KisMAC Manual - Getting started with KisMA

Before you can begin using KisMAC you must open the Preferences pane and select the appropriate driver for use with your wireless card.

1.

Open the Preferences pane from the KisMAC menu and click on the Driver icon.

Note: Each of these drivers will prevent you from using your wireless card to access networks

while KisMAC is running. KisMAC must use one of these drivers to scan for networks. For more information about driver capabilities, see the expanded driver section later in this manual.

2. There are six different drivers to choose from: 1. The first is the Apple Airport or Airport Extreme card, which operates in active mode. This means that you can still use your wireless card, but you will not have full functionality when using KisMAC. This is the driver you want to use if you have an Apple branded Airport card and all you want to do is search for networks. If you have an Apple Airport, or Apple Airport Extreme card and would like to operate it in active mode, choose this driver. If you just want to simply wardrive, choose this driver - it will not see closed networks, but closed networks are nearly always WEP or WPA'ed, which are no use to you. You can't crack networks with this driver. 2. The second driver is for the Apple AirPort Extreme card in passive mode. This has recently been reverse-engineered and now works in passive mode. 3. The second driver is for the Apple Airport card, passive mode. You will not be able to access any networks while in passive mode, but you will have expanded capabilities in KisMAC. This driver does not work with Airport Extreme cards (use the previous one). If you have an Apple Airport card, and you want to operate it in passive mode, choose this driver. 4. The third driver is for Prism2/Orinoco/Hermes cards. It operates only in passive mode. If you have a Prism2, an Orinoco, or a Hermes card, choose this driver. 5. The fourth driver is for Cisco Aironet cards. It operates only in passive mode. If you have a Cisco Aironet card, choose this driver. 6. The fifth driver is for if you have a USB wireless adapter with a Prism2 chipset. It operates only in passive mode. If you have a USB device with a Prism2 chipset, choose this driver. 7. The sixth driver is for Atheros based cards. It operates only in passive mode. If you have a Atheros based card, choose this driver. 3. Note: if you do not know which driver to use, you can refer to the table of common card brands at the end of this chapter. Updates to KisMAC are released more frequently than updates to the documentation, if this information is not up to date, please submit a new version. 4. KisMAC also allows permanently enabling Airport Extreme to operate in passive mode. To enable this feature check the box at the bottom of the window (requires reboot). Note: If enabled, your wireless card can

6.

be used by other applications however, this can cause your data to be captured in the dump and result in confusion. 5. Your password will be asked for each time you start KisMAC because the drivers must be loaded and unloaded. If you would like KisMAC to load the drivers without asking for your password, check the Make scripts SUID root checkbox. You can also use the KisMAC Driver Tool, installed with KisMAC, to start or stop the drivers.

After selecting a driver, you can now use KisMAC to scan for networks by clicking on the scan button in the main window. It is recommended however, that you go through all of the preferences in order to get the best KisMAC experience.

Scanning Preferences

1.

WI-FI networks have 11 possible channels (14 non-us, 13 in Europe). A typical access point will be available on 3 channels a time, since these channels actually overlap. In order to detect all networks, KisMAC will make the wireless card "hop" between all selected channels. The frequency field changes how often KisMAC changes channels. Before you select channel 12-14 please make sure your card can use this channels, otherwise strange side effects might occur, such as phantom base stations being detected, inability to detect anything else, or simply just nothing - the wireless card may shut down.

2.

3.

Once you find a network that you want to monitor, it is recommended that you only select the channel the network uses in order to capture more data from that network. Note: Cisco Aironet cards perform hopping internally and the settings will be disabled when using one of these cards. The dump filter settings will tell KisMAC to create a PCAP file with the following filtering options:

The default setting is no dumping, KisMAC simply discards the data. 2. Keep everything - All intercepted traffic is written to the log file. 3. Data only - Only packets containing data are written to the log file; empty, "I'm here," traffic is ignored, but any packets with weak initialization vectors (IVs) will be logged. 4. Weak frames only - only packets with weak initialization vectors will be written to the log file. 4. Note: Dumping traffic is only useful if you want to make the captured data available for third party tools, such as Wireshark, dsniff or ettercap. You probably don't need this unless you want to see what the data was or monitor it. You also don't need to use any of these features to crack WEP. Weak (IVs) are automatically captured and can be saved in a KisMAC save file if needed.
Sound Preferences

1.

KisMAC can be set to play different sounds when different types of networks have been detected. This can be helpful for wardriving when you might not be able to look at the computer screen. 1. WEP enabled network: play the selected sound when an encrypted network is detected. 2. WEP disabled network: play this sound when an open network is detected. 3. Play every x packets: This option is useful when to gathering data to attempt to crack a network. Alerts you when a certain amount of data has been collected. See the cracking chapter later in this manual. 4. Optionally, KisMAC can speak the names (SSID) of detected networks, also useful while wardriving.
These are the basic preferences that you need to know in order to get started with KisMAC. There are many more advanced features that are covered in depth in their own chapters of the manual.

1.

Table of common card brands:

Manufactur er 3Com

Model 3CRWE154G72

Chipset PrismG

Compatibility Should work

Addtron Apple Asante Belkin

AWP-100 AWP-101 Airport Airport Extreme AL1011 F5D6020 (old) F5D7010

Buffalo Cisco Compaq D-Link LinkSys

WLI-CB-G54 AIR-PCM35x AIR-LMC35x WL-100 DWL-650 (old) DWL-G520 WPC11 WPC54G WPC55AG WUSB11 ver. 2.5 Orinoco 11b/g Orinoco Silver 11Mbit Orinoco Silver 2Mbit Orinoco Gold 11Mbit MA401

Proxim Lucent

T PrismII PrismII Hermes Broadco m PrismII PrismII Broadco m Broadco m Aironet Aironet PrismII PrismII Atheros PrismII Broadco m Atheros PrismII Atheros Hermes Hermes Hermes

Should work Should work Verified Verified - works in passive mode now! Should work Should work Should work in active mode only Should work in active mode only Verified Should work Verified Verified Should work Should work Should work in active mode only Verified Verified Verified Verified Verified Should work

PrismII Should work PrismG WG511 Should work T WG511T Atheros Should work SMC SMC2632W (old) PrismII Should work ZCOMAX XI-300 PrismII Should work XI-815 PrismII Should work Zoom 4105 PrismII Should work The Aironet, Atheros, PrismII and Hermes chips are natively supported by KisMAC. The Broadcom chipset is supported over the Airport Extreme driver in passive mode now. All other chipsets are currently unsupported.

Netgear

Device
Product name Device ID Hardware version Firmware version Batch number Physical address System up time HG532c BC7670-21530315918K1B042836 HG532CRRA VER.A HG532cV100R001C86B010 RWC86P0.010.29083 BC:76:70:DD:AA:C4

Help

0 days 3 hours 38 minutes 46 seconds