Results 1 to 7 of 7

Thread: ¿ about ARP packet injection and WEP ?

Hybrid View

  1. #1
    Just burned his ISO
    Join Date
    Feb 2012
    Posts
    2

    Default ¿ about ARP packet injection and WEP ?

    hi everybody.

    could someone please explain to me how does the arp packet injection works ?

    what i dont understand is that when the aireplay program sais that its "waiting for arp packets" to inject them, how can it tell whether the paket is or isnt ARP since all packets are encripted with WEP.

    and if arp packets dont travel encripted, why isnt there the option to create an ARP by just using a known ip ?

    im just curious. really wanna know.

    if someone doesnt understand what i mean please tell me and i will try to clarify.

    thanks in advance.

  2. #2
    Member shadowzero's Avatar
    Join Date
    Jun 2011
    Location
    ${HOME}
    Posts
    94

    Default Re: ¿ about ARP packet injection and WEP ?

    See http://eprint.iacr.org/2007/120.pdf
    Under Section 5:
    ARP requests and ARP replies are of a fi xed size. Because the size of a packet is
    not masked by WEP, they can usually be easily distinguished from other traffic.

  3. #3
    Just burned his ISO
    Join Date
    Feb 2012
    Posts
    2

    Default

    Oh thats what i wanted to know! thanks ! i have been like a month thinking about it :S

    yes i know but you must have a PRGA file, and normal arp packets doesnt need it, thats what i was talking about. thanks anyway.
    Last edited by bolexxx; 02-25-2012 at 12:31 PM.

  4. #4
    Good friend of the forums comaX's Avatar
    Join Date
    Feb 2010
    Location
    Paris, France
    Posts
    338

    Default Re: ¿ about ARP packet injection and WEP ?

    why isnt there the option to create an ARP by just using a known ip ?
    There is. It's in the aircrack-ng suite
    Running both KDE and GNOME BT5 flawlessly. Thank you !

  5. #5
    Member
    Join Date
    Jan 2011
    Posts
    63

    Default Re: ¿ about ARP packet injection and WEP ?

    It's because with WEP using open authentication, any client can authenticate to the access point and "sniff" the packets that is within that access point. The data packets are encrypted with the WEP key and cannot be read in plain text, but can still be captured. ARP packets have distinct features that Aireplay-ng looks for. They are small in size so that can be replayed much faster than a larger file, they have the "To DS" (distribution system) bit on, and the destination is always broadcast. In order to create an ARP packet that will work with the network you have to obtain a PRGA file and use Packetforge-ng in order to create a packet to inject.

    Someone please correct me if I'm wrong, I'm in the middle of learning about this as well and I want to make sure I am right as well.

  6. #6
    Good friend of the forums comaX's Avatar
    Join Date
    Feb 2010
    Location
    Paris, France
    Posts
    338

    Default Re: ¿ about ARP packet injection and WEP ?

    @Reamer : yup, you're right, I was too lazy to explain, plus it's easy to find *hum hum http://www.aircrack-ng.org*
    It's all in the fragmentation and the chopchop attacks.
    Last edited by comaX; 02-25-2012 at 01:36 PM.
    Running both KDE and GNOME BT5 flawlessly. Thank you !

  7. #7
    Member
    Join Date
    Jan 2011
    Posts
    63

    Default Re: ¿ about ARP packet injection and WEP ?

    @comaX : Thanks for letting me know. I'm taking the OSWP course this Wednesday and I just want to make sure I know the material. I felt it was good review to say it and get clarification, otherwise I would have probably not gone into so much detail.

Similar Threads

  1. Packet Injection
    By stevet in forum OLD Newbie Area
    Replies: 5
    Last Post: 08-26-2009, 02:32 PM
  2. Replies: 2
    Last Post: 04-25-2008, 08:39 AM
  3. packet injection
    By BigMac in forum OLD Newbie Area
    Replies: 19
    Last Post: 03-05-2008, 08:10 AM
  4. packet injection help
    By rotceh_dnih in forum OLD Wireless
    Replies: 0
    Last Post: 02-18-2008, 06:25 AM
  5. Packet Injection?
    By Easyman in forum OLD Newbie Area
    Replies: 0
    Last Post: 03-09-2007, 07:58 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •