I've been trying all day with this fragmentation with no luck either.
The fake auth has to be done as you have to have an associated connection to the AP for framentation to work.
Purpose of fake auth?
I've been running through the clientless attack on my home network as shown by offensive-security's flash video, and I understand why we're taking each step except for one. Why do we fake auth? Does it provoke some information for the fragmentation to work from, or what?
And of course, what other uses does it have?
I've been trying all day with this fragmentation with no luck either.
The fake auth has to be done as you have to have an associated connection to the AP for framentation to work.
http://www.aircrack-ng.org/doku.php?...authenticationOriginally Posted by GMouse
I've been running through the clientless attack on my home network as shown by offensive-security's flash video, and I understand why we're taking each step except for one. Why do we fake auth? Does it provoke some information for the fragmentation to work from, or what?
And of course, what other uses does it have?
Fake authentication
Description
The fake authentication attack allows you to perform the two types of WEP authentication (Open System and Shared Key) plus associate with the access point (AP). This is useful is only useful when you need an associated MAC address in various aireplay-ng attacks and there is currently no associated client. It should be noted that the fake authentication attack does NOT generate any ARP packets.
"\x74\x68\x65\x70\x72\x65\x7a\x39\x38";
Ok, so using it means that I'm able to use my own MAC address in the later aireplay attacks, whereas if I didn't, the packets generated would simply be ignored by the AP?
@map777
Actually, I got it to work, twice now. The first time, it took forever to find a suitable packet for fragmentation. The second worked right off.
It does 2 things, 1 associates a MAC address for packet inject, in order for an ARP reply to work, and 2, will help generate suitable fragments for use with packetforge to create arp-reply packets to inject.
Ok. I think I kinda/sorta get it. It'll probably make more sense as I get used to wifi.
Thanks!
If you still don't understand first try to understand wireless communications. Then read every bit of documentation on aircrack-ng. These guys do a great job of explaining the videos that people on the web put out, but you have to look for it, people aren't going to hand you the information on a silver spoon. But if you look it is there.
Posting Permissions