Penetration Testing mailing list archives
Re: wireless WEP crack.
From: Joshua Wright <jwright () hasborg com>
Date: Tue, 21 Jun 2005 12:34:32 -0400
KoreK started to implement this attack in chopchop (which is basically an inverse adaptive chosen plaintext attack), but I haven't seen a released version of chopchop that had this attack completed. If you are interested in implementing this attack, you might consider finishing where KoreK started. Chopchop v0.1 is available at http://www.netstumbler.org/showthread.php?t=12489.
Note that the concept of traditionally weak IV's (b+3:ff:n) has largely been deprecated. Tools such as Aircrack and WepLab use a much larger group of IV's to recover the WEP key, making it impossible to filter all the new classes of "weak IV" possibilities (as this would significantly reduce the overall IV space for WEP).
-Josh Michael Sierchio wrote:
Just out of curiosity, are there tools available to mount the adaptive chosen plaintext attack against WEP? This attack always succeeds, and is not dependent on weak keys.
-- -Joshua Wright jwright () hasborg com http://home.jwu.edu/jwright/ pgpkey: http://home.jwu.edu/jwright/pgpkey.htm fingerprint: FDA5 12FC F391 3740 E0AE BDB6 8FE2 FC0A D44B 4A73 Today I stumbled across the world's largest hotspot. The SSID is "linksys".
Current thread:
- wireless WEP crack. Gwanghoon Kim (Jun 20)
- Re: wireless WEP crack. David Rajoo (Jun 20)
- RE: wireless WEP crack. Victor Chapela (Jun 20)
- Re: wireless WEP crack. Michael Sierchio (Jun 21)
- Re: wireless WEP crack. Joshua Wright (Jun 21)
- <Possible follow-ups>
- RE: wireless WEP crack. rhorak (Jun 20)
- RE: wireless WEP crack. Ezequiel Sallis (Jun 20)
- Re: wireless WEP crack. Daniel Reynaud-Plantey (Jun 20)
- RE: wireless WEP crack. Sbc Global (Jun 21)