2010
Christophe Devine – original author of Aircrack – a collection of tools for wireless networks audit based on cryptoanalytics algorithm break down afford short e-mail interview for H4f. We decided to accost author of original idea, which was the base for future research called Aircrack-ng. (next generation) Aircrack-ng suite now contains 17 tools. Mr. Devine was verry accommodating and provide us some informations. A couple of answers describes project history and telling us something about author himself. Hyperlinks to original (in my opinion legendary) videos for better understanding the progress since 2004 are attached too:WEP & WPA audit – aircrack 2.2 on WHAX system.
H4f: So how did the project aircrack begin? Why or how was the idea born?
Christophe: In june 2004, I went to the French security-oriented SSTIC conference. I met Nicolas Ruff (newsoft) there, he was playing around a bit with his new wireless card and Kismet. It looked a lot of fun, so I decided to buy a wifi card and experiment on my own. I wasn’t really satisfied with the various tools I tested; airsnort was buggy, kismet didn’t correctly show certain information at the time (such as the number of unique IV). I like to reinvent the wheel 
so I started working on the first version, aircrack 1.0.
H4f: How long does it take to make/code working prototype from just an idea?
Christophe: According to the aircrack-1.0.tgz archive, it was released at the end of july 2004. So, about two months.
H4F: If our information are correct, last version of Aircrack was 2.41, and as of March 2006 Aircrack-ng project have taken on the development of Aircrack suite. What happened?
Christophe: Lots of people ask me this question ;) Basically my interest had shifted in other areas, and I stopped working on the project. Although I didn’t specifically ask for a maintainer, Thomas d’Otreppe stepped forward and started working on a forked version. It was ok with me, in fact I’m very grateful as he has devoted a lot of his time since 2006 to maintain aircrack-ng.
H4F: When did Thomas d’Otreppe show up and took over the development?
Christophe: I stopped maintaining the web site in late 2005, maybe december. IIRC it took only a couple of months for the new aircrack-ng project to be launched.
H4F: Is there anything you would like to say about Aircrack project in general?
Christophe: As I consider now the way I developed the project from 2004 to dec. 2005, I realize there are several ways the development process could have been improved. There was no revision control system, no bugtracker and even no forum until august 2005. Also the releases weren’t GPG-signed or anything. Finally I think there was a heap overflow foundin airodump. On the C code itself of each internal tool, it doesn’t make it very easy to, for example, write a plugin for airodump that would do something special with the packets. I did my own pcap implementation, but this wasn’t the best idea as it prevented people using airodump to filter packet with tcpdump-like filters. Since then in the new projects I’m working on, I do my best not to reinvent the wheel and reuse GPL software components from other projects as much as possible.
H4f: Are you currently tracing the updates, tools and development of the project?
Christophe: Although I don’t check the aircrack-ng site very often, I do try to keepin touch with Thomas and we occasionally see each other, last time during the BruCON conference. So far it seems to me the project is going forward in a very positive way.
H4f: What was (is) your favorite wireless card (chipset) for using with aircrack?
Christophe: I had found memory of capturing with my Prism2-based card, at the time (july 2004) it was one of the best for low-level wireless stuff. In fact KoreK himself did write the first injection patch precisely for this chipset, and released it in august of the same year.Then I acquired an atheros-based card, and it worked very well with a specific version of madwifi. In particular the link speed could be controlled manually, which was very handy. Also I have a ralink USB rt2470, very inexpensive and great for injection.
H4f: How about popularity? Do people remember you are the One who came first with the idea?.
Christophe: Aircrack became popular I think because the core of the software is the WEP cracking part, which is entirely based on KoreK’s mathematics. I had the chance of meeting KoreK once in Paris, he’s a very cool and thoughtful guy. At the time when he devised his attack he also had no idea they would gain such popularity.
H4f: Are there any people who have inspirated you and you want to say hello to them?
Christophe: There are so many people :) But on the particular subject of wireless hacking, there was already a huge body of work before I even knew the suject; of course Scott Fluhrer, Martin Itsik and Adi Shamir devised the original attacks, later greatly enhanced by KoreK — aircrack would be nothing without him. Mike Kershaw (dragorn) created this awesome tools, Kismet, and David Hulton who wrote dwepcrack. And most importantly, all the aircrack users who provided feedback and helped improve the software.
H4f: What kind of operating system do you prefer?
Christophe: These days I’m fairly OS-agnostic. I usually work with Debian Lenny or Windows XP, and Windows 7 for gaming.
H4f: Are there any other projects related to IT you are working on?
Christophe: Well, lots! Most recently I started working on (yet another) disassembler/debugger called xdbg. It’s still very preliminary so don’t expect much from it. A friend of mine joked that like aircrack and xyssl I may abandon the project after working a couple of years on it ;) (and perhaps he’s not completely wrong, I guess. not that I plan onabandoning the project!).
H4f: Do you have any website or blog where people can follow your ideas?
Christophe: Sure, https://bob.cat/ Unfortunately not updated very often, but I’ll be sure to announce new releases of xdbg there.
H4f: What do you do for living?
Christophe: Currently I work as a security consultant at Sogeti/ESEC, most specifically in the R&D team. There are several research projects we’re working on, the latest one being the implementation of an attack to inject an unsigned Windows 7 x64 kernel driver in the kernel using access to physical memory (DMA).
Christophe
Thanks Mr. Devine
Žádný komentář.
Přidat komentář