After breaking my wep key (sad day for me) I have looked into tools like the dsniff suite of tools, but after looking through the forum got a little confused. I figured the best way to do it was the following:
1. Capture the packets with wireshark (while not authenticated)
2. Decrypt and strip 802.11 headers with airdecap
3. replay with tcpreplay 2.3.3 on -i lo
4. listen with the dsniff, driftent, msgsnarf, urlsnarf on -i lo
But the only program that will pull any data is driftnet. After looking through the forum, I found a reference that dsniff works better if you authenticate with the AP. Does this matter, if I still decrypt with airdecap? Is there another reason why driftnet is the only program finding interesting packets?
I wouldn't think that authenticating with the AP would give me any advantage in this situation. Thanks for any help you can give.
okay, so after associating with the AP the urlsnarf now works. But I thought that the whole tutorial about dsniff revolved around having to decrypt with airdecap and replay on lo using tcpreplay. Do I still need to do this, or was it irrelevant?