Page 2 of 3

PostPosted: Sun Mar 25, 2007 11:54 am
by beakmyn
How is cracking wep = breaking into the router?

PostPosted: Sun Mar 25, 2007 12:12 pm
by itsnotme
nws0291 wrote:Thanks guys for all your help. I'm currently at 120K unique IV's and tried a few weak scheduling attacks with no luck yet. My roomate keeps telling me I can't break into his router. I know I will soon enough :p to demonstrate how weak WEP is.


You're over complicating the problem. Just sneer at him, walk over to his router and unplug it and walk away with it.

PostPosted: Sun Mar 25, 2007 2:10 pm
by nws0291
beakmyn wrote:How is cracking wep = breaking into the router?


Because he left the default login to the web interface. once I crack it I'll just change the bssid to his wep key :P

PostPosted: Sun Mar 25, 2007 3:28 pm
by streaker69
nws0291 wrote:Because he left the default login to the web interface. once I crack it I'll just change the bssid to his wep key :P


Wouldn't it be easier just to reset it back to defaults?

PostPosted: Sun Mar 25, 2007 3:33 pm
by Beard
Roommate(?)>" You can't break into my router."
OP> "Sure I can."
Roommate(?)[as he activates/switches to WPA/AES]> " I don't think so."

PostPosted: Sun Mar 25, 2007 5:15 pm
by nws0291
streaker69 wrote:Wouldn't it be easier just to reset it back to defaults?

Yeah I'm just proving that wep is weak so he should switch to WPA which is less weak.

PostPosted: Sun Mar 25, 2007 5:17 pm
by streaker69
nws0291 wrote:Yeah I'm just proving that wep is weak so he should switch to WPA which is less weak.


If you haven't cracked it yet, then it must not be as weak as you think.

PostPosted: Sun Mar 25, 2007 5:33 pm
by theprez98
nws0291 wrote:Yeah I'm just proving that wep is weak so he should switch to WPA which is less weak.

WEP can be cracked?!

PostPosted: Sun Mar 25, 2007 5:34 pm
by Dutch
theprez98 wrote:WEP can be cracked?!

Only if you smoke it, and then it'll show up in the peepen-test.

Dutch

PostPosted: Mon Mar 26, 2007 4:17 am
by beakmyn
theprez98 wrote:WEP can be cracked?!


Not if the new Daylight Savings Time fix has been applied. It makes WEP almost as strong as WPA.

PostPosted: Mon Mar 26, 2007 4:30 am
by Dutch
beakmyn wrote:Not if the new Daylight Savings Time fix has been applied. It makes WEP almost as strong as WPA.

You are SOOOOO banned with that new avatar... I just spewed coffee over the new cushions on the front porch furniture. Oh and coffee coming out the nose does burn like hell in the nostrils...

Dutch

PostPosted: Mon Mar 26, 2007 5:56 am
by Barry
Dutch wrote:You are SOOOOO banned with that new avatar... I just spewed coffee over the new cushions on the front porch furniture. Oh and coffee coming out the nose does burn like hell in the nostrils...

Dutch



If you'd let it cool off, and not drink it straight from the carafe it's not as bad.

PostPosted: Tue Mar 27, 2007 5:10 pm
by nws0291
Just for an Update the WEP has been cracked. For some reason reinjection worked while I was away from the computer for an hour but failed to work the past 3 days. I went from 200K to 600K unique IV in an hour. It had no problem cracking in less than 6 seconds :P

PostPosted: Tue Mar 27, 2007 5:25 pm
by gm2net
nws0291 wrote:Just for an Update the WEP has been cracked. For some reason reinjection worked while I was away from the computer for an hour but failed to work the past 3 days. I went from 200K to 600K unique IV in an hour. It had no problem cracking in less than 6 seconds :P


It needs the right type of packet (e.g. an ARP packet that generates a response). When you've got that packet, and it gets a response when it's placed back in, it works. If you're using a prism2 card, it also needs to have been sent as an 802.11b packet, not a g packet.

The problem being that the Prism2 chipset is 802.11b only.

We did play with the idea of capturing on the inbuilt AirPort hardware, and resending the packet on the prism2 card, but this would not be as straight forward as it appears. We also figured that getting an 802.11g USB card supported was a better idea. The Ralink driver is a little buggy, but it works. Also, ZyDas card support was somewhere on the list, you may see that someday.

Ralink cards will be supported for injection soon - keep an eye open for that.

PostPosted: Tue Mar 27, 2007 6:22 pm
by nws0291
gm2net wrote:It needs the right type of packet (e.g. an ARP packet that generates a response). When you've got that packet, and it gets a response when it's placed back in, it works. If you're using a prism2 card, it also needs to have been sent as an 802.11b packet, not a g packet.

The problem being that the Prism2 chipset is 802.11b only.

We did play with the idea of capturing on the inbuilt AirPort hardware, and resending the packet on the prism2 card, but this would not be as straight forward as it appears. We also figured that getting an 802.11g USB card supported was a better idea. The Ralink driver is a little buggy, but it works. Also, ZyDas card support was somewhere on the list, you may see that someday.

Ralink cards will be supported for injection soon - keep an eye open for that.


Yeah that makes sense now! I did first try with a D-Link dwl-g122 but had no luck. I was also $40 more than the prism2. I will try it again in the future when the driver support is there and the bugs smoothed out. Thanks for the info.