Download AirSnort   AirSnort 0.2.7e

Software Specifications

AirSnort Screenshot
  View more screenshots
Editor Rating
204 KB
License [?]:
Open Source
Not available
Last Updated:
Wireless Application and Protocol Tools Software
The Shmoo Group
Operating System:
Windows 95 Unix Windows 98 Linux Windows NT Windows 2000 Windows ME Windows XP Windows Server 2003
Additional Requirements:
Not available

AirSnort Review

" WEP Vulnerability demonstration tool. Recover WEP keys from vulnerable 802.11b networks. "

AirSnort is a wireless LAN (WLAN) tool which recovers encryption keys. AirSnort operates by passively monitoring transmissions, computing the encryption key when enough packets have been gathered.

802.11b, using the Wired Equivalent Protocol (WEP), is crippled with numerous security flaws. Most damning of these is the weakness described in "Weaknesses in the Key Scheduling Algorithm of RC4" by Scott Fluhrer, Itsik Mantin and Adi Shamir. Adam Stubblefield was the first to implement this attack, but he has not made his software public. AirSnort, along with WEPCrack, which was released about the same time as AirSnort, are the first publicly available implementations of this attack.

AirSnort requires approximately 5-10 million encrypted packets to be gathered. Once enough packets have been gathered, AirSnort can guess the encryption password in under a second.


AirSnort runs under Windows or Linux, and requires that your wireless nic be capable of rf monitor mode, and that it pass monitor mode packets up via the PF_PACKET interface. Cards known to do this are:
  • Cisco Aironet

  • Prism2 based cards using wlan-ng drivers or Host-AP drivers

  • Orinoco cards and clones using patched orinoco_cs drivers

  • Orinoc cards using the latest Orinoco drivers >= 0.15 with built in monitor mode support

  • And many others.

  • Windows: Any card supported by Airopeek.

For Linux users, the best resources for finding out if your card can do monitor mode and what drivers you will need are those maintained at the Kismet site.


To compile AirSnort, do the following:

* Get your drivers working! To do this you may need one or more of the following
  • Kernel source

  • PCMCIA CS package

  • wlan-ng package

  • Orinoco driver patches

  • Host AP drivers

* Install the LATEST version of libpcap. Please make sure that you have removed any old version of pcap that may be resident on your system. (not required for Windows users.)

* Make sure you have gtk+-2.2 installed as AirSnort is a GUI application. You will also need gtk+-devel


Linux users perform the following steps:
  • tar -xzf airsnort-0.2.6.tar.gz

  • cd airsnort-0.2.6

  • ./configure

  • make

  • make install (optional)

Poof you're done. The airsnort executable is in the airsnort-0.2.6/src subdirectory, do with it what you will. There are some man pages in airsnort-0.2.6/man


Airsnort is designed to work best with Linux/Unix thus it is not recommended to use Airsnort under Windows. There is no support for it due to the proprietary nature of the operating system and wireless card drivers. You may be required to develop your own DLLs to link Airsnort to your wireless card.

Windows users perform the following steps (Windows XP, Belkin PCMCIA and D-Link PCI Cards in this example):
  • Extract the files and put it in the directory: C:\Program Files\airsnort-0.2.7e\

  • Download and install GTK+ 2 (full installation) into the folder: C:\Program Files\airsnort-0.2.7e\GTK. Once complete choose the language support to complete the installation.

  • Download and unzip GLib into the folder: C:\Program Files\airsnort-0.2.7e\glib-2.4.7.

  • Download and unzip Pango into the folder: C:\Program Files\airsnort-0.2.7e\pango-1.4.1.

  • Download and install ATK into the folder: C:\Program Files\airsnort-0.2.7e\atk-1.8.0.

  • Download your driver from Airopeek (unfortunately no longer available for download from that is matched to your Wireless card manufacturer and model.

  • Go to your windows driver system directory (c:\windows\system32\drivers) and backup your current Ethernet card Driver.

  • Rename the new driver you just downloaded from Airopeek as the same name of your current Ethernet card driver. If anything goes wrong you can restore the backup.

  • Airopeek should now work with your card. Otherwise consider buying a compatible wireless card.

  • Click on the 'Start' button and right click 'My Computer' and choose 'Properties'. Next, click the 'Advanced' tab and then the 'Environment Variables' buttons at the bottom.

    In the 'System variables' textbox, choose 'Path' and click 'Edit'. At the end of the 'Variable value', copy and paste the line below. Change the directory to the Airsnort directory if different.

    C:\PROGRAM FILES\THINKPAD\UTILITIES;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\PC-Doctor for Windows\services;C:\Program Files\Common Files\Lenovo;C:\Program Files\Lenovo\Client Security Solution;C:\Program Files\WatchGuard\wsm8\bin;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\airsnort-0.2.7e\GTK\bin;C:\Program Files\Airsnort\atk\bin;C:\Program Files\Airsnort\glib\bin;C:\Program Files\Airsnort\gtk\bin;C:\Program Files\Airsnort\pango\bin;C:\Program Files\Airsnort\bin

    [ Path: C:\Program Files\Airsnort\atk\bin;C:\Program Files\Airsnort\glib\bin;C:\Program Files\Airsnort\gtk\bin;C:\Program Files\Airsnort\pango\bin;C:\Program Files\Airsnort\bin ]

    Click OK.

  • Copy Peek5.sys and peek.dll from C:\Program Files\WildPackets\AiroPeek Demo to C:\Program Files\airsnort-0.2.7e\bin

  • You may need more DLLs (iconv.dll, intl.dll) easily found on the internet in your Airsnort directory.

  • Start Airsnort!


Orinoco Notes: The latest patches seem to smooth things out for all versions of Orinoco firmware. Please make sure you are using the latest patches. If you do not see a patch for your version of pcmcia-cs, then PLEASE determine what version of the orinoco drivers are included with your version of pcmcia-cs and get the appropriate orinoco-0.XX patches. To do this look in pcmcia-cs-X.Y.Z/wireless/orinoco_cs.c which will list the version number in the first couple of lines.



Top Related Downloads
1. Download AirSnort AirSnort
WEP Vulnerability demonstration tool. Recover WEP keys from vulnerable 802.11b networks.
2. Download csWAPDraw csWAPDraw
Create and edit wireless bitmaps (.wbmp files) for use with WAP enabled web pages.
3. Download Aircrack-ng Aircrack-ng
A network software suite consisting of a detector, packet sniffer, WEP and WPA/WPA2-PSK cracker and analysis tool for 802.11 wireless LANs.