all learn, I'll update it right away =D

    ReplyDelete
  4. I believe the package is actually "build-essential" - no 's' on the end.

    ReplyDelete
  5. @gblock, I had the same problem as you. Marshall neglected to mention that you need to have openssl-dev or libssl-dev (the name varies between distros) installed. For more info, see the instructions at http://www.aircrack-ng.org/doku.php?id=install_aircrack#linux

    ReplyDelete
  6. @Anon1, yes, no "s" at the end.

    @Anon2. I'll update that; definitely check out that link for further issue-checking. I try to explain it more than they do for the newbies, but some things fall through the cracks.

    ReplyDelete
  7. I get the same error gblock described.
    I have done "sudo apt-get update" and "sudo apt-get upgrade"
    I did "sudo apt-get install openssl-dev" as well as for libssl. (openssl worked for me)
    I still get the error.

    ReplyDelete
  8. @Anon, I believe there is a "make" file, can you edit that with Nano (nano [filename]) and remove (place a # in front of it to comment it out) a line that has "-Werror" in it?

    ReplyDelete
  9. All done, thanks!

    ReplyDelete
  10. MarshallJul 3, 2011 11:02 PM

    @Anon, I believe there is a "make" file, can you edit that with Nano (nano [filename]) and remove (place a # in front of it to comment it out) a line that has "-Werror" in it?
    Reply

    How i have same problem how ill edit it and what is ''-werror''?

    Thanks

    ReplyDelete
    Replies
    1. I'm slightly confused by your comment, "-werror" is the line that you need to comment out (which the # character does).

      Delete
    2. try this:

      edit common.mak using nano or your favourite one (with root or sudo priv)

      Go to this line: CFLAGS ?= -g -W -Wall -Werror -O3
      Delete the -Werror variable, so that the line now looks like the following. Save and exit.
      the line must look something like this:
      CFLAGS ?= -g -W -Wall -O3

      Delete