Page 3 of 3 FirstFirst 123
Results 21 to 24 of 24

Thread: Wep 104

  1. #21
    Just burned his ISO
    Join Date
    Jan 2009
    Posts
    17

    Default

    Great news pple!!!

    The WEP key has been cracked!!!

    Ahh... finally. Currently the pen test process is as such:

    Passive Collection
    1) Client laptop connected to wireless network
    2) Obtain AP & Client MAC address
    3) Run airodump-ng (# airodump-ng -c XXX --bssid XXX - w filename rausb0)
    4) Airodump-ng shows the AP and the client connected to it. (currently only 1 client connected)
    5) Run aircrack-ng (# aircrack-ng -b XXX(AP MAC) -m XXX(Client MAC) filename*.cap)
    The -m used here is to act as a filter, to accept only the client MAC. This will ensure aircrack-ng collects IVs only from one client, as WEP is dynamic. Not sure if this command is right, as I referred to the --help.

    None of these 4 steps found under the tutorial "How to crack WEP via a wireless client" @ aircrack website works for me.

    Results
    1) Out of 8 times tested, I managed to crack 5 times. There are 2 having the same WEP key, as they have been cracked within a 5mins span.
    2) 2 out of the 5 times successful, there were actually other clients connected to the AP, with aircrack-ng collecting IVs. So I'm not sure if the -m XXX does indeed help to filter other clients to use only 1 single client.

    For now, I'll be trying to achieve a 100% result instead of 5/8 times.

    Thanks so much cybrsnpr for your assistance!!

  2. #22

    Default

    Glad it finally worked for you.

  3. #23
    Just burned his ISO
    Join Date
    Jan 2009
    Posts
    17

    Default

    Quote Originally Posted by cybrsnpr View Post
    Glad it finally worked for you.
    Thanks manz! You've been a great help!

    Conclusion
    The -m xxx in aircrack-ng actually does work. The reason why some of the tests failed were because while aircrack-ng was running, the wep key changed (dynamic).

    I've carried out a few more tests today, with airodump-ng displaying about 5 clients connected to the target AP. Since its dynamic WEP, we can only crack if we obtained packets from one SINGLE client. Running aircrack-ng without the -m xxx command, the pen test fail every single time. But including the -m xxx command, the dynamic wep key is successfully cracked (other then halfway the wep key changes, which will fail).

    Great! Its been an exciting and interesting experience for me. The learnin & knowledge curve is indeed enriching. Hope this will help anyone facing issues with dynamic WEP.

    Cheerios!

  4. #24
    Just burned his ISO
    Join Date
    Jan 2010
    Posts
    8

    Thumbs up

    thanks a lot frederickyip for the information you give out here, saved me a lot of time !
    it's cool to tell your conclusion and all

Page 3 of 3 FirstFirst 123

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •