HTDark | Underground Hacking Forum and Cybersecurity Community
  • Earn real money by being active: Hello Guest, earn real money by simply being active on the forum — post quality content, get reactions, and help the community. Once you reach the minimum credit amount, you’ll be able to withdraw your balance directly. Learn how it works.

Marfil - An Extension of the Aircrack-ng Suite used to assess WiFi Network Security

Status
Not open for further replies.
Z

z3r0

Leech
User
Joined
May 18, 2016
Messages
11
Reputation
0
Reaction score
26
Points
13
Credits
0
‎9 Years of Service‎
74%
marfil.gif


Marfil is an extension of the Aircrack-ng suite, used to assess WiFi network security. It allows to split the work of performing long running dictionary attacks among many computers.

Motivation

The Aircrack-ng suite provides the aircrack-ng tool, which is a 802.11 WEP and WPA/WPA2-PSK key cracking program. When cracking the latter, a dictionary or word list has to be used. The longer these dictionaries are, the longer the process takes. Depending on your hardware it could even take days or weeks.

If you happen to have some additional hardware at your disposal aircrack-ng does not allow you to distribute the load between them: you have to choose the fastest one and stick to it. This is exactly where Marfil comes to play.

Solution

Marfil is a php-based tool that distributes the cracking load between different nodes. The approach followed is considerably simple: instead of using only one node to crack a .cap file using a big dictionary it splits the dictionary and distributes it among the rest of the nodes. The high-level process goes like this:

  1. Dictionaries to use are configured in the server node
  2. A client node sends a crack request to the server includes a .cap file and the BSSID of the target network)
  3. Clients ask the server for work
  4. Once work is needed the server answers with a .cap file and BSSID along with a dictionary piece
  5. Clients perform the cracking on their own and when finished return the result
  6. The server updates the status of the crack request according to the result
  7. Eventually, either the .cap file is processed against all parts of a dictionary without success or the password is found
  8. The process repeats. Note the first step is only needed for the first time or whenever the dictionaries are updated. The server node can also work as a client node.


Requirements

  1. aircrack-ng suite
  2. PHP >= 5.5.9
  3. SQLite module for PHP5 (only needed for the server node)
  4. Composer (only needed if you do not download the release from the releases section)


Marfil has only been tested on Linux so far. However, the approach followed and the tools used are considerably platform-independent so it should also work on Windows or Mac.

Setup

Initial setup and dictionary configuration

  1. Download the most up-to-date file in the release section
  2. Decompress it in all your nodes (server and clients)
  3. Install PHP5 and the aircrack-ng suite in all clients


On Debian Linux you can do this by running this command:

Code: 
>sudo apt-get install php5 aircrack-ng
Install SQLite module for PHP5 on the server

On Debian Linux you can do this by running this command:

Code: 
>sudo apt-get install php5-sqlite
On the server node, start a web server setting the root as the public directory in the Marfil directory

Using PHP's built-in web server, this can be done by running the following command in the Marfil directory:

Code: 
>php -S 0.0.0.0:8080 -t public
You can test this worked by accessing
This link is hidden for visitors. Please Log in or register now.
in a browser on your server node and see an empty list of crack requests

Make sure you can access the web server from your clients by accessing http://YOUR_SERVER_IP_ADDRESS:8080 in a web browser from your clients

Place dictionaries in the storage/app/dictionaries directory. Search the web for word lists, if you don't have any

Execute this command in the Marfil directory to split the dictionaries into pieces and prepare the dictionary database (depending on the size of the dictionaries, it might take a while):

Code: 
>php artisan marfil:refresh-dictionaries
Adding crack requests and working on them

In order to add crack requests, a .cap file with the WPA handshake and the BSSID of the target network is needed. This can either be done through the web server interface or by executing the following command in the Marfil directory of any node:

Code: 
>php artisan marfil:crack YOUR_SERVER_IP_ADDRESS:8080 path/to/file.cap 01:23:45:67:89:AB
Any successfully generated crack request can be displayed in the web server interface

Any of the nodes can be used as a worker client. In order to do so just run the following command in the Marfil directory:

Code: 
>php artisan marfil:work YOUR_SERVER_IP_ADDRESS:8080
This command will make the client ask for work every 60 seconds. When the server responds with work, the client will download the needed files and try to crack the .cap file.

Progress can be tracked by means of the web interface

Support

If any issue is found, please, report it providing all the needed information to reproduce it. Failing to do so will result in the ticket being closed.

Some additional notes:

  • It is possible to watch server logs by monitoring storage/logs/lumen.log file
  • The database can be regenerated by running this command:



Code: 
>php artisan migrate:refresh
DOWNLOAD LINK :-
This link is hidden for visitors. Please Log in or register now.


 
Last edited by a moderator:
Status
Not open for further replies.
Back
Top