sugar and spice and everything Lophtcrack (802.11b)

**blackwave** · January 18, 2003, 08:47

actually you would probably have better luck running windows xp and using VMWare to run *nix using a USB 802.11b client (eg: ORiNOCO USB Client)

**converge** · January 18, 2003, 09:12

somehow I think that misses the boat though.... (having re-read the initial post)

**drovdiggin** · January 18, 2003, 12:17

Oversight-- I had the same notion about running LC4 in Wine. I actually tried it, but couldn't get LC to install under wine. During setup, there was an error launching ikernel.exe. I spent quite a while trying to make this work with no success.

Black-- I'm not sure what running VMWare with an 802.11b USB client would get me. I already have Linux running my sniffer properly on my current system. (This happens to be a dual boot Win2000/Gentoo laptop with Cisco wireless card.) So, 'getting' the wireless hashes is not a problem.

While in LC4, there is an option to import hashes by opening either a .lc or .lcs file. I would think once the format of these files is known, one could use a text editor and put whatever hashes they wanted into the file. Maybe I'm grasping, but this seems like a doable thing... does anyone have an example .lc or .lcs file they could post here?

**skroo** · January 18, 2003, 23:46

Re: sugar and spice and everything Lophtcrack (802.11b)

Originally posted by drovdiggin
Since Loftcrack runs on Windows, and my wireless sniffer is on Linux, is there a way to import the capture file to Loftcrack?

Yes and no. What I usually do is grab the raw NTLMs and crack them on my Palm Pilot. This saves a reboot to another OS, but requires manually grepping the traffic capture for NTLMs. Not elegant, but it works.

Loftcrack has a built in sniffer, but getting windows drivers to work in promiscuous mode is problematic if not impossible.

Out of curiosity, what NICs are you trying to do this on, and under which OSes? I haven't had that problem on any of the sniffer boxes I use with NT, 2000, or XP. In fact, even running the Win32 version of Ethereal I haven't seen anything like this unless the OS itself was fubared to hell and back.

**russ** · January 21, 2003, 06:55

Originally posted by 0versight
Its a long shot that Id doubt would work at all.... Stupid even, but its late and im just typing stupid shit, anyway, If you have a dual-boot of Windows/Linux, You can TRY to use Wine to run it, but I doubt it if it'll work, All the distros automatically support Fat32, but Im not too sure for NTFS, If you're running Red Hat, there is an rpm to support NTFS , it doesnt support it by default. Hope this helped.

You'll have support for the NTFS under most newer kernels. But it's a READ ONLY access. The READ WRITE thing on NTFS partitions is particularly hazardous.

But yeah, WINE is a good potential substitute. There's a product called Crossover Office that works particularly well under Mandrake and Slackware and lets us run most Windows proggies....

**murakami** · January 22, 2003, 08:51

Does Redhat even have an NTFS rpm for download? I couldn't find it on their site. I use this one:

http://linux-ntfs.sourceforge.net/info/redhat.html

**redhook** · January 23, 2003, 12:16

Have you tried using Ethereal for Win32? Just a thought.

Redhook

**drovdiggin** · January 23, 2003, 16:39

Yep, I have used ethereal for win32, but the problem is that the Cisco Aironet 350 card I'm sniffing with won't capture in promiscuous mode in windows. Windows dirver limitation I think :(

sugar and spice and everything Lophtcrack (802.11b)

sugar and spice and everything Lophtcrack (802.11b)

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment