Kismac re-injection help

Postby beakmyn » Sun Mar 25, 2007 11:54 am

How is cracking wep = breaking into the router?
beakmyn
 
Posts: 4858
Joined: Sun Aug 03, 2003 1:53 pm

Postby itsnotme » Sun Mar 25, 2007 12:12 pm

nws0291 wrote:Thanks guys for all your help. I'm currently at 120K unique IV's and tried a few weak scheduling attacks with no luck yet. My roomate keeps telling me I can't break into his router. I know I will soon enough :p to demonstrate how weak WEP is.


You're over complicating the problem. Just sneer at him, walk over to his router and unplug it and walk away with it.
User avatar
itsnotme
 
Posts: 1074
Joined: Wed Sep 04, 2002 10:19 pm
Location: Somewhere below Lake Ontario

Postby nws0291 » Sun Mar 25, 2007 2:10 pm

beakmyn wrote:How is cracking wep = breaking into the router?


Because he left the default login to the web interface. once I crack it I'll just change the bssid to his wep key :P
nws0291
Mini Stumbler
 
Posts: 10
Joined: Fri Mar 16, 2007 10:02 am

Postby streaker69 » Sun Mar 25, 2007 3:28 pm

nws0291 wrote:Because he left the default login to the web interface. once I crack it I'll just change the bssid to his wep key :P


Wouldn't it be easier just to reset it back to defaults?
Treat your gun like your genitals, only whip it out when it's absolutely necessary.
User avatar
streaker69
 
Posts: 11867
Joined: Thu Jul 08, 2004 10:09 am
Location: Virginville, BlueBall, Bird In Hand, Intercourse, Paradise, PA

Postby Beard » Sun Mar 25, 2007 3:33 pm

Roommate(?)>" You can't break into my router."
OP> "Sure I can."
Roommate(?)[as he activates/switches to WPA/AES]> " I don't think so."
Beard

"We hold these truths to be self evident"....
Religous: "Thou shalt not steal."
Amish: "You shall burn in hell for theft of wifi." {courtesy streaker69}
Secular: What's on the books. {courtesy beakmyn}
Redneck; "Thievin' bastard, [blam, blam]"

Solutions for the most common problems or questions of new members are here, here, and here .
Beard
 
Posts: 339
Joined: Mon May 16, 2005 6:34 pm
Location: Ozark mountains, Arkansas

Postby nws0291 » Sun Mar 25, 2007 5:15 pm

streaker69 wrote:Wouldn't it be easier just to reset it back to defaults?

Yeah I'm just proving that wep is weak so he should switch to WPA which is less weak.
nws0291
Mini Stumbler
 
Posts: 10
Joined: Fri Mar 16, 2007 10:02 am

Postby streaker69 » Sun Mar 25, 2007 5:17 pm

nws0291 wrote:Yeah I'm just proving that wep is weak so he should switch to WPA which is less weak.


If you haven't cracked it yet, then it must not be as weak as you think.
Treat your gun like your genitals, only whip it out when it's absolutely necessary.
User avatar
streaker69
 
Posts: 11867
Joined: Thu Jul 08, 2004 10:09 am
Location: Virginville, BlueBall, Bird In Hand, Intercourse, Paradise, PA

Postby theprez98 » Sun Mar 25, 2007 5:33 pm

nws0291 wrote:Yeah I'm just proving that wep is weak so he should switch to WPA which is less weak.

WEP can be cracked?!
[font="Courier New"]"\x74\x68\x65\x70\x72\x65\x7a\x39\x38";[/font]
User avatar
theprez98
 
Posts: 3638
Joined: Tue Jan 11, 2005 8:23 pm
Location: Maryland

Postby Dutch » Sun Mar 25, 2007 5:34 pm

theprez98 wrote:WEP can be cracked?!

Only if you smoke it, and then it'll show up in the peepen-test.

Dutch
All your answers are belong to Google. SEARCH DAMMIT!
Warning. Warning.
Low C8H10N4O2 level detected. Operator halted....
User avatar
Dutch
 
Posts: 6698
Joined: Fri Mar 05, 2004 12:00 pm
Location: City of Mermaids, Denmark

Postby beakmyn » Mon Mar 26, 2007 4:17 am

theprez98 wrote:WEP can be cracked?!


Not if the new Daylight Savings Time fix has been applied. It makes WEP almost as strong as WPA.
beakmyn
 
Posts: 4858
Joined: Sun Aug 03, 2003 1:53 pm

Postby Dutch » Mon Mar 26, 2007 4:30 am

beakmyn wrote:Not if the new Daylight Savings Time fix has been applied. It makes WEP almost as strong as WPA.

You are SOOOOO banned with that new avatar... I just spewed coffee over the new cushions on the front porch furniture. Oh and coffee coming out the nose does burn like hell in the nostrils...

Dutch
All your answers are belong to Google. SEARCH DAMMIT!
Warning. Warning.
Low C8H10N4O2 level detected. Operator halted....
User avatar
Dutch
 
Posts: 6698
Joined: Fri Mar 05, 2004 12:00 pm
Location: City of Mermaids, Denmark

Postby Barry » Mon Mar 26, 2007 5:56 am

Dutch wrote:You are SOOOOO banned with that new avatar... I just spewed coffee over the new cushions on the front porch furniture. Oh and coffee coming out the nose does burn like hell in the nostrils...

Dutch



If you'd let it cool off, and not drink it straight from the carafe it's not as bad.
Never do anything you don't want to explain to the paramedics.
User avatar
Barry
 
Posts: 5713
Joined: Sat Dec 28, 2002 11:10 pm
Location: Ohio

Postby nws0291 » Tue Mar 27, 2007 5:10 pm

Just for an Update the WEP has been cracked. For some reason reinjection worked while I was away from the computer for an hour but failed to work the past 3 days. I went from 200K to 600K unique IV in an hour. It had no problem cracking in less than 6 seconds :P
nws0291
Mini Stumbler
 
Posts: 10
Joined: Fri Mar 16, 2007 10:02 am

Postby gm2net » Tue Mar 27, 2007 5:25 pm

nws0291 wrote:Just for an Update the WEP has been cracked. For some reason reinjection worked while I was away from the computer for an hour but failed to work the past 3 days. I went from 200K to 600K unique IV in an hour. It had no problem cracking in less than 6 seconds :P


It needs the right type of packet (e.g. an ARP packet that generates a response). When you've got that packet, and it gets a response when it's placed back in, it works. If you're using a prism2 card, it also needs to have been sent as an 802.11b packet, not a g packet.

The problem being that the Prism2 chipset is 802.11b only.

We did play with the idea of capturing on the inbuilt AirPort hardware, and resending the packet on the prism2 card, but this would not be as straight forward as it appears. We also figured that getting an 802.11g USB card supported was a better idea. The Ralink driver is a little buggy, but it works. Also, ZyDas card support was somewhere on the list, you may see that someday.

Ralink cards will be supported for injection soon - keep an eye open for that.
gm2net
Mini Stumbler
 
Posts: 39
Joined: Mon Mar 19, 2007 12:49 am

Postby nws0291 » Tue Mar 27, 2007 6:22 pm

gm2net wrote:It needs the right type of packet (e.g. an ARP packet that generates a response). When you've got that packet, and it gets a response when it's placed back in, it works. If you're using a prism2 card, it also needs to have been sent as an 802.11b packet, not a g packet.

The problem being that the Prism2 chipset is 802.11b only.

We did play with the idea of capturing on the inbuilt AirPort hardware, and resending the packet on the prism2 card, but this would not be as straight forward as it appears. We also figured that getting an 802.11g USB card supported was a better idea. The Ralink driver is a little buggy, but it works. Also, ZyDas card support was somewhere on the list, you may see that someday.

Ralink cards will be supported for injection soon - keep an eye open for that.


Yeah that makes sense now! I did first try with a D-Link dwl-g122 but had no luck. I was also $40 more than the prism2. I will try it again in the future when the driver support is there and the bugs smoothed out. Thanks for the info.
nws0291
Mini Stumbler
 
Posts: 10
Joined: Fri Mar 16, 2007 10:02 am

PreviousNext

Return to Mac OS

Who is online

Users browsing this forum: No registered users and 1 guest