EH-Net

Ethical Hacking Discussions and Related Certifications => Network Pen Testing => Topic started by: BillV on January 28, 2007, 08:43:46 AM


Title: WEP Cracking
Post by: BillV on January 28, 2007, 08:43:46 AM
I know there's a post about this below, so I'll try to keep this as general as I can without knowing what the other posters intentions are.

I must be doing something wrong, because it's taking a loooong time to collect enough weak IVs. I've scanned and found the target SSID/MAC and associated client MACs. Then I start to capture the traffic, followed by sending traffic, and I'm just not really getting anywhere.

I must have spent at least 30 mins and only collected 55K or so. If someone can help, or wants more info, I can do so in pm.

Also, I'm only running the 64-bit and have 2 other clients connected when trying this. Could it be that there's just not enough traffic?

Thanks for any help.

Title: Re: WEP Cracking
Post by: Kev on January 28, 2007, 10:05:45 AM
If there is little traffic on the network you won’t get many IVs. As a test to see if that’s the problem, start downloading a big file like a linux distro or something and see if it picks up.  If it does then you know your problem is due to a lack of traffic.  Then its time to start using aireplay.  The longest time I have ever taken to crack Wep even on the least active networks is an hour and often way less than that.

Title: Re: WEP Cracking
Post by: BillV on January 28, 2007, 10:20:32 AM
Heh, funny that you mention that as that's exactly what I did. I started downloading ISO's on both of the client laptops so I had some constant traffic. That helped at the beginning to start gathering a more steady amount, but I still didn't get the end result I wanted. I'd imagine it's just like you said, due to the low traffic.

Title: Re: WEP Cracking
Post by: slimjim100 on January 29, 2007, 06:26:08 AM
One other thing to think about is newer AP's leak fewer and fewer IV packets. I have seen some newer netgear AP's leak very little IV packets while an older Linksys just spills them all over. Another thing to keep in mind is that the better signal you have the more IV Packets you will be able to see. If you are using windows I do not think you can use aireplay. Most of your best free tools are gong to be for Linux. Anyway I wish you luck and have fun.

Brian

Title: Re: WEP Cracking
Post by: BillV on January 29, 2007, 07:44:30 AM
I didn't take into consideration that newer AP's leak fewer IV's, but the wireless Linksys router I'm using isn't too new. My signal strength was fine, as I was sitting one floor above my wireless router with 3 laptops (2 clients, 1 attacker). I wasn't using Windows. Thanks for the tips :)


Powered by SMF 1.1.18 | SMF © 2013, Simple Machines
Joomla Bridge by JoomlaHacks.com