Is this the Arp Spoofing linked on the security section of the site? Any way to get a real translation, ie non Bablefish?

Posted at 12:22 am on Sep 18th, 2005 by CDE

This some crazy biznatch! Automated WEP cracking under 5 mins…wow. Its not really cracking anymore. It takes 5 minutes to get connected sometimes…

Posted at 1:27 am on Sep 18th, 2005 by Brandon

Well…where can we get this automated WEP cracking app?

Posted at 1:43 am on Sep 18th, 2005 by k00zk0

I was searching o his site, but didnt find it.

How do we get it? *nux only right?

cya guys!

Posted at 1:56 am on Sep 18th, 2005 by Gouki

I was searching o his site, but didnt find it.

How do we get it? *nux only right?

cya guys!

Posted at 1:57 am on Sep 18th, 2005 by Gouki

yeah…where is it?

Posted at 2:47 am on Sep 18th, 2005 by Brandon

I used to be really interested in this stuff but this is over sensationalised…

There are still only a few ways to crack WEP and all require lots (at least 10000 packets) of data to work reasonably.

Weak keys (airsnort) are old-hat and all modern 802.11 devices avoid them. Aircrack and the new breed use roughly 17 statistical anomolies to improve on the brute force chance of a guessing a key. Their technique isn’t perfect but it does work suprisingly well.

The ARP attack involved waiting for a packet that was the same length as an ARP packet and replaying it to the network. If it was an ARP packet, it would cause the remote host to send an ARP response packet with a unique IV. This can be done repeatedly to get the required 10000-100000 packets for WEP cracking, at which time you run aircrack.

His is just another variation where he injects traffic from the internet to get enough packets to break WEP.

It won’t work if the AP is behind a firewall or NAT router. It won’t work if he can’t determine the networks IP range.

I think he’s combining another attack where you decode the contents of a single packet by sending increasingly longer dummy packets into the network and decode the packet contents one byte at a time. After that you have an IP for the internal network and you can use that to launch an Internet-initiated flood.

I’m pretty sure it would still be better to use the ARP attack over this method, if only because this method requires a host on the Internet which is going to have to flood something, setting off all sorts of alarm bells and big flashing lights.

Who the hell uses WEP anyway these days?

Posted at 11:01 am on Sep 18th, 2005 by gbag

You have given me a very interesting insight. Now I am looking forward to trying it out. Thanks buddy!

Posted at 2:27 am on Sep 19th, 2005 by Amber

http://darkircop.org/frag-0.1.tgz

if you launch it without args it will send arps [no internet host required]. I personally prefer inet flood. If you’re paranoid, you can spoof the inet ip while flooding…

Posted at 5:29 pm on Sep 20th, 2005 by sorbo

Lots of people still use WEP.(dunno why, ignorance i guess) the worrying thing is……. well known high st banks in the heart of London are still using WEP.
oh and BTW 5 mins doesn’t impress me, my record stands at 3min 28secs for 104 bit WEP.
i love those crappy bthomehubs!! ;-)

Posted at 11:49 am on Aug 12th, 2007 by coreUK

@coreUK
Sometimes its for backwards compatibility. If there were a way to put my 802.11B only devices (2 pocket PCs print server and a few other things) on an isolated part of my network for internet only, I would because I wouldn’t mind going N or WPA-PSK and all that

Posted at 1:08 am on Oct 24th, 2007 by aw