GRIM WEPA was written in Java and is intended for use with the Linux Operating System (specifically the Backtrack 4,5 distribution).

GrimWepa 1.1 has been translated for Português-Brasil users. It is available in the downloads section.

Update

GRIM WEPA is no longer being supported

GRIM WEPA is on an indefinite hiatus while I work on other projects.

Please use Wifite instead of GRIM WEPA. Wifite is a newer wifi cracker with more functionality and stability than GRIM WEPA. Wifite is available here: http://code.google.com/p/wifite/

Please update your bookmarks and links accordingly.

This project will remain open so that I may eventually update GrimWepa.

Overview

GRIM WEPA is a password cracker for both WEP and WPA-encrypted access points (routers). This program uses the following applications and suites:

• aircrack-ng suite:
• aircrack-ng, to crack WPA and WEP;
• airodump-ng, to capture packets and find access points;
• airmon-ng, to enumerate devices in monitor mode;
• aireplay-ng, to forge and replay packets;
• and packetforge-ng, to create replay packets.
• iwconfig, to see if devices are in monitor mode;
• xterm, to show output to user;
• ifconfig, to get the MAC address of devices;
• macchanger, to change MAC address of wifi cards.

These applications are required for GRIM WEPA to run properly. All of these applications come standard with Backtrack4.

note: the settings & configuration file for Grim Wepa is saved to /etc/grimwepa.conf

About

GRIM WEPA's cracking methods are archaic and have been around for years. It simply uses the existing cracking methods in aireplay-ng (for WEP) and aircrack-ng (for WPA). Grim Wepa is similar in style and functionality to shamanvirtuel's Spoon series (SpoonWEP, SpoonWPA, and SpoonDRV). The Spoon suite is still available, though it is not kept updated.

The Backtrack 4 Linux distribution has a default WEP/WPA cracker, but it does not work properly for me; also, the Spoon series does not run properly for me on BT4, so I created GRIM WEPA foforforr myself and as an homage to shamanvirtuel.

Options

GRIM WEPA has only two options: Crack WEP-encrypted access points (routers) and crack WPA-encrypted access points. The program can search for new targets, and auto-selects your cracking method. The options for each method are as follows:

Attacks for WEP-encrypted Access Points

• ARP-Replay attack
• Chop-chop attack
• Fragmentation attack
• p0841 attack
• Cafe-Latte attack
• Cracking options:
• aircrack-ng is able to crack just about any WEP password after about 20,000 IV (Initialization Vector) data packets have been captured. The capture usually takes about 2 minutes, and the crack another 2-3 minutes.

Attacks for WPA-encrypted Access Points

• Basic deauthorization attack to get handshake.
• Cracking:
• GRIM WEPA includes a 2MB default password list containing approximately 250,000 commonly-used passwords.
• Wordlist / Dictionary / Brute-force attack: Currently, there is only one consistent method of cracking WPA, and that is by brute force. aircrack-ng can crack hundreds of passwords per second, so this method is not nearly as arbitrary as has been proposed.

Execution

To run GRIM WEPA, navigate to the file's location in Terminal and type:

java -jar grimwepa_X.X.jar

at the command line prompt, where X.X is your version of grimwepa.

Run GRIM WEPA as root!

I have posted a Step-by-Step Tutorial, and also a Troubleshooting Guide.

Installation

Installation is not required for GRIM WEPA to run properly, but it is recommended if you use are going to GRIM WEPA frequently.

GrimWepa can be downloaded and installed by running the "grimstall.sh" script.

For Backtrack Users: To download the install script via wget, change permissions on it, and run the install script (which will download the latest version of grimwepa and install it), copy-and-paste the below code into console (as root!):

wget http://grimwepa.googlecode.com/files/grimstall.sh
chmod 755 grimstall.sh
./grimstall.sh install

Note: Change the directory from /pentest/wireless/grimwepa/ to whichever directory you want to install to ; /pentest/wireless is commonly found in Backtrack distributions ; all files in the selected directory will be deleted (a prompt will confirm this); don't forget the / at the end!

A more-detailed installation guide can be found here, in the wiki.

Sample Video

          
Download GrimWepa | Download Wordlist

Source : http://www.linux-security.ucoz.com

"If I had eight hours to chop down a tree, I’d spend the first six of them sharpening my axe.”

-Abraham Lincoln

This saying has followed me for many years, and is a constant reminder to me that approaching a problem with the right set of tools is imperative for success. So what does this semi philosophical opening have to do with the Metasploit Framework? Before approaching a penetration test or an audit, I take care to "sharpen my tools” and update anything updatable in BackTrack. This includes a short chain reaction, which always starts with a prompt "msfupdate” of the Metasploit framework.

I consider the MSF to be one of the single most useful auditing tools freely available to security professionals today. From a wide array of commercial grade exploits and an extensive exploit development environment, all the way to network information gathering tools and web vulnerability plugins. The Metasploit Framework provides a truly impressive work environment. The MSF is far more than just a collection of exploits, it's an infrastructure that you can build upon and utilize for your custom needs. This allows you to concentrate on your unique environment, and not have to reinvent the wheel. ... Read more »

Hacking WPA 2 Key – Evil Twin (No Bruteforce)

In an ealier post, we’ve seen how to crack WPA-2 network keys using a dictionary.

 

While that technique works, it could take an awful long time, especially when brute forcing.

 

On this technique, named ‘Evil Twin’, we take a different perspective to the attack. Using a powerful long range wireless card (Alfa AWUS036NH), we clone the target network to confuse our victim. Then, we deauthenticate the victim from his own wireless network and wait until he connects to our access point – which looks exactly like his. 

... Read more »