Cracking password-protected wifi via OS X.

Live forum:


20-09-2009 16:52:25

I've been accessing the internet using someone's unprotected wifi, but it's pretty slow and unreliable, so I'd like to start cracking some of the protected wifi that's closer to my apartment.

I've looked online for ways to do this but all the scripts/programs for it seem to be designed for Windows or Linux.

Anyone have any experience or know of any programs for that kind of thing?


20-09-2009 18:44:28

Why don't you move apartments so that there's WiFi in the building, or closer to a library?


20-09-2009 19:08:14

Won't a lot of programs designed for linux fun on OS X?


20-09-2009 19:53:00



20-09-2009 21:48:29



21-09-2009 10:05:59

/agreed with KisMac. It's pretty good software, left it on getting info overnight, cracked 2 WEP networks within 3 minutes the next day.

Weak Scheduling attack was used... if you have a nice wordlist, you could try a wordlist attack without waiting to gain info on the router.


24-09-2009 13:58:00

Thanks for your suggestions, guys.

I've been running KisMac the past couple days, it kept crashing after a while so I had to keep saving the packets, couldn't run it overnight. Anyway, I collected about 130,000 packets for the wifi I'm trying to get into, and then did a Weak Scheduling Attack. Let that run until it tried 1.1 billion keys, and it still didn't crack it.

Any suggestions? Am I just not letting it run long enough or is something wrong?


24-09-2009 16:00:47

I fucked with that program a long time ago just for fun and though I can't remember the details of exactly what happened, I actually managed to get the hexadecimal but once converted, it didn't make any sense. I think I tried a few things, but ultimately ran out of patience and gave up.


05-10-2009 11:21:58

WEP cracking does not require a brute-force key attack last I checked, with just a few packets it can grab the keys it needs to get in almost immediately, no matter the size of the key. I've seen WEP cracks happen in literally seconds before, from start of scan to being authenticated. WEP keys are fixed length, either 40/64 bits or 128 bits, they're not of arbitrary length like WPA.

Problem is few (who have a clue) are still using WEP these days because it is so insecure. Almost anyone using security is using WPA, which is much much harder to get into and usually requires a brute-force attack against a weak password.

Not that I'm condoning your blatent theft of wifi (a crime in some jurisdications, so be aware of that), but you might also try setting up your own router in repeater mode to strengthen the signal of the router/AP you're currently accessing. Using an aftermarket firmware like DD-WRT should make that pretty trivial.


05-10-2009 20:33:16

Do you have any idea why Kismac isn't cracking the wifi then?

As for using my router, I don't have one... just the laptop. So I'm still trying to figure out how to go about doing this. Bootcamp might work but seems like a big pain in the ass, and I don't even have the HD space for it without having to reorganize a bunch of shit anyway.

And as far as ethics go, it is a case of free-riding. Normally I am against that too (littering, etc.) but since there's no chance of a tragedy of the commons (I won't be using much bandwidth), and since I won't be trying to crack into their computers, it's a victimless crime. (Unless you count the internet service providers who don't get my money, but I would not be ordering my own internet anyway.)


06-10-2009 09:03:36

There are so many things wrong with your tragedy of the commons argument that it's not worth responding. However, suffice it to say your opinion of activities is blinded by your own self-worth.


06-10-2009 22:02:58

I wasn't really looking to start a moral argument, but since I don't think anyone is going to help me with this then we may as well make the thread worth something. (Or not. If it's stupid, a mod can lock it and that's that.)

The personal attack is half-warranted since I am somewhat of a douche on this forum, but overlooking that I honestly don't see the moral issue with stealing internet to use low amounts of bandwidth if the alternative is getting infrequent internet on an open network.

I do have an issue with theft—I've never stolen anything "tangible," hell I don't even pirate software anymore or download music illegally—but I don't see who the victim is here, given my intentions.