Henry Dalziel | Pentesting Distros, Pentesting Tools | May 5, 2013
Whilst we might not know the exact amount of Linux distros out there, what we do know, is that the figure will be in the thousands. If you just stumbled into this post here’s a quick summary of what a Linux distribution is: distros, (popular ones like such as Ubuntu, Kali Linux, Fedora, Arch etc) have basically ‘done the hard work for you’ in the sense that a ‘distro’ takes existing code and their associated programs (from open-source projects) and compiles them for you into a branded Linux distribution by combining everything into a single operating system that you can install from boot. There are dozens of niches that developers have catered for; many come and go, but some are certainly here to stay forever, i.e. Debian, Ubuntu and Arch.
An excellent example of a “niche Linux distro” are all the Pentesting distros that exist in the wild. We have posted quite a bit about with our top ten list and a popular post about how I moved my daily operating system full time into Linux Backbox. There are forensics distros, educational, media etc – but this post is all about specific Wireless Pentesting Linux Distributions! Yes, OK, we know that the popular Linux distros used by professional pentesters and hackers, such as Kali Linux, Backbox, Pentoo etc all come bundled with everything you might need for wireless cracking – but there might be an instance when you don’t need the extra ‘bloat’ that comes with the best known and most widely used distros.
Background to this post
Whilst trying to do some research into WEP, WPA/ WPA2 hacking with Reaver, I stumbled across a simple list from the airmon-ng website that lists some wifi/ wireless hacking distros which I thought to expand on.
So, first on our list is: Slitaz Aircrack-ng Distribution
SliTaz is instantly interesting because it works like Puppy Linux since it can operate from memory (as well as from removable media). It is light, fast and can also be installable on a hard drive. SliTaz is distributed in the form of a LiveCD that like any other distro can be burnt and booted. The community seems pretty active with a mailing list and forum. If our understanding is correct the last release was April 10 2012 with SliTaz 4.0-RC2.
As previously mentioned, SliTaz runs on very low specs, the graphical desktop uses 35 MB based on LXDE and Openbox – working entirely in 192MB of RAM. Alongside all the usual and necessary wireless hacking and penetration testing tools, the community and distro have also matured a set of home-made tools.
Second on our list is Xiaopan OS. Inspired by another Linux distro called Beini, which was a really a very small live CD based on TinyCore Linux, Xiaopan OS is an easy to use distro bundled with advanced hacking tools to penetrate wireless networks. Like Beini (which seems to be older but less supported) Xiaopan is based on the Tiny Core Linux (TCL) operating system (OS) with a very attractive GUI. Worth mentioning that Xiaopan is Windows, Mac and Linux compatible! That is very cool.
The project has been well organized and the creators are clearly passionate about the distro. So what’s the difference with Xiaopan and say Kali Linux or WiFiway? The focus on wireless cracking and the simplicity would appeal to someone who just wants to audit wireless without having to navigate dozens of tools that might not be necessary to their task at hand.
Xiaopan OS ships with a number of tools to specifically hack WiFi Protected Setup (WPS), WiFI Protected Access (WPA) and Wireless Equivalent Privacy (WEP) encrypted networks. Tools include:
Reaver: possbily the most interesting pin-based brute force crack WPS (WPA / WPA2) out there. If you don’t know then get to know Reaver.
Inflator: which ia GUI add-on for Reaver.
Aircrack-ng: obviously a must for wireless cracking.
Minidwep: another Reaver/ Inflator extension that allows the pentester to attack WPA networks through a dictionary attack and WEP networks by auditing and injecting packets.
FeedingBottle: called as such because even a baby could use it! FeedingBottle is a hangover from Beini (the inspiration behind Xiaopan)
Xiaopan also prefers to use XFE: file manager.
Third on our list is WiFiway!
Wifiway is a Linux distro used to specifically test any Wifi connection, network and to verify if its’ security – in other words, a distro that is very well suited to a penetration testers toolbox. You can use this distro directly a live CD and install as and when you feel fit. Unlike Kali Linux with a rich ancestry, or BackBox being based from Ubuntu, WiFiway seems to have been built from the ground-up.
As you would expect from a distro called “WiFiway”, the majority of programs and pentesting tools that come shipped with Wifiway are focused towards Wireless security (network security) and Bluetooth auditing. Literally any and every wireless testing, cracking and hacking tool you can think of, exists in WiFiway – which is now in version 3.5.
What’s the difference between WifiSlax and Wifiway?
You might come across WifiSlax and wonder what is going on. Well, WifiWay followed on from the WifiSlax distribution (which is also a well known Linux distribution within the wireless auditing space). Wifiway was launched to allow beginners and those not very experienced with wireless and network security to get up and running without having to learn what is often perceived as being a steep learning curve. WifiWay inherited the majority of Wifislax’s pentesting utilities and tools but allowed them to be used in a more ‘friendly’ manner.