The TKIP key is derived from the PMK and some mac addresses, so, do the math :)

Have you really read the links provided?

I suggest to read the IEEE802.11 standard if you really want to...

Well, the algoritm is independent of the manufacturer of the AP, otherwise it won't comply to the 802.11 protocol specs :)

You can create a rainbowtable of hashes for a specific access point, but...

Wikipedia decribes the different implementations of authentication methods using the EAP framework. I'm looking one step more into detail: what kind of packets are sent, what's in that packets and...

Hi Xploitz,

Currently I'm deeply studying WPA, and I'm very interested what alternative method you came up with. Can you give a hint?

If you're not after the 4way handshake, then you're looking...

Hi guys,

I'm looking into WPA, how it works, why it works, why it better than WEP, etc.

Now, for the authentication with authentication-servers, the EAP protocol is used. There are different...

Yep, the ARP replay doesn't work, untill I generate some traffic with a real client.
So for the ARP replay I need datatraffic on the AP.

The fragmentation doesn't work also when there's no...

No, an AP is not a wireless router. A router "routes" datapacket through networks and can interconnect networks, an AP is for connecting multiple computers together. This AP I'm using has no dhcp, so...

Hi all,

I've setup an AP with WEP encryption to play around with. The AP is not connected to any network, no clients are associated and no data is being transferred. The goal is to aquire the WEP...