Fern Wifi Cracker With Geographical Location Mac Address Tracker

admin



Fern: crack WiFi in minutes! Fern is a tool to discover weaknesses in a network. It uses aircrack-ng behind the scenes to achieve this. The best feature of Fern is its excellent GUI written in Python-Qt4. Fern Wifi Cracker is a Wireless security auditing and attack software program written using the Python Programming Language and the Python Qt GUI library, the program is able to crack and recover.

Fern Wifi Cracker is a Wireless security auditing and attack software program written using the Python Programming Language and the Python QT Gui Library, the program is able to crack and recover WEP/WPA/WPS keys and also run other network based attacks on wireless or ethernet based networks.

Fern Wifi Cracker currently supports the following features:

  • WEP Cracking with Fragmentation,Chop-Chop, Caffe-Latte, Hirte, ARP Request Replay or WPS attack
  • WPA/WPA2 Cracking with Dictionary or WPS based attacks
  • Automatic saving of key in database on successful crack
  • Automatic Access Point Attack System
  • Session Hijacking (Passive and Ethernet Modes)
  • Access Point MAC Address Geo Location Tracking
  • Internal MITM Engine
  • Bruteforce Attacks (HTTP,HTTPS,TELNET,FTP)
  • Update Support

First step, make sure your card is capable of packet injection read hereand for compatible wireless cards. If not there’s no need to follow the instructions below you’ll never crack any wifi password without using compatible cards. Then let’s check your cards interface to use type airmon-ng, mine is wlan1 with ath9k driver. After all let’s kill processes that can intervene with your cards driver type airmon-ng check kill

Location

Run Fern Wifi cracker and choose from the drop down tab the wifi card it will automatically enable the card in monitor mode. See the green text Monitor mode enabled on wlan1mon.

Next click the Scan for Access Points to look for target APs if it detects WEP the wep button will be highlighted if not the WPA, in my case a WPA access point was detected. Now just click the WPA button to open the attack panel where you’ll fulfill your dream of being a wifi hacker.

Select your target access point, tick if it’s regular or wps attack (for wps enabled routers), upload your wordlist to be used in password cracking then click Wifi attack and this tool will magically do everything for you as if you’re having magic wand.

Fern Wifi Cracker With Geographical Location Mac Address Tracker Free

All wifi cracking tools follow these steps – deauth connected clients, capture the handshake and crack the password against your wordlist – wait! here’s the catch, if your wordlist contains the password you can get the password, if not, either get a bigger wordlist or buy faster machine that can bruteforce it without relying on wordlist. The length of time cracking WPA/WPA2 depends on how big is your wordlist and your luck, unlike cracking WEP which depends on IVs captured.

That’s it, the WPA password! There’s a lot of tool in Linux that can crack WPA/WPA2 but Fern Cracker is the easiest to use, thanks to its user friendly GUI.

Why do we need to track MAC addresses?

A media access control address (MAC address) of a device is a unique identifier assigned to a network interface controller (NIC) for communications at the data link layer of a network segment. As they are unique, they are used by network devices such as switches to maintain an inventory of what is connected to which switch port.

Fern Wifi Cracker With Geographical Location Mac Address Tracker Real-time

The concept of a network inventory has been around for a long time. It is one of the fundamentals of networking. Devices cannot exchange data unless they know who to share it with. However, a lot of this inventory information is hidden behind the scenes, buried in MAC tables on switches and distributed across multiple devices.

Many compliance standards, such as GDPR, now require network managers to maintain a list of what is active on their networks. However, it is good practice to maintain a list of what is connected to your network. If you get hit with something like ransomware, you will need to act fast and track down what is connected to your network quickly.

Fern Wifi Cracker With Geographical Location Mac Address Tracker Google

Where can you capture MAC address information?

The easiest way to capture MAC addresses is to monitor network traffic via a SPAN, mirror port, or TAP. This will give you access to network packets, and each packet will contain MAC addresses. You need to be careful about where you capture this information. If you monitor traffic on the wrong side of a routing device, like a firewall or network router, you may find that all traffic is associated with the firewall/router MAC address.

An ideal location for capturing MAC addresses is the network core where traffic from clients and servers converges. Server logs and flow data are not good data sources when it comes to capturing data for a MAC address tracker. Logs and flow records focus more on IP addresses, which can move from device to device on networks that use DHCP. The image below shows a typical flow record with date, time, IP and port information.

Geographical

Common use cases for a MAC address tracker

In the past, MAC address capturing was typically done using packet analysis tools such as Wireshark. While this is useful for troubleshooting isolated issues, it is not very scalable when it comes to tracking all network device activity.

Recently, we heard of someone who had an issue during a very busy and critical time of the day. Switches were reporting “Broadcast storm detected” and had applied filters as a defense mechanism. This resulted in connectivity issues on their network. As they had an inventory of MAC addresses and associated broadcast traffic, they located the rogue network device quickly. In their case, it was a faulty IP phone, and normal network operations resumed after it was shut down.

A use case like the one above shows that the need to track devices on the network is important. Other common use cases that we come across include:

  1. Generating a list of network devices for compliance standards such as GDPR.
  2. Detecting faulty network equipment that may be responsible for broadcast traffic storms.
  3. Quickly locating problematic devices in the event of a malware outbreak such as ransomware.
  4. Seeing the corresponding MAC address associated with copyright violations where clients are using applications like BitTorrent.
  5. Capturing additional metadata for your existing network monitor or SIEM application.
  6. Tracking specific applications, like web traffic by MAC address.

[On-Demand Demo] See How Our SIEM Monitors and Analyzes Network Traffic