Saturday, April 24, 2010

Aircrack-ng 1.1

Aircrack-ng 1.1 is released ;)

A lot of bug fixes (including the buffer overflow in different tools) and improvements have been done. The most noticeable changes are the addition of airdrop-ng by TheX1le and the interaction in airodump-ng.

Here is the changelog:
- airdrop-ng: New tool by TheX1le.
- airodump-ng, aircrack-ng, airdecap-ng, airbase-ng: Fixed buffer overflow in airodump-ng due to forged eapol frame.
- aircrack-ng: Fixed multicast detection (WPA handshake detection).
- airodump-ng: Added interaction (see wiki for the commands).
- airodump-ng: Fixed client time in netxml file.
- airtun-ng: Add WDS and bridge support.
- airbase-ng: automatically set privacy bit to 1 if WPA or WPA2 is used (-Z or -z option).
- airmon-ng: Updated iw URL for v0.9.19.
- airdriver-ng: Fixed link for madwifi-ng.
- aireplay-ng: Chopchop enhancement to not stop but wait on deauth packets.
- tkiptun-ng: Fixed segfault.
- wesside-ng: Fixed compilation bug with recent version of gcc.
- cygwin: Compiling sqlite isn't necessary anymore, libsqlite3-devel package can be used.
- osdep: Strict aliasing and x86_64 fix.
- osdep: Add tap support for Darwin/OS X. Still require tuntaposx from sourceforge to work.
- All: Fixed compilation on cygwin 1.7.
- All: Fixed compilation on recent version of OSX.
- manpages: Fixed aireplay-ng manpage for attack 0: not disassociation packets, deauth packets.
- manpages: Added the keys for interaction in airodump-ng.
- patches: Added regulatory domains override patches for atheros drivers (ath5k, ath9k and ar9170).
- patches: Added 2.6.32 patch for r8187 driver (ieee80211).
- Makefiles: Fixed make uninstall.

Download: aircrack-ng-1.1.tar.gz

Monday, April 5, 2010

Monthly news (April 2010)

Project news:
- ebfe, who created airolib-ng, released an exploit for airodump-ng, aircrack-ng, airdecap-ng. You can find more information in his blog (Post 1, Post 2) but it just makes the tools crash, no real exploit released. It will be fixed in the next few days before the release (v1.1).
- Nearly everything has been moved to the new server, only forum, trac and buildbot needs to be moved :).
- Do you remember I wrote that trac didn't display svn commits for some unknown reason? That's now fixed, I just had to comment out a line in trac.ini.
- For those who can't open the website due to URL filtering, use whydoyoublock.me. It's not a mirror, it points to the exact same content as www.aircrack-ng.org.

Forum news:
- Patches to override the regulatory domain for ath5k, ath9k and ar9170.
- The work on the C# GUI for aircrack-ng, WepCrackGUI, continues. And here is a blog post in italian about it.
- Beini now has its own website. Here is the forum thread.
- Wordlist generation:
    * Here and there
    * Here is a script by Zermolo to generate wordlist with only numbers, called permutate and another post in the same thread about the same subject with JTR.
    * Creating custom rules for John.
    * Word field is an incremental word list generator.

Other news:
- I'll speak at Sharkfest. It will take place in the main campus of the Standford University, June 14-17.
- Ever heard about NeoPwn? Version 2 will be based on the Nokia N900 and will be Backtrack Mobile.
- Remember spoonwep and spoonwep 2? Shamanvirtuel is working on spoonwep 3. Public beta release is planned between 15th-30th April.
- If you're using SliTaz, you might be interested to know that they released v3.0 a week ago.

Thursday, April 1, 2010

<AprilFool>Backcrack-ng v1.1</AprilFool>

EDIT: This is an April Fool

The BackTrack team is happy to announce the acquisition of the Aircrack-NG project, as well as a new, long awaited update to v 1.1. The acquisition will mark a turning point to the Aircrack-NG project in more than once sense, and we are looking forward to see the project grow.

The new version of Aircrack-ng (to be renamed "backcrack-ng") is available in the SVN repositories for your testing: