if you launch it without args it will send arps [no internet host required]. I personally prefer inet flood. If you’re paranoid, you can spoof the inet ip while flooding…

There are still only a few ways to crack WEP and all require lots (at least 10000 packets) of data to work reasonably.

Weak keys (airsnort) are old-hat and all modern 802.11 devices avoid them. Aircrack and the new breed use roughly 17 statistical anomolies to improve on the brute force chance of a guessing a key. Their technique isn’t perfect but it does work suprisingly well.

The ARP attack involved waiting for a packet that was the same length as an ARP packet and replaying it to the network. If it was an ARP packet, it would cause the remote host to send an ARP response packet with a unique IV. This can be done repeatedly to get the required 10000-100000 packets for WEP cracking, at which time you run aircrack.

His is just another variation where he injects traffic from the internet to get enough packets to break WEP.

It won’t work if the AP is behind a firewall or NAT router. It won’t work if he can’t determine the networks IP range.

I think he’s combining another attack where you decode the contents of a single packet by sending increasingly longer dummy packets into the network and decode the packet contents one byte at a time. After that you have an IP for the internal network and you can use that to launch an Internet-initiated flood.

I’m pretty sure it would still be better to use the ARP attack over this method, if only because this method requires a host on the Internet which is going to have to flood something, setting off all sorts of alarm bells and big flashing lights.

Who the hell uses WEP anyway these days?

How do we get it? *nux only right?

cya guys!

How do we get it? *nux only right?

cya guys!