Appendix 1: Using PTW

The aircrack-ng suite has had a couple of very beneficial releases since BackTrack came out. The most important is the addition of the PTW WEP cracking method, which requires significantly fewer captured IVs. You can see our impressive results here.

If you want to use the PTW method, you'll need to download and install the latest aircrack-ng version from here (0.9.1 as we write this).

Type the following after you log into BT2 to download and install aircrack-ng 0.9.1:

wget http://download.aircrack-ng.org/aircrack-ng-0.9.1.tar.gz
tar -zxvf aircrack-ng-0.9.1.tar.gz
cd aircrack-ng-0.9.1
make
make install

The whole process takes less than a minute. Note that you'll need to do this each time you start up BT2, unless you install BT2 to your hard drive.

To use PTW, you'll need to capture the entire packet instead of just the IV. So you need to omit the --ivs switch from the airodump command:

airodump-ng --channel [AP channel]
      --bssid [AP BSSID] --write capturefile ath0

You'll also need to just add the -z switch to the aircrack-ng command lines that you see in the tutorial and be sure to use the .cap instead of the .ivs suffix on the capture file name, i.e.

aircrack-ng -z -b 00:06:25:B2:D4:19 capturefile*.cap