RE: Wireless Pentest Question

From: Harshul Nayak (Harshul.Nayak_at_patni.com)
Date: 02/07/05

  • Next message: Philip Wagenaar: "Re: Betr.: Exploiting C# Issues"
    To: "'Arvind Sood'" <asood74@gmail.com>, <pen-test@securityfocus.com>
    Date: Mon, 7 Feb 2005 10:08:09 +0530
    
    
    

    hello arvind,

    To crack the WEP key you would need approximately 5-10 million encrypted
    packets to be gathered as mentioned by AirSnort (http://airsnort.shmoo.com/)

    Also try aircrack (http://www.cr0.net:8040/code/network/) to generate
    traffic and it's one of the fastest WEP cracking tool.

    cheers
    Harshul

    CRL (Computer Crime Research Lab)
    Patni Computer Systems Limited,India.

    -----Original Message-----
    From: Arvind Sood [mailto:asood74@gmail.com]
    Sent: Saturday, February 05, 2005 8:43 PM
    To: pen-test@securityfocus.com
    Subject: Wireless Pentest Question

    Hi,

    Based on recent mails regarding articles found here for wireless pen
    testing. Using all the tools desribed here requires capturing
    interesting packets (unique RC4 IV) in a packet capture.

    http://www.securityfocus.com/infocus/1814

     The problem relates to creating traffic on a wireless network in case
    you dont find a lot of traffic for a good capture. Is there any way
    you can create traffic on a WEP network without knowing
    - the IP Address (address range) the Access Point and wireless clients
    are using
    - the WEP key being used (makes sense - that is why you are running a WEP
    crack)

    The closest I see of this is the aireplay tool (this can be found on
    the AUDITOR CD mentioned in teh article). This basically replays any
    arp requests found in a capture. However I could not get aireplay to
    run (gave me a Segmentation error).

    of course WEP uses a session key - so session replay is not a
    possibility. Does anyone know of any tool/ method to create wireless
    traffic to assist in a good capture

    Best regards
    Arvind

    http://www.patni.com
    World-Wide Partnerships. World-Class Solutions.
    _____________________________________________________________________

    This e-mail message may contain proprietary, confidential or legally
    privileged information for the sole use of the person or entity to
    whom this message was originally addressed. Any review, e-transmission
    dissemination or other use of or taking of any action in reliance upon
    this information by persons or entities other than the intended
    recipient is prohibited. If you have received this e-mail in error
    kindly delete this e-mail from your records. If it appears that this
    mail has been forwarded to you without proper authority, please notify
    us immediately at netadmin@patni.com and delete this mail.
    _____________________________________________________________________


  • Next message: Philip Wagenaar: "Re: Betr.: Exploiting C# Issues"

    Relevant Pages

    • Re: radius+ wireless
      ... Subject: radius+ wireless ... There is software and hardware that lets you cycle your WEP key. ... i mean if my customer is ... Every wireless sends out Becaon Packets. ...
      (Security-Basics)
    • Re: Wireless Pentest Question
      ... WPA, LEAP, and 128-bit WEP protected networks. ... > Subject: Wireless Pentest Question ... > The problem relates to creating traffic on a wireless network in case ... > you dont find a lot of traffic for a good capture. ...
      (Pen-Test)
    • RE: Wireless wep crackin on windows
      ... WEP attacks based on IV Collisions ... would give you full access to a WEP encrypted wireless LAN ... It relies on the lack of integrity checks for the wireless packets ... The attack does not require you to crack any WEP key and uses ...
      (Pen-Test)
    • I cannot connet to Wireless Access Point
      ... I am using Dell Laptop 610C and AzTech USB wireless adapter. ... Two of them are protected via WEP and one is open. ... how can I capture the packets. ...
      (alt.internet.wireless)
    • Re: Wireless Pentest Question
      ... > The problem relates to creating traffic on a wireless network in case ... > you dont find a lot of traffic for a good capture. ... > you can create traffic on a WEP network without knowing ... > Best regards ...
      (Pen-Test)