Quote:
|
Originally Posted by c0rnholio
Right, I've noticed MAC-change on every byte it decrypts. But I did not sniff the network. I sniffed with another notebook, unassociated and not part of my WLAN.
|
2500 packet in 10 minutes is a bit slow.
If it's firmware related (it's still the firmware that decides when to send packets), I have to try another test mode which might work better. Well, I'll try it when I finished polishing things up (mainly making the hostap patch work), last thing I need now is a dead card.
And of course, I have to re-read/brush-up the code, I know that there's something wrong with the timing. It didn't have any impact on my test, but who knows...
Quote:
|
I can tell you that it works with -n and without beeing associated. Used the UDP DHCP Request and it decodes the packet in no time (about 20-30 sec). Nice work!
|
Now that's good news. In the dumps and chopchop output, did you notice any difference between associated attack and non associated attack?
. in chopchop output, "number of frame written" is greater, or above 256.
. in the dumps, excessive retransmission, or the retry flag is set on some frame.
. average time inbetween two chopchop packets
. the way the ap is responding
. Or anything else...
Thanks, KoreK.