lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <003b01c73a1f$ea58bdf0$466f6f0a@offwork>
Date: Wed, 17 Jan 2007 13:11:54 +0300
From: "noreply" <noreply@...ecurity.ru>
To: <full-disclosure@...ts.grok.org.uk>, <bugtraq@...urityfocus.com>,
	<wifisec@...urityfocus.com>
Subject: New tool for "evil twins" wireless attacks

Wep0ff is new tool to crack WEP-key without access to AP by mount fake 
access point attack against WEP-based wireless clients.
http://www.ptsecurity.ru/download/wepoff.tar.gz
It uses combination of fragmentation and evil twin attacks to generate 
traffic which can be used for KoreK-style WEP-key recovery.

>>From readme:
This tool can be used to mount fake access point attack against WEP-based 
wireless clients.
Using Atheros wireless cards in Linux.
For details check http://www.securitylab.ru/analytics/287596.php (Russian)
Written by Sergey Gordeychik <gordey (at) ptsecurity (dot) com>
Released under a BSD Licence

This code tested patched madwifi-old drivers with athraw support, but also 
works with madwifi-ng. With madwifi-ng you need to create two virtual
interfaces: one in master mode (for fake AP) and second in monitor mode (to 
listen on).

How to Use:
1. Setup fake AP with KARMA tools or iwconfig
iwpriv ath0 mode 2
iwconfig ath0 mode master essid foo enc 1122334455 channel 7
echo 1 > /proc/sys/dev/ath0/rawdev
echo 1 > /proc/sys/dev/ath0/rawdev_type
ifconfig ath0
up ifconfig ath0raw up
2. Start this program (./wep0ff ath0raw 00:01:02:03:04:05)
3. Wait until client connect to fake access point
4. Launch airodump-ng to collect packets
5. Launch aircrack-ng to recover WEP key 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ