AirSnort is a wireless LAN (WLAN) tool which recovers encryption keys. AirSnort operates by passively monitoring transmissions, computing the encryption key when enough packets have been gathered.

802.11b, using the Wired Equivalent Protocol (WEP), is crippled with numerous security flaws. Most damning of these is the weakness described in ” Weaknesses in the Key Scheduling Algorithm of RC4 ” by Scott Fluhrer, Itsik Mantin and Adi Shamir. Adam Stubblefield was the first to implement this attack, but he has not made his software public. AirSnort, along with WEPCrack, which was released about the same time as AirSnort, are the first publicly available implementaions of this attack.

AirSnort requires approximately 5-10 million encrypted packets to be gathered. Once enough packets have been gathered, AirSnort can guess the encryption password in under a second.

AirSnort 0.2.6 Requirements

AirSnort runs under Windows or Linux, and requires that your wireless nic be capable of rf monitor mode, and that it pass monitor mode packets up via the PF_PACKET interface. Cards known to do this are:

  • Cisco Aironet
  • Prism2 based cards using wlan-ng drivers or Host-AP drivers
  • Orinoco cards and clones using patched orinoco_cs drivers
  • Orinoc cards using the latest Orinoco drivers >= 0.15 with built in monitor mode support
  • And many others.
  • Windows: Any(?) card supported by Airopeek.

Download airsnort-0.2.7.tar.gz (204.7 KB)

Post By Gishore J Kallarackal (2,121 Posts)

Gishore J Kallarackal is the founder of techgurulive. The purpose of this site is to share information about free resources that techies can use for reference. You can follow me on the social web, subscribe to the RSS Feed or sign up for the email newsletter for your daily dose of tech tips & tutorials. You can content me via @twitter or e-mail.

Website: → Techgurulive

Connect