Strony

czwartek, 14 kwietnia 2011

Próba włamania do TL-WR1043N z OpenWRT Backfire

Próba miała na celu analizę logów z routera zebranych podczas próby ataku na sieć WiFi.

Do testów użyto:
  • Router TP-Link TL-WR1043ND z alternatywnym firmware OpenWRT Backfire 10.03.1-rc4 [AP:AP:AP:AP:AP:AP]
  • Klient podłączony do AP [C1:C1:C1:C1:C1:C1]
  • WLAN 11g USB Adapter – Chipsert ZyDAS ZD1211B – [C2:C2:C2:C2:C2:C2]
  • System operacyjny BackTrack 4 R2

Konfiguracja TL-WR1043ND
Dystrybucja: OpenWRT Backfire 10.03.1-rc4
Kompilacja: 2011-02-26 - r25718

root@server:~# uname -a
Linux server 2.6.32.27 #7 Sat Feb 26 15:25:42 CET 2011 mips GNU/Linux

Wykonane testy:

TEST 1. Injection test
(http://www.aircrack-ng.org/doku.php?id=injection_test)
root@bt:~# aireplay-ng -9 -a AP:AP:AP:AP:AP:AP -e test -B mon0

13:51:22 Waiting for beacon frame (BSSID: AP:AP:AP:AP:AP:AP) on channel 5
13:51:22 Trying broadcast probe requests...
13:51:22 Injection is working!
13:51:24 Found 1 AP

13:51:24 Trying directed probe requests...
13:51:24 AP:AP:AP:AP:AP:AP - channel: 5 - 'test'
13:51:25 Ping (min/avg/max): 8.055ms/22.076ms/138.223ms Power: -50.72
13:51:25 29/30: 96%

13:51:25 Trying directed probe requests for all bitrates...

13:51:25 AP:AP:AP:AP:AP:AP - channel: 5 - 'test'
13:51:28 Probing at 1.0 Mbps: 13/30: 43%
13:51:29 Probing at 2.0 Mbps: 23/30: 76%
13:51:31 Probing at 5.5 Mbps: 23/30: 76%
13:51:32 Probing at 6.0 Mbps: 24/30: 80%
13:51:33 Probing at 9.0 Mbps: 22/30: 73%
13:51:34 Probing at 11.0 Mbps: 24/30: 80%
13:51:35 Probing at 12.0 Mbps: 23/30: 76%
13:51:36 Probing at 18.0 Mbps: 26/30: 86%
13:51:37 Probing at 24.0 Mbps: 24/30: 80%
13:51:38 Probing at 36.0 Mbps: 24/30: 80%
13:51:39 Probing at 48.0 Mbps: 24/30: 80%
13:51:40 Probing at 54.0 Mbps: 26/30: 86%

Logi AP
Apr 13 19:51:27 hostapd: wlan0: STA 00:ad:81:0d:12:57 IEEE 802.11: did not acknowledge authentication response
Apr 13 19:51:27 hostapd: wlan0: STA 00:33:9d:9e:04:c0 IEEE 802.11: did not acknowledge authentication response
Apr 13 19:51:27 hostapd: wlan0: STA 00:42:51:e9:95:6d IEEE 802.11: did not acknowledge authentication response
Apr 13 19:51:27 hostapd: wlan0: STA 00:64:ad:5c:24:66 IEEE 802.11: did not acknowledge authentication response
Apr 13 19:51:27 hostapd: wlan0: STA 00:be:04:79:ef:c9 IEEE 802.11: did not acknowledge authentication response
Apr 13 19:51:27 hostapd: wlan0: STA 00:a1:76:b1:77:6f IEEE 802.11: did not acknowledge authentication response
Apr 13 19:51:27 hostapd: wlan0: STA 00:e0:24:f1:ed:37 IEEE 802.11: did not acknowledge authentication response
Apr 13 19:51:27 hostapd: wlan0: STA 00:94:29:77:7d:be IEEE 802.11: did not acknowledge authentication response
Apr 13 19:51:27 hostapd: wlan0: STA 00:d4:ec:65:85:63 IEEE 802.11: did not acknowledge authentication response
Apr 13 19:51:27 hostapd: wlan0: STA 00:bf:0e:74:93:f4 IEEE 802.11: did not acknowledge authentication response
Apr 13 19:51:27 hostapd: wlan0: STA 00:8e:19:34:99:63 IEEE 802.11: did not acknowledge authentication response
Apr 13 19:51:27 hostapd: wlan0: STA 00:22:6d:4f:87:f2 IEEE 802.11: did not acknowledge authentication response
Apr 13 19:51:27 hostapd: wlan0: STA 00:b3:5c:58:3b:21 IEEE 802.11: did not acknowledge authentication response
Apr 13 19:51:27 hostapd: wlan0: STA 00:ab:fa:2f:1f:8d IEEE 802.11: did not acknowledge authentication response
Apr 13 19:51:27 hostapd: wlan0: STA 00:5b:1d:bd:e2:65 IEEE 802.11: did not acknowledge authentication response
Apr 13 19:51:27 hostapd: wlan0: STA 00:f2:70:7e:26:09 IEEE 802.11: did not acknowledge authentication response
Apr 13 19:51:27 hostapd: wlan0: STA 00:e1:49:76:31:d0 IEEE 802.11: did not acknowledge authentication response
Apr 13 19:51:27 hostapd: wlan0: STA 00:69:e4:2c:c1:1f IEEE 802.11: did not acknowledge authentication response
Apr 13 19:51:27 hostapd: wlan0: STA 00:a6:a1:43:5c:e3 IEEE 802.11: did not acknowledge authentication response
Apr 13 19:51:27 hostapd: wlan0: STA 00:0c:b7:00:ca:99 IEEE 802.11: did not acknowledge authentication response
Apr 13 19:51:27 hostapd: wlan0: STA 00:65:bc:0a:e3:e3 IEEE 802.11: did not acknowledge authentication response
Apr 13 19:56:28 hostapd: wlan0: STA 00:ad:81:0d:12:57 IEEE 802.11: disassociated due to inactivity
Apr 13 19:56:28 hostapd: wlan0: STA 00:33:9d:9e:04:c0 IEEE 802.11: disassociated due to inactivity
Apr 13 19:56:28 hostapd: wlan0: STA 00:42:51:e9:95:6d IEEE 802.11: disassociated due to inactivity
Apr 13 19:56:28 hostapd: wlan0: STA 00:64:ad:5c:24:66 IEEE 802.11: disassociated due to inactivity
Apr 13 19:56:28 hostapd: wlan0: STA 00:be:04:79:ef:c9 IEEE 802.11: disassociated due to inactivity
Apr 13 19:56:28 hostapd: wlan0: STA 00:a1:76:b1:77:6f IEEE 802.11: disassociated due to inactivity
Apr 13 19:56:28 hostapd: wlan0: STA 00:e0:24:f1:ed:37 IEEE 802.11: disassociated due to inactivity
Apr 13 19:56:28 hostapd: wlan0: STA 00:94:29:77:7d:be IEEE 802.11: disassociated due to inactivity
Apr 13 19:56:28 hostapd: wlan0: STA 00:d4:ec:65:85:63 IEEE 802.11: disassociated due to inactivity
Apr 13 19:56:28 hostapd: wlan0: STA 00:bf:0e:74:93:f4 IEEE 802.11: disassociated due to inactivity
Apr 13 19:56:28 hostapd: wlan0: STA 00:8e:19:34:99:63 IEEE 802.11: disassociated due to inactivity
Apr 13 19:56:28 hostapd: wlan0: STA 00:22:6d:4f:87:f2 IEEE 802.11: disassociated due to inactivity
Apr 13 19:56:28 hostapd: wlan0: STA 00:b3:5c:58:3b:21 IEEE 802.11: disassociated due to inactivity
Apr 13 19:56:28 hostapd: wlan0: STA 00:ab:fa:2f:1f:8d IEEE 802.11: disassociated due to inactivity
Apr 13 19:56:28 hostapd: wlan0: STA 00:5b:1d:bd:e2:65 IEEE 802.11: disassociated due to inactivity
Apr 13 19:56:28 hostapd: wlan0: STA 00:f2:70:7e:26:09 IEEE 802.11: disassociated due to inactivity
Apr 13 19:56:28 hostapd: wlan0: STA 00:e1:49:76:31:d0 IEEE 802.11: disassociated due to inactivity
Apr 13 19:56:28 hostapd: wlan0: STA 00:69:e4:2c:c1:1f IEEE 802.11: disassociated due to inactivity
Apr 13 19:56:28 hostapd: wlan0: STA 00:a6:a1:43:5c:e3 IEEE 802.11: disassociated due to inactivity
Apr 13 19:56:28 hostapd: wlan0: STA 00:0c:b7:00:ca:99 IEEE 802.11: disassociated due to inactivity
Apr 13 19:56:28 hostapd: wlan0: STA 00:65:bc:0a:e3:e3 IEEE 802.11: disassociated due to inactivity
Apr 13 19:56:29 hostapd: wlan0: STA 00:ad:81:0d:12:57 IEEE 802.11: deauthenticated due to inactivity
Apr 13 19:56:29 hostapd: wlan0: STA 00:33:9d:9e:04:c0 IEEE 802.11: deauthenticated due to inactivity
Apr 13 19:56:29 hostapd: wlan0: STA 00:42:51:e9:95:6d IEEE 802.11: deauthenticated due to inactivity
Apr 13 19:56:29 hostapd: wlan0: STA 00:64:ad:5c:24:66 IEEE 802.11: deauthenticated due to inactivity
Apr 13 19:56:29 hostapd: wlan0: STA 00:be:04:79:ef:c9 IEEE 802.11: deauthenticated due to inactivity
Apr 13 19:56:29 hostapd: wlan0: STA 00:a1:76:b1:77:6f IEEE 802.11: deauthenticated due to inactivity
Apr 13 19:56:29 hostapd: wlan0: STA 00:e0:24:f1:ed:37 IEEE 802.11: deauthenticated due to inactivity
Apr 13 19:56:29 hostapd: wlan0: STA 00:94:29:77:7d:be IEEE 802.11: deauthenticated due to inactivity
Apr 13 19:56:29 hostapd: wlan0: STA 00:d4:ec:65:85:63 IEEE 802.11: deauthenticated due to inactivity
Apr 13 19:56:29 hostapd: wlan0: STA 00:bf:0e:74:93:f4 IEEE 802.11: deauthenticated due to inactivity
Apr 13 19:56:29 hostapd: wlan0: STA 00:8e:19:34:99:63 IEEE 802.11: deauthenticated due to inactivity
Apr 13 19:56:29 hostapd: wlan0: STA 00:22:6d:4f:87:f2 IEEE 802.11: deauthenticated due to inactivity
Apr 13 19:56:29 hostapd: wlan0: STA 00:b3:5c:58:3b:21 IEEE 802.11: deauthenticated due to inactivity
Apr 13 19:56:29 hostapd: wlan0: STA 00:ab:fa:2f:1f:8d IEEE 802.11: deauthenticated due to inactivity
Apr 13 19:56:29 hostapd: wlan0: STA 00:5b:1d:bd:e2:65 IEEE 802.11: deauthenticated due to inactivity
Apr 13 19:56:29 hostapd: wlan0: STA 00:f2:70:7e:26:09 IEEE 802.11: deauthenticated due to inactivity
Apr 13 19:56:29 hostapd: wlan0: STA 00:e1:49:76:31:d0 IEEE 802.11: deauthenticated due to inactivity
Apr 13 19:56:29 hostapd: wlan0: STA 00:69:e4:2c:c1:1f IEEE 802.11: deauthenticated due to inactivity
Apr 13 19:56:29 hostapd: wlan0: STA 00:a6:a1:43:5c:e3 IEEE 802.11: deauthenticated due to inactivity
Apr 13 19:56:29 hostapd: wlan0: STA 00:0c:b7:00:ca:99 IEEE 802.11: deauthenticated due to inactivity
Apr 13 19:56:29 hostapd: wlan0: STA 00:65:bc:0a:e3:e3 IEEE 802.11: deauthenticated due to inactivity

TEST 2. Fake authentication
(http://www.aircrack-ng.org/doku.php?id=fake_authentication)
root@bt:~# aireplay-ng -1 0 -e test -a AP:AP:AP:AP:AP:AP -h C2:C2:C2:C2:C2:C2 mon0
Logi AP
Apr 13 20:38:09 hostapd: wlan0: STA C2:C2:C2:C2:C2:C2 IEEE 802.11: No WPA/RSN IE in association request
Apr 13 20:38:09 hostapd: wlan0: STA C2:C2:C2:C2:C2:C2 IEEE 802.11: did not acknowledge authentication response
Apr 13 20:38:12 hostapd: wlan0: STA C2:C2:C2:C2:C2:C2 IEEE 802.11: No WPA/RSN IE in association request
Apr 13 20:38:12 hostapd: wlan0: STA C2:C2:C2:C2:C2:C2 IEEE 802.11: did not acknowledge authentication response
Apr 13 20:38:15 hostapd: wlan0: STA C2:C2:C2:C2:C2:C2 IEEE 802.11: No WPA/RSN IE in association request
Apr 13 20:38:15 hostapd: wlan0: STA C2:C2:C2:C2:C2:C2 IEEE 802.11: did not acknowledge authentication response
Apr 13 20:38:18 hostapd: wlan0: STA C2:C2:C2:C2:C2:C2 IEEE 802.11: authenticated
Apr 13 20:38:18 hostapd: wlan0: STA C2:C2:C2:C2:C2:C2 IEEE 802.11: No WPA/RSN IE in association request
Apr 13 20:38:21 hostapd: wlan0: STA C2:C2:C2:C2:C2:C2 IEEE 802.11: No WPA/RSN IE in association request
Apr 13 20:38:21 hostapd: wlan0: STA C2:C2:C2:C2:C2:C2 IEEE 802.11: did not acknowledge authentication response
Apr 13 20:38:24 hostapd: wlan0: STA C2:C2:C2:C2:C2:C2 IEEE 802.11: No WPA/RSN IE in association request
Apr 13 20:38:24 hostapd: wlan0: STA C2:C2:C2:C2:C2:C2 IEEE 802.11: did not acknowledge authentication response
Apr 13 20:38:27 hostapd: wlan0: STA C2:C2:C2:C2:C2:C2 IEEE 802.11: No WPA/RSN IE in association request
Apr 13 20:38:27 hostapd: wlan0: STA C2:C2:C2:C2:C2:C2 IEEE 802.11: did not acknowledge authentication response
Apr 13 20:38:30 hostapd: wlan0: STA C2:C2:C2:C2:C2:C2 IEEE 802.11: No WPA/RSN IE in association request
Apr 13 20:38:30 hostapd: wlan0: STA C2:C2:C2:C2:C2:C2 IEEE 802.11: did not acknowledge authentication response
Apr 13 20:38:33 hostapd: wlan0: STA C2:C2:C2:C2:C2:C2 IEEE 802.11: No WPA/RSN IE in association request
Apr 13 20:38:33 hostapd: wlan0: STA C2:C2:C2:C2:C2:C2 IEEE 802.11: did not acknowledge authentication response
Apr 13 20:38:36 hostapd: wlan0: STA C2:C2:C2:C2:C2:C2 IEEE 802.11: No WPA/RSN IE in association request
Apr 13 20:38:36 hostapd: wlan0: STA C2:C2:C2:C2:C2:C2 IEEE 802.11: did not acknowledge authentication response
Apr 13 20:38:39 hostapd: wlan0: STA C2:C2:C2:C2:C2:C2 IEEE 802.11: No WPA/RSN IE in association request
Apr 13 20:38:39 hostapd: wlan0: STA C2:C2:C2:C2:C2:C2 IEEE 802.11: did not acknowledge authentication response
Apr 13 20:38:42 hostapd: wlan0: STA C2:C2:C2:C2:C2:C2 IEEE 802.11: No WPA/RSN IE in association request
Apr 13 20:38:42 hostapd: wlan0: STA C2:C2:C2:C2:C2:C2 IEEE 802.11: did not acknowledge authentication response
Apr 13 20:38:45 hostapd: wlan0: STA C2:C2:C2:C2:C2:C2 IEEE 802.11: No WPA/RSN IE in association request
Apr 13 20:38:45 hostapd: wlan0: STA C2:C2:C2:C2:C2:C2 IEEE 802.11: did not acknowledge authentication response
Apr 13 20:38:48 hostapd: wlan0: STA C2:C2:C2:C2:C2:C2 IEEE 802.11: No WPA/RSN IE in association request
Apr 13 20:38:48 hostapd: wlan0: STA C2:C2:C2:C2:C2:C2 IEEE 802.11: did not acknowledge authentication response
...
Apr 13 20:43:10 hostapd: wlan0: STA C2:C2:C2:C2:C2:C2 IEEE 802.11: disassociated due to inactivity
Apr 13 20:43:11 hostapd: wlan0: STA C2:C2:C2:C2:C2:C2 IEEE 802.11: deauthenticated due to inactivity

TEST 3. Capturing
(http://www.aircrack-ng.org/doku.php?id=airodump-ng)
root@bt:~# airodump-ng -c 5 --bssid AP:AP:AP:AP:AP:AP -w test mon0
Logi AP
Brak

TEST 4. Deauthentication
(http://www.aircrack-ng.org/doku.php?id=deauthentication)
root@bt:~# aireplay-ng -0 2 -a AP:AP:AP:AP:AP:AP -c C1:C1:C1:C1:C1:C1 mon0

15:44:21 Waiting for beacon frame (BSSID: AP:AP:AP:AP:AP:AP) on channel 5
15:44:22 Sending 64 directed DeAuth. STMAC: [C1:C1:C1:C1:C1:C1] [87|107 ACKs]
15:44:22 Sending 64 directed DeAuth. STMAC: [C1:C1:C1:C1:C1:C1] [ 0|63 ACKs]
Logi AP
Apr 13 21:44:22 hostapd: wlan0: STA C1:C1:C1:C1:C1:C1 IEEE 802.11: authenticated
Apr 13 21:44:22 hostapd: wlan0: STA C1:C1:C1:C1:C1:C1 IEEE 802.11: associated (aid 1)
Apr 13 21:44:22 hostapd: wlan0: STA C1:C1:C1:C1:C1:C1 WPA: pairwise key handshake completed (RSN)
Apr 13 21:44:22 dnsmasq-dhcp[1364]: DHCPREQUEST(br-lan) 10.0.0.10 C1:C1:C1:C1:C1:C
Apr 13 21:44:22 dnsmasq-dhcp[1364]: DHCPACK(br-lan) 10.0.0.10
Autor: o 1 komentarz:
Etykiety: , ,
Subskrybuj: Posty (Atom)