So you're pretty much advocating cracking random networks without permission?Originally Posted by custode
How exactly is this doing a Pen-Test?
Location based WEP attack - no injection needed
I have found that a third of WEP networks use a phone number as the key.
I have written a script for NYC
http://forum.aircrack-ng.org/index.p...=5944.0;id=505
that generates a wordlist of possible phone numbers based on area codes and exchanges. Then it can be used to test a capture file with
The benefit is that while it will not work all the time, it only needs 4 IVs of data, so one can casually roam the area capturing, then test each network against the list.Code:aircrack-ng -w h:<wordlist> <capture file>
If you do use this method please report your success rate and city. Also, I used area-codes.com for the areacode/exchange data, for those of you not in NYC. If you have trouble with running or personalizing the script, let me know.
Oh, when running the script, give it time, the output will be large.
So you're pretty much advocating cracking random networks without permission?
How exactly is this doing a Pen-Test?
A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.
Actually, you never interact with the networks. It is a general study to see how prevalent this weak key type is, which is why I am curious to see success rates.
No offense, but it is proven fact that wep is weak, since your script is based on wep attacks it really helps to prove nothing. Nice contribution I suppose.
To be successful here you should read all of the following.
ForumRules
ForumFAQ
If you are new to Back|Track
Back|Track Wiki
Failure to do so will probably get your threads deleted or worse.
Agreed, WEP is broken, not trying to prove that, just curious about key selection. Some businesses (including a financial firm included with permission) are effectively posting their key on their front door and business cards.
custode, very nice idea on the script, I myself have noticed that many clients Ive worked for have used phone numbers for both WEP / WPA keys. Although a phone number is a good set of random numbers, its still very easily cracked and figured out.
I fail to see where this is any business of yours what and where they post this information. Again I mean no offense to your creativity this is not in question at all but rather the way you have advertised yourself here with your thread on the subject.
To be successful here you should read all of the following.
ForumRules
ForumFAQ
If you are new to Back|Track
Back|Track Wiki
Failure to do so will probably get your threads deleted or worse.
Ok, that's a valid comment. I should have titled it differently. It's my business because my business is writing about infosec in financial services. My goal was to have a decent set of cross country data to support a point such as "despite the known weakness of WEP and high profile wireless related breaches such as TJX, many networks still use WEP, and of those, YY% use their phone number as the key."
Now doesn't that sound better, than the original?
To be successful here you should read all of the following.
ForumRules
ForumFAQ
If you are new to Back|Track
Back|Track Wiki
Failure to do so will probably get your threads deleted or worse.
I have to agree, I know too many people who used their phone number as the wep key. Lack of knowledge leads to problems. I guess it just seems too easy for people to use their phone number when they need an easy to remember 10 digit key. What a joke using wep 64. might as well just leave it unsecured.
If at first you don't succeed, keep sucking until you do suck seed. --Curly
Posting Permissions