Kismet Wireless

Kismet Forums

 

Posted by:alkvkhmtqovmgx
Subject:Kismet + Airport Extreme on Macbook Pros
Date:07:32:25 08/02/2007

> Latest update on the KisMAC site still doesn't support the Airport Extreme card on MackBook Pro's. Anyone know of parallel projects out there that are looking to support Kismet on MBP's?

How about KisMAC?
Link to a download of a compiled KisMAC that might work for you:
http://www.lvlolvlo.net/files/2006/11/kismac-macbook.zip
A bunch of comments, which I've kinda summarized the important ones below:
http://www.cyberhq.nl/2006/06/28/stumbling-with-a-macbook-pro.html
How to compile KisMAC to work for the macbook:
http://screammy.name/projects/kismacmacbook/
Another link on compiling KisMAC sources:
http://kismac.de/_trac/wiki/BuildingFromSource
The KisMAC mailing-list is where you should probably be asking these questions:
http://www.freelists.org/archives/kismac/
Another recent forum post on getting this to work:
http://www.netstumbler.org/showthread.php?t=20466

802.11a/b/g injection attacks do not work (but you can still cause the network to be more active with certain classes of packets, e.g. ARP, ICMP, TCP RST, TCP window size changes, etc). They do not work because nobody knows how to get the Airport Extreme cards to do this as it is not documented well. If you can get scapy, lorcon, or other wifi device driver testing software installed, then you might be able to create more traffic this way as well, usually by blocking or changing the traffic. I know of a program called netsed which might help with this.

However, passive mode works on pretty much anybody's MacBook, MacBookPro (even Core 2 Duo) that I can think of. So cracking DOES work, you just need a lot of packets (1M or so according to the manual). Injection / re-injection attacks make this faster because you get packets faster, not that you are cracking faster.

You can always check your drivers with kextstat:
http://developer.apple.com/documentation/Darwin/Reference/Manpages/man8/kextstat.8.html
note that the WiFi driver itself sits here:
/System/Library/Extensions/IO80211Family.kext/Contents/PlugIns/AirPortAtheros5424.kext/Contents/MacOS/AirPortAtheros5424
which is surprisingly familiar to wlan.ko driver in FreeBSD 6, which is surprisingly similar to madwifi in Linux. Meaning that even the injection attack is almost certainly possible, but nobody has done it yet.

Considering how many people want this - someone will write it eventually. It appears to be reaching critical mass RealSoonNow(tm).

Best of luck.


Reply to this message