Results 1 to 3 of 3

Thread: authenticated vs. not authenticated

  1. #1
    Just burned his ISO
    Join Date
    May 2007
    Posts
    2

    Default authenticated vs. not authenticated

    After breaking my wep key (sad day for me) I have looked into tools like the dsniff suite of tools, but after looking through the forum got a little confused. I figured the best way to do it was the following:

    1. Capture the packets with wireshark (while not authenticated)
    2. Decrypt and strip 802.11 headers with airdecap
    3. replay with tcpreplay 2.3.3 on -i lo
    4. listen with the dsniff, driftent, msgsnarf, urlsnarf on -i lo

    But the only program that will pull any data is driftnet. After looking through the forum, I found a reference that dsniff works better if you authenticate with the AP. Does this matter, if I still decrypt with airdecap? Is there another reason why driftnet is the only program finding interesting packets?

    I wouldn't think that authenticating with the AP would give me any advantage in this situation. Thanks for any help you can give.

  2. #2
    Moderator theprez98's Avatar
    Join Date
    Jan 2010
    Location
    Maryland
    Posts
    2,533

    Default

    Quote Originally Posted by vvlonghorn View Post
    After breaking my wep key (sad day for me) I have looked into tools like the dsniff suite of tools, but after looking through the forum got a little confused. I figured the best way to do it was the following:

    1. Capture the packets with wireshark (while not authenticated)
    2. Decrypt and strip 802.11 headers with airdecap
    3. replay with tcpreplay 2.3.3 on -i lo
    4. listen with the dsniff, driftent, msgsnarf, urlsnarf on -i lo

    But the only program that will pull any data is driftnet. After looking through the forum, I found a reference that dsniff works better if you authenticate with the AP. Does this matter, if I still decrypt with airdecap? Is there another reason why driftnet is the only program finding interesting packets?

    I wouldn't think that authenticating with the AP would give me any advantage in this situation. Thanks for any help you can give.
    Some of these programs only work when you're associated with the AP.
    "\x74\x68\x65\x70\x72\x65\x7a\x39\x38";

  3. #3
    Just burned his ISO
    Join Date
    May 2007
    Posts
    2

    Default

    okay, so after associating with the AP the urlsnarf now works. But I thought that the whole tutorial about dsniff revolved around having to decrypt with airdecap and replay on lo using tcpreplay. Do I still need to do this, or was it irrelevant?

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •