Jump to content
YOUR-AD-HERE
HOSTING
TOOLS

Locked Marfil - An Extension of the Aircrack-ng Suite used to assess WiFi Network Security

z3r0

By z3r0
in Wireless Linux

 Share

Recommended Posts

z3r0 Noob

z3r0

Posted
Posted (edited)

This is the hidden content, please

 

Marfil is an extension of the Aircrack-ng suite, used to assess WiFi network security. It allows to split the work of performing long running dictionary attacks among many computers.

 

Motivation

The Aircrack-ng suite provides the aircrack-ng tool, which is a 802.11 WEP and WPA/WPA2-PSK key cracking program. When cracking the latter, a dictionary or word list has to be used. The longer these dictionaries are, the longer the process takes. Depending on your hardware it could even take days or weeks.

If you happen to have some additional hardware at your disposal aircrack-ng does not allow you to distribute the load between them: you have to choose the fastest one and stick to it. This is exactly where Marfil comes to play.

 

Solution

Marfil is a php-based tool that distributes the cracking load between different nodes. The approach followed is considerably simple: instead of using only one node to crack a .cap file using a big dictionary it splits the dictionary and distributes it among the rest of the nodes. The high-level process goes like this:

  1. Dictionaries to use are configured in the server node
  2. A client node sends a crack request to the server includes a .cap file and the BSSID of the target network)
  3. Clients ask the server for work
  4. Once work is needed the server answers with a .cap file and BSSID along with a dictionary piece
  5. Clients perform the cracking on their own and when finished return the result
  6. The server updates the status of the crack request according to the result
  7. Eventually, either the .cap file is processed against all parts of a dictionary without success or the password is found
  8. The process repeats. Note the first step is only needed for the first time or whenever the dictionaries are updated. The server node can also work as a client node.

 

Requirements

  1. aircrack-ng suite
  2. PHP >= 5.5.9
  3. SQLite module for PHP5 (only needed for the server node)
  4. Composer (only needed if you do not download the release from the releases section)

 

Marfil has only been tested on Linux so far. However, the approach followed and the tools used are considerably platform-independent so it should also work on Windows or Mac.

 

Setup

 

Initial setup and dictionary configuration

  1. Download the most up-to-date file in the release section
  2. Decompress it in all your nodes (server and clients)
  3. Install PHP5 and the aircrack-ng suite in all clients

 

On Debian Linux you can do this by running this command:

 

This is the hidden content, please

 

Install SQLite module for PHP5 on the server

On Debian Linux you can do this by running this command:

 

This is the hidden content, please

 

On the server node, start a web server setting the root as the public directory in the Marfil directory

Using PHP's built-in web server, this can be done by running the following command in the Marfil directory:

 

This is the hidden content, please

 

You can test this worked by accessing http://localhost:8080 in a browser on your server node and see an empty list of crack requests

Make sure you can access the web server from your clients by accessing http://YOUR_SERVER_IP_ADDRESS:8080 in a web browser from your clients

Place dictionaries in the storage/app/dictionaries directory. Search the web for word lists, if you don't have any

Execute this command in the Marfil directory to split the dictionaries into pieces and prepare the dictionary database (depending on the size of the dictionaries, it might take a while):

 

This is the hidden content, please

 

Adding crack requests and working on them

In order to add crack requests, a .cap file with the WPA handshake and the BSSID of the target network is needed. This can either be done through the web server interface or by executing the following command in the Marfil directory of any node:

 

This is the hidden content, please

 

Any successfully generated crack request can be displayed in the web server interface

Any of the nodes can be used as a worker client. In order to do so just run the following command in the Marfil directory:

 

This is the hidden content, please

 

This command will make the client ask for work every 60 seconds. When the server responds with work, the client will download the needed files and try to crack the .cap file.

Progress can be tracked by means of the web interface

 

Support

If any issue is found, please, report it providing all the needed information to reproduce it. Failing to do so will result in the ticket being closed.

Some additional notes:

  • It is possible to watch server logs by monitoring storage/logs/lumen.log file
  • The database can be regenerated by running this command:

 

This is the hidden content, please

 

DOWNLOAD LINK :-

This is the hidden content, please

Edited by z3r0
Link to comment
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.