Re: wireless WEP crack.

From: Joshua Wright (jwright@hasborg.com)
Date: Tue Jun 21 2005 - 12:34:32 EDT


KoreK started to implement this attack in chopchop (which is basically
an inverse adaptive chosen plaintext attack), but I haven't seen a
released version of chopchop that had this attack completed. If you are
interested in implementing this attack, you might consider finishing
where KoreK started. Chopchop v0.1 is available at
http://www.netstumbler.org/showthread.php?t=12489.

Note that the concept of traditionally weak IV's (b+3:ff:n) has largely
been deprecated. Tools such as Aircrack and WepLab use a much larger
group of IV's to recover the WEP key, making it impossible to filter all
the new classes of "weak IV" possibilities (as this would significantly
reduce the overall IV space for WEP).

-Josh

Michael Sierchio wrote:
> Just out of curiosity, are there tools available to mount
> the adaptive chosen plaintext attack against WEP? This
> attack always succeeds, and is not dependent on weak
> keys.

-- 
-Joshua Wright
jwright@hasborg.com
http://home.jwu.edu/jwright/
pgpkey: http://home.jwu.edu/jwright/pgpkey.htm
fingerprint: FDA5 12FC F391 3740 E0AE BDB6 8FE2 FC0A D44B 4A73
Today I stumbled across the world's largest hotspot.  The SSID is "linksys".


This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:26 EDT