AirSnort is a WLAN software that retrieves encryption keys.
While Adam Stubblefield was the first to implement this attack, his software is not publicly available. That means AirSnort, along with WEPCrack, is one of the first publicly available implementations of this attack. AirSnort requires approximately 5-10 million encrypted packets to be gathered. Once enough packets have been gathered, AirSnort can guess the encryption password in under a second.
In order to use AirSnort, you must have a wireless network interface card that is capable of rf monitor mode and that can pass monitor mode packets up via the PF_PACKET interface. Some of the cards known to work with this software include Cisco Aironet Prism2 based cards using wlan-ng drivers or Host-AP drivers, Orinoco cards and clones using patched orinoco_cs drivers, Orinoco cards using the latest Orinoco drivers >= 0.15 with built-in monitor mode support, and many others. Any card supported by Airopeek should work for Windows users. Linux users can find the best resources for determining card compatibility at the Kismet site.
To compile AirSnort, you need to make sure your drivers are working correctly. This may require you to have kernel source, PCMCIA CS packages, wlan-ng packages, Orinoco driver patches, or Host AP drivers. Additionally, you should make sure you have installed the latest version of libpcap, and have gtk+-2.2 installed. This is critical, as AirSnort is a GUI application. Linux users can follow a few steps, including downloading and configuring AirSnort, before enjoying the software's benefits. The latest release includes bug fixes and support for the DWL-650 card in Windows.
Version 0.2.7e: N/A