If 30,000 ivs are good, isn't 40,000 better?

**SLK001** · 09-10-2007, 05:29 PM

Apparently not.

I was practicing capturing my access point to create a file that I could run testing on. Aircrack-ng cracked the key with 31,000 ivs captured. I let my capturing continue, thinking that if 31,000 was good, well 35,000 would be better than good.

Well, no, actually. I ran aircrack-ng again at 35,000 and it returned "FAILED - TRYING AGAIN AT 40,000". Note that nothing had changed between the original crack and now - everything just kept running. It also failed at 40,000.

My guess is that the cracking engine is seeded with a random number, and that some are better than others. If this IS the case, why doesn't aircrack just continue to try other seeds if the one previously chosen doesn't converge, especially after 30,000 ivs? I don't have a file that is only 31,000 or so ivs long to test (I went to dinner and came back with the ivs being up to 70,000, which seems to always converge). I was just wondering if anyone else noticed this.

**shamanvirtuel** · 09-10-2007, 05:35 PM

aircrack-ptw will never failed..........

**SLK001** · 09-10-2007, 06:00 PM

I am using version 0.9.1. with the -z option.

**shamanvirtuel** · 09-10-2007, 06:05 PM

aircrack-ptw is the tool on wich -z attack of aircrack-ng is based

it's the ORIGINAL ptw attack.....

i never see it fails ......

and the computation takes 3 secs......

**SLK001** · 09-10-2007, 06:20 PM

Originally Posted by shamanvirtuel

aircrack-ptw will never failed..........

By aircrack-ptw, do you mean the development version 1.0 executable aircrack-ng?

**-=Xploitz=-** · 09-10-2007, 06:23 PM

More is always better when concerning IVS...

some luck comes into play, as well as all your arguments and options you use...

SLK001,

What is the EXACT command line you use wien you crack your WEP key??

**SLK001** · 09-10-2007, 10:05 PM

Exact command:

aircrack-ng -z linksys*.cap

**SLK001** · 09-10-2007, 10:08 PM

One extra note. I used the latest stable version, or 0.9.1 in these tests. I did try the latest development release - 1.0Dev - and did notice that it cracks in less than 2 seconds, where the stable release took 15-20 seconds. Even so, I would have expected a crack for any number of ivs above the original number of the first crack.

EnculeurDePoules · 09-17-2007, 12:28 PM

Originally Posted by SLK001

Apparently not.

I was practicing capturing my access point to create a file that I could run testing on. Aircrack-ng cracked the key with 31,000 ivs captured. I let my capturing continue, thinking that if 31,000 was good, well 35,000 would be better than good.

Well, no, actually. I ran aircrack-ng again at 35,000 and it returned "FAILED - TRYING AGAIN AT 40,000". Note that nothing had changed between the original crack and now - everything just kept running. It also failed at 40,000.

My guess is that the cracking engine is seeded with a random number, and that some are better than others. If this IS the case, why doesn't aircrack just continue to try other seeds if the one previously chosen doesn't converge, especially after 30,000 ivs? I don't have a file that is only 31,000 or so ivs long to test (I went to dinner and came back with the ivs being up to 70,000, which seems to always converge). I was just wondering if anyone else noticed this.

hm the rule is not 300 000 ivs for a 64bit wep key, and 1 million for a 128k wep key???
I think it was!

**shamanvirtuel** · 09-17-2007, 12:44 PM

nop the rules are 10/15000 for 64
30000/50000 128

with PTW attack of course

BackTrack Linux - Penetration Testing Distribution

Thread: If 30,000 ivs are good, isn't 40,000 better?

Thread Tools

Search Thread

Display

If 30,000 ivs are good, isn't 40,000 better?

Posting Permissions