NetStumbler.org Forums - View Single Post

billyblue · 01-16-2003

The WEP cracking menu items only come on after you receive some weak frames... from the site:

Why are the crack menus disabled, is it not supported in anymore KisMAC?

The crack menu will be enabled, automatically, whenever it makes sense. You will need to gather a couple of weak packets to enable it.

Why do you not support cracking of 128bit or 64 bit keys?

Because you do not understand too much of WEP, do you? We just do not follow the marketing gag of most wireless companies. Their key 128bit key is a 104bit secret key plus a 24 bit iv, which is submitted in plain text. The same applies to 64bit. However there are the occasional good apples, nokia for an example has 128 bit + 24 bit iv, but we do not have any hardware to test the algorithms on them.

How many weak keys do I need to crack WEP?

Tough question. That is statistics. Each weak packet can revel one certain byte of the key. Depending on the key, the data and the initialization vector we can only determine the key byte with a certain probability (about 5%). In theory you will need only 5 weak packets for a 40 bit-Key, however the practical number is normally about 500-1000 times higher.

Why does my network not generate weak frames?

Weak initialization vectors are not evenly distributed over the key space, therefore you just might have bad luck. There are not many weak initialization vectors anyways, way less than 0.01% are interesting. However there might be another reason: (un)fortunately the WiFi-industry reacted to the problem. Some newer card do not generate weak frames anymore. Particularly the Lucent cards are affected.

bb

01-16-2003	#11 (permalink)
billyblue stumble, sniff, audit awa Join Date: Dec 2002 Posts: 19	WEP cracking w/ KisMAC The WEP cracking menu items only come on after you receive some weak frames... from the site: Why are the crack menus disabled, is it not supported in anymore KisMAC? The crack menu will be enabled, automatically, whenever it makes sense. You will need to gather a couple of weak packets to enable it. Why do you not support cracking of 128bit or 64 bit keys? Because you do not understand too much of WEP, do you? We just do not follow the marketing gag of most wireless companies. Their key 128bit key is a 104bit secret key plus a 24 bit iv, which is submitted in plain text. The same applies to 64bit. However there are the occasional good apples, nokia for an example has 128 bit + 24 bit iv, but we do not have any hardware to test the algorithms on them. How many weak keys do I need to crack WEP? Tough question. That is statistics. Each weak packet can revel one certain byte of the key. Depending on the key, the data and the initialization vector we can only determine the key byte with a certain probability (about 5%). In theory you will need only 5 weak packets for a 40 bit-Key, however the practical number is normally about 500-1000 times higher. Why does my network not generate weak frames? Weak initialization vectors are not evenly distributed over the key space, therefore you just might have bad luck. There are not many weak initialization vectors anyways, way less than 0.01% are interesting. However there might be another reason: (un)fortunately the WiFi-industry reacted to the problem. Some newer card do not generate weak frames anymore. Particularly the Lucent cards are affected. bb