Re: Wireless Pentest Question

[Erik Winkler <ewinkler () erols com>]

Arvind,

Better yet, if you have access to an Apple laptop, use KisMAC 
(http://kismac.binaervarianz.de/).  The latest  alpha (beta in my 
opinion) version is available at http://alpha.binaervarianz.de/ and 
supports the enhanced FMS WEP attacks used in Airsnort and Aircrack.  
It can also generate traffic like aircrack, but can accomplish this 
using a single Prism2 PCMCIA or USB device instead of the 2 required by 
aircrack (aireplay).  Also supports dictionary attack testing against 
WPA, LEAP, and 128-bit WEP protected networks.

Erik

On Feb 6, 2005, at 11:38 PM, Harshul Nayak wrote:

> hello arvind,
>
> To crack the WEP key you would need approximately 5-10 million 
> encrypted
> packets to be gathered as mentioned by AirSnort 
> (http://airsnort.shmoo.com/)
>
> Also try aircrack (http://www.cr0.net:8040/code/network/) to generate
> traffic and it's one of the fastest WEP cracking tool.
>
> cheers
> Harshul
>
> CRL (Computer Crime Research Lab)
> Patni Computer Systems Limited,India.
>
> -----Original Message-----
> From: Arvind Sood [mailto:asood74 () gmail com]
> Sent: Saturday, February 05, 2005 8:43 PM
> To: pen-test () securityfocus com
> Subject: Wireless Pentest Question
>
>
> Hi,
>
> Based on recent mails regarding articles found here for wireless pen
> testing. Using all the tools desribed here requires capturing
> interesting packets (unique RC4 IV) in a packet capture.
>
> http://www.securityfocus.com/infocus/1814
>
>  The problem relates to creating traffic on a wireless network in case
> you dont find a lot of traffic for a good capture. Is there any way
> you can create traffic on a WEP network without knowing
> - the IP Address (address range) the Access Point and wireless clients
> are using
> - the WEP key being used (makes sense - that is why you are running a 
> WEP
> crack)
>
> The closest I see of this is the aireplay tool (this can be found on
> the AUDITOR CD mentioned in teh article). This basically replays any
> arp requests found in a capture. However I could not get aireplay to
> run (gave me a Segmentation error).
>
> of course WEP uses a session key - so session replay is not a
> possibility. Does anyone know of any tool/ method to create wireless
> traffic to assist in a good capture
>
> Best regards
> Arvind
>
>
>
> http://www.patni.com
> World-Wide Partnerships. World-Class Solutions.
> _____________________________________________________________________
>
> This e-mail message may contain proprietary, confidential or legally
> privileged information for the sole use of the person or entity to
> whom this message was originally addressed. Any review, e-transmission
> dissemination or other use of or taking of any action in reliance upon
> this information by persons or entities other than the intended
> recipient is prohibited. If you have received this e-mail in error
> kindly delete  this e-mail from your records. If it appears that this
> mail has been forwarded to you without proper authority, please notify
> us immediately at netadmin () patni com and delete this mail.
> _____________________________________________________________________