Aircrack-ng

User Tools

Site Tools

Trace:
airdecloak-ng

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision		Previous revision
Next revisionBoth sides next revision
airdecloak-ng [2008/11/06 03:35] – created mister_xairdecloak-ng [2008/12/27 00:04] – aircrack-ng.exe -> aircrack-ng mister_x
Line 1: Line 1:
 ====== Airdecloak-ng ====== ====== Airdecloak-ng ======
 +
 ===== Description ===== ===== Description =====
  
-Airdecloak-ng is a tool that removes wep cloaking from a pcap file. Some WIPS (actually one) can actively "prevent" cracking a WEP key by inserting chaff (fake wep frames) in the air to fool aircrack-ng. In some rare cases, cloaking fails and the key can be recovered without removing this chaff. In the cases where the key cannot be recovered, use this tool to filter out chaff.+Airdecloak-ng is a tool that removes wep cloaking from a pcap file. Some WIPS (actually one) actively "prevent" cracking a WEP key by inserting chaff (fake wep frames) in the air to fool aircrack-ng. In some rare cases, cloaking fails and the key can be recovered without removing this chaff. In the cases where the key cannot be recovered, use this tool to filter out chaff.
  
 The program works by reading the input file and selecting packets from a specific network. The program works by reading the input file and selecting packets from a specific network.
Line 57: Line 58:
 |--disable-base_filter|Disable the base filter.| |--disable-base_filter|Disable the base filter.|
 |--drop-frag|Drop all fragmented packets. In most networks, fragmentation is not needed.| |--drop-frag|Drop all fragmented packets. In most networks, fragmentation is not needed.|
 +
  
 ==== Tests ==== ==== Tests ====
Line 62: Line 64:
 === Capturing traffic === === Capturing traffic ===
  
-Destroy all VAP +Destroy all VAP (only needed for madwifi-ng):
   airmon-ng stop ath0   airmon-ng stop ath0
  
Line 80: Line 82:
  
 === Trying to crack the WEP key === === Trying to crack the WEP key ===
-  aircrack-ng.exe wep_cloaking_full_speed_dl.pcap -b 00:12:BF:12:32:29 -K -n 64 -d 1F:1F:1F+  aircrack-ng wep_cloaking_full_speed_dl.pcap -b 00:12:BF:12:32:29 -K -n 64 -d 1F:1F:1F
      
 {{http://www.aircrack-ng.org/wep_cloaking/crack_without_filter.jpg}} {{http://www.aircrack-ng.org/wep_cloaking/crack_without_filter.jpg}}
Line 347: Line 349:
  
 Not yet, but they will. Not yet, but they will.
 +
 +==== Why is KoreK used instead of PTW? ====
 +
 +Only a few hundred packets in this capture file can be used for PTW and that wasn't enough. See the following [[aircrack-ng#the_ptw_method_does_not_work|entry]] for more details.
  
 ===== Links ===== ===== Links =====
Line 354: Line 360:
   * Joshua Wright [[https://edge.arubanetworks.com/blog/2007/04/airdefense-perpetuates-flawed-protocols|Blog]]   * Joshua Wright [[https://edge.arubanetworks.com/blog/2007/04/airdefense-perpetuates-flawed-protocols|Blog]]
   * Wifisec Mailing list: [[http://www.aircrack-ng.org/wifisec_ml_perpetuating_weak_wireless_security.htm|Perpetuating weak wireless security]] - [[http://www.securityfocus.com/archive/137|Official archive]] of the mailing list   * Wifisec Mailing list: [[http://www.aircrack-ng.org/wifisec_ml_perpetuating_weak_wireless_security.htm|Perpetuating weak wireless security]] - [[http://www.securityfocus.com/archive/137|Official archive]] of the mailing list
 +
 +===== Thanks =====
 +
 +Thanks to Alex Hernandez aka alt3kx from [[http://sybsecurity.com|sybsecurity.com]] for the hardware
airdecloak-ng.txt · Last modified: 2023/01/17 09:58 by gemesa