From: Francisco Pecorella (fpecor@cantv.net)
Date: Tue Jan 10 2006 - 21:00:38 EST
Hi Rodrigo,
The main idea in order to do a pentest to a wireless network is follow these
steps:
(1) Use any sniffer (remember disable the promiscuos mode) in order to
capture wireless data "protected". It is recommendable that you capture more
over 100 Mb of data. I suggest that you use Kismet, airodump and airoplay.
(2) Use aircrack written by Christophe Devine in order to crack the data
captured. For example if your capture was called "capture.pcap":
$ aircrack -f2 -n 128 capture.pcap
(3) Wait, Wait some seconds and ready :-). You will have the WEP Key.
-- Regards, FP ----- Original Message ----- From: "Rodrigo Blanco" <rodrigo.blanco.r@gmail.com> To: <pen-test@securityfocus.com> Sent: Tuesday, January 10, 2006 3:59 AM Subject: Pentesting a WEP-protected wifi network > Hello list, > > I am currenty trying to pentest a wireless network protected with WEP > (not sure if 40/64 or 104/128 bit). > > I would like to know what are the best tools to use if the equipment I > have for the pentest is an XP workstation with a 802.11b D-link > wireless card. > > I know there are many tools for Unix / Linux with certain wifi cards, > but I would like to prove if it is feasible to break a WEP key with > just an XP and any wifi card. > > Thanks in advance for your help and best regards, > Rodrigo. > > ------------------------------------------------------------------------------ > Audit your website security with Acunetix Web Vulnerability Scanner: > > Hackers are concentrating their efforts on attacking applications on your > website. Up to 75% of cyber attacks are launched on shopping carts, forms, > login pages, dynamic content etc. Firewalls, SSL and locked-down servers > are > futile against web application hacking. Check your website for > vulnerabilities > to SQL injection, Cross site scripting and other web attacks before > hackers do! > Download Trial at: > > http://www.securityfocus.com/sponsor/pen-test_050831 > ------------------------------------------------------------------------------- > > ------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:20 EDT