User Tools

Site Tools


cafe-latte

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
cafe-latte [2009/10/11 16:21]
darkaudax Created initial documentation.
cafe-latte [2010/11/21 15:52]
sleek typos
Line 1: Line 1:
 ====== Cafe Latte attack ====== ====== Cafe Latte attack ======
- 
- 
 ===== Description ===== ===== Description =====
  
 The Cafe Latte attack allows you to obtain a WEP key from a client system. ​ Briefly, this is done by capturing an ARP packet from the client, manipulating it and then send it back to the client. ​ The client in turn generates packets which can be captured by [[airodump-ng]]. ​  ​Subsequently,​ [[aircrack-ng]] can be used to determine the WEP key. The Cafe Latte attack allows you to obtain a WEP key from a client system. ​ Briefly, this is done by capturing an ARP packet from the client, manipulating it and then send it back to the client. ​ The client in turn generates packets which can be captured by [[airodump-ng]]. ​  ​Subsequently,​ [[aircrack-ng]] can be used to determine the WEP key.
  
-These links provide a detailed explanation of the attack plus some ways to protect ​yoursefl ​from it:+These links provide a detailed explanation of the attack plus some ways to protect ​yourself ​from it:
  
-  * [[http://​www.airtightnetworks.net/knowledgecenter/wep-caffelatte.html|Cafe Latte attack]]+  * [[http://​www.airtightnetworks.com/home/resources/​knowledge-center/​caffe-latte.html|Cafe Latte attack]]
  
-  * [[http://​www.esecurityplanet.com/​prevention/​article.php/​3716656|The Caffe Latte Attack: How It Works—and How to Block It]]+  * [[http://​www.esecurityplanet.com/​trends/​article.php/​3716656/​The-Caffe-Latte-Attack-How-It-Worksand-How-to-Block-It.htm|The Caffe Latte Attack: How It Works—and How to Block It]]
  
 Where did the attack name come from?  The concept is that a WEP key could be obtained from an innocent client at a coffee bar in the time it takes to drink your cafe latte. Where did the attack name come from?  The concept is that a WEP key could be obtained from an innocent client at a coffee bar in the time it takes to drink your cafe latte.
Line 17: Line 15:
 ===== Usage ===== ===== Usage =====
  
-  aireplay-ng -6 -h 00:​09:​5B:​EC:​EE:​F2 -D rausb0+  aireplay-ng -6 -h 00:​09:​5B:​EC:​EE:​F2 ​-b 00:​13:​10:​30:​24:​9C ​-D rausb0
  
 Where: Where:
   *-6 means Cafe-Latte attack   *-6 means Cafe-Latte attack
-  *-h 00:​09:​5B:​EC:​EE:​F2 is our card MAC addresss+  *-h 00:​09:​5B:​EC:​EE:​F2 is our card MAC address 
 +  *-b 00:​13:​10:​30:​24:​9C is the Access Point MAC (any valid MAC should work)
   *-D disables AP detection.   *-D disables AP detection.
   *rausb0 is the wireless interface name   *rausb0 is the wireless interface name
cafe-latte.txt · Last modified: 2010/11/21 15:52 by sleek