Re: Wireless wep crackin on windows

From: Andre Ludwig (andre.ludwig@gmail.com)
Date: Wed May 26 2004 - 01:10:14 EDT


You guys might want to read up on wep attacks.

http://www.samspublishing.com/articles/article.asp?p=27666&seqNum=1

Is a decent link explaing the weak IV attack used against wep.

To date i havent seen any windows based tools that would capture the
proper packets (open source tools at least). Doesnt mean they arent
out there, just means i havent cared nuff to find them.

Andre Ludwig CISSP

On Tue, 25 May 2004 19:20:14 -0400, Jerry Shenk
<jshenk@decommunications.com> wrote:
>
> I don't believe the WEP key is passed across the network. This will
> however cause multiple associations and might generate extra traffic.
> It might also enable the attacker (running Evil Twin) to pass encrypted
> packets through to another Access Point.
>
> I think the main use for this attack is for networks that do LEAP. In
> that case, the username and password hash are passed through the air and
> are susceptible to a brute force or dictionary attack. Other
> EAP-related authentication schemes may also be vulnerable to this but
> most of them use a better hash encryption than LEAP does....at least it
> seems so for the moment;)
>
>
> -----Original Message-----
> From: E.Kellinis [mailto:me@cipher.org.uk]
> Sent: Tuesday, May 25, 2004 2:28 PM
> To: securityfocus@arkam.it; pen-test@securityfocus.com
> Subject: Re: Wireless wep crackin on windows
>
> Hello,
>
> There is another method to find the key without trying to crack wep
> data,
> You can use Evil Twin access point attack.
>
> You setup another access point near by and you try to provide
> stronger signal and exactly the same channel (and same SSID)
> as the AP under attack , when this happen Clients will try to
> connect to your access point that mimic a legitimate. Using this method
> you might be able to retreive the WEP password.
>
> All the needed info (SSID , channel etc) for this attack can be provided
> by
> many
> WLAN analysis tools for windows .
>
> I haven't done it, but it sounds reasonable
>
> thx
> Manos
>
> =========================================================
> *PK:http://www.cipher.org.uk/files/pgp/cipherorguk.public.key.txt
> =========================================================
>
>



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:55 EDT