Originally Posted by KoreK

Theory works like this: You decrypt packets, you get network info from packets (IP addresses for now, I have not written the NetBIOS/IPX/whatever protocol extension yet), you do whatever injection attacks you see fit. Since decoding time depends on the length of the packet, the shorter packet the better. The type of packet doesn't really matter, knowing IPs is enough. It is more interesting to get packets from/to different MACs on the wireless network. If you got MAC's, IP's and a prga, you can inject any type of ARP you want, you can scan ports, or whatever you can think of...