KisMAC

Posted on December 27th 2011, by Prasenjit Banerjee.

KisMAC is an open source wireless network discovery application designed for Mac OS X consisting of a wide variety of features. Images Of KismacUnlike other similar programs, KisMAC is essentially made for network security professionals. This might make the application somewhat difficult to grasp for beginners. It is a free software which is distributed under GNU General Public License.

The KisMAC application actively scans for networks on cards supported by Mac OS X. It also scans passively for networks on other supported cards. The program has an advantage over certain other programs like MacStumbler / NetStumbler / iStumbler as it can use passive scanning and monitor mode.

KisMAC to Crack WPA/WEP with Wordlists

KisMAC can perform various functions like using brute force to crack WPA and WEP keys as well as working with a monitor mode enabled card to exploit various flaws such as badly generated keys and weak scheduling. A supportable card like Prism2 or Ralink can be used for packet reinjection. By attaching a GPS receiver with NMEA compatibility, one can also perform the function of GPS mapping.

KisMAC requires a wordlist that is written in plain text format and includes the various words and phrases that the application can try out. You can download the wordlist from the official site.

It is also possible to save important data in PCAP format and load them into packet analyzing programs such as the Wireshark.

KisMAC Features

The KisMAC application has the following key features:

  • Reveals cloaked / hidden / closed SSIDs
  • PCAP import and export
  • Shows the logged in clients (with MAC Addresses, signal strengths and IP addresses)
  • Support for 802.11b/g
  • GPS support and Mapping
  • Capable of drawing area maps of network coverage
  • AppleScript-able
  • De-authentication attacks
  • Different attacks against encrypted networks
  • Kismet drone support (capture from a Kismet drone)

The latest version of KisMAC, version 0.3.3 released on February 7th, 2011 fixed several bugs and crashes. However, it still does not support joining WPA2 and WPA networks.

Hardware chipsets supported by KisMAC

KisMAC can support many third party PCMCIA cards. Other chipsets are now also in progress for complete support. The internal AirPort hardware is completely supported for scanning.

The various hardware chipsets supported by KisMAC are:

  • Apple AirPort and AirPort Extreme (these are dependent upon Apple’s drivers)
  • Realtek RTL8187L USB (such as the Alfa AWUS036H)
  • Intersil Prism 2, 2.5, 3 in PCMCIA and USB devices
  • Intersil PrismGT
  • Atheros PCMCIA
  • Lucent Hermes I & II (Orinoco 2 and 11 Mbit)
  • Cisco Aironet (with older 4.xx firmware)
  • Ralink rt2570 and rt73 USB devices

KisMAC Crypto support

KisMAC offers the following crypto support:

  • Brute force attacks against WPA, WEP and LEAP
  • Newsham 21-bit attack against WEP
  • Weak scheduling attack against WEP

KisMAC Tutorial

Here is a brief guide on how to use the KisMAC application:

Installing KisMAC

  • Download and install KisMAC from the official site.
  • Plug in your Injection device. Remember not to install the drivers of the card or USB adapter.
  • Now start KisMAC application.

Selecting KisMAC Injection Device

  • On the Tab KisMAC > Preferences > Drivers, Select your Injection device i.e.: “USB RT73 device”. In case you have doubts as to what you should choose, check the “approved” hardware list.
  • Click on “Add”
  • Check box “Use as primary device”
  • Select only 1-13 if you are in Europe, 1-11 if you are in USA, 1-14 if you are in Japan. On certain cases, ch 12-14 are prone to pick up interferences from some other home devices. Hence it is safe to stay within 1-11
  • Check the box “keep everything”
  • Close the Dialog Box
  • Select “Start Scan” on the main screen. KisMAC will now scan for all accessible networks.
  • Look for a particular network having a WEP key (column “ENC”) and a healthy signal as well as traffic

Scanning For Available Networks

OR

  • Enter “WEP” on the search box and select “encryption” to filter the results
  • If the Column ENC is “NO”, then it means the network is OPEN and hence there is no need to crack it.
  • Once you have chosen a network, look for the CHANNEL associated with the network, for example, 1, 2 etc.
  • Go back to Preferences > Drivers, and select the chosen network, for example 1.
  • Let KisMac operate for 5 minutes and collect data.
  • Select “Reinject Packets” on the “NETWORK” Tab. After this KisMAC will try to reinject packets that will speed up the process.
  • Keep an account of the “Unique IV’s” number. Once the number has reached at least 130,000 (the recommended number is 200,000), you may start to consider cracking it.

Reinjecting Packets

  • Let KisMac operate for 5 minutes and collect data.
  • Select “Reinject Packets” on the “NETWORK” Tab. After this KisMAC will try to reinject packets that will speed up the process.
  • Keep an account of the “Unique IV’s” number. Once the number has reached at least 130,000 (the recommended number is 200,000), you may start to consider cracking it.

How to Crack

As soon as you have collected enough, on the NETWORK Tab, select “Crack” > “Weak Scheduling Attack” > “Against Both”. KisMAC will now try to crack the key.

An important thing to remember is that the higher is the “Unique IV’s” number, the greater are the chances to crack the key. Having a higher “Unique IV’s” number also makes the process much faster.

KisMAC Download for Mac

KisMAC is available for download for Mac OS X (Lion, Snow Leopard or later) based PC’s and notebooks.

Download KisMAC

You can also download KisMAC binaries for the different versions of Mac OS X from various reputable sources. These binaries perform important functions such as providing support for hardware chipsets, trunk and USB drives and injection support. Various binaries, such as r221, r226, r239, r279, r319 and r407 are easily available for download online.

KisMAC FAQs

You can check the FAQ section of KisMAC by visiting http://trac.kismac-ng.org/wiki/FAQ for a more elaborate explanation on your further queries.

KisMAC System Requirements

The latest version of KisMAC (0.3.3) is supported by Intel or Mac OS X 10.6 or other later OS versions.

KisMAC For Windows and Linux

The KisMAC application is essentially made for Mac OS X and it does not work on Windows based computer systems. However, there are several other useful wireless network discovery applications which are suitable for Linux and Windows operating systems.

KisMAC Alternatives

Here is a list of some alternative software that can be used as replacements for KisMAC:

  • Wireshark
  • iStumbler
  • NetSpot
  • inSSIDer
  • Packetyzer
  • AirRadar
  • Vistumbler
  • NetworkMiner
  • Xirrus Wi-Fi Inspector
  • Kismet
  • Ethereal
  • Wellenreiter
  • Mognet
  • Airsnarf

Posted under: Mac OS

Leave a Reply

«
»