RE: Wireless Pentest Question

From: Harshul Nayak (
Date: 02/07/05

  • Next message: Philip Wagenaar: "Re: Betr.: Exploiting C# Issues"
    To: "'Arvind Sood'" <>, <>
    Date: Mon, 7 Feb 2005 10:08:09 +0530

    hello arvind,

    To crack the WEP key you would need approximately 5-10 million encrypted
    packets to be gathered as mentioned by AirSnort (

    Also try aircrack ( to generate
    traffic and it's one of the fastest WEP cracking tool.


    CRL (Computer Crime Research Lab)
    Patni Computer Systems Limited,India.

    -----Original Message-----
    From: Arvind Sood []
    Sent: Saturday, February 05, 2005 8:43 PM
    Subject: Wireless Pentest Question


    Based on recent mails regarding articles found here for wireless pen
    testing. Using all the tools desribed here requires capturing
    interesting packets (unique RC4 IV) in a packet capture.

     The problem relates to creating traffic on a wireless network in case
    you dont find a lot of traffic for a good capture. Is there any way
    you can create traffic on a WEP network without knowing
    - the IP Address (address range) the Access Point and wireless clients
    are using
    - the WEP key being used (makes sense - that is why you are running a WEP

    The closest I see of this is the aireplay tool (this can be found on
    the AUDITOR CD mentioned in teh article). This basically replays any
    arp requests found in a capture. However I could not get aireplay to
    run (gave me a Segmentation error).

    of course WEP uses a session key - so session replay is not a
    possibility. Does anyone know of any tool/ method to create wireless
    traffic to assist in a good capture

    Best regards
    World-Wide Partnerships. World-Class Solutions.

    This e-mail message may contain proprietary, confidential or legally
    privileged information for the sole use of the person or entity to
    whom this message was originally addressed. Any review, e-transmission
    dissemination or other use of or taking of any action in reliance upon
    this information by persons or entities other than the intended
    recipient is prohibited. If you have received this e-mail in error
    kindly delete this e-mail from your records. If it appears that this
    mail has been forwarded to you without proper authority, please notify
    us immediately at and delete this mail.

  • Next message: Philip Wagenaar: "Re: Betr.: Exploiting C# Issues"