how_to_crack_wep_with_no_clients
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionNext revisionBoth sides next revision | ||
how_to_crack_wep_with_no_clients [2008/07/12 16:28] – missing '-' mister_x | how_to_crack_wep_with_no_clients [2009/08/14 19:23] – use dokuwiki internal link mister_x | ||
---|---|---|---|
Line 5: | Line 5: | ||
===== Introduction ===== | ===== Introduction ===== | ||
- | There are many times when a wireless network has no wireless clients associated with it and there are no ARP requests coming from the wired side. This tutorial describes how to crack the WEP key when there are no wireless clients and there are no ARP requests coming from the wired side. Although this topic has been discussed many times over in the [[http:// | + | There are many times when a wireless network has no wireless clients associated with it and there are no ARP requests coming from the wired side. This tutorial describes how to crack the WEP key when there are no wireless clients and there are no ARP requests coming from the wired side. Although this topic has been discussed many times over in the [[http:// |
If there ARP requests being broadcast from the wire side, then the standard [[fake authentication]] combined with [[arp-request_reinjection|ARP request replay technique]] may be used. | If there ARP requests being broadcast from the wire side, then the standard [[fake authentication]] combined with [[arp-request_reinjection|ARP request replay technique]] may be used. | ||
Line 61: | Line 61: | ||
To be honest, we will not be changing the wireless card MAC address. | To be honest, we will not be changing the wireless card MAC address. | ||
- | This is a reminder to use your wireless card MAC address as the source MAC. I mention this explicitly as a reminder to use the actual MAC address from your card in "Step 3 - fake authentication" | + | This is a reminder to use your wireless card MAC address as the source MAC. I mention this explicitly as a reminder to use the actual MAC address from your card in "Step 3 - fake authentication" |
==== Step 2 - Start the wireless interface in monitor mode on AP channel ==== | ==== Step 2 - Start the wireless interface in monitor mode on AP channel ==== | ||
Line 69: | Line 70: | ||
| | ||
- | Note: In this command we use " | + | Note: In this command we use " |
The system will respond: | The system will respond: | ||
Line 100: | Line 101: | ||
Tx excessive retries: | Tx excessive retries: | ||
- | In the response above, you can see that ath0 is in monitor mode, on the 2.452GHz frequency which is channel 9 and the Access Point shows the MAC address of your wireless card. So everything is good. It is important to confirm all this information prior to proceeding, otherwise the following steps will not work properly. | + | In the response above, you can see that ath0 is in monitor mode, on the 2.452GHz frequency which is channel 9 and the Access Point shows the MAC address of your wireless card. So everything is good. It is important to confirm all this information prior to proceeding, otherwise the following steps will not work properly. |
To match the frequency to the channel, check out: | To match the frequency to the channel, check out: | ||
Line 107: | Line 108: | ||
=== Troubleshooting Tips === | === Troubleshooting Tips === | ||
- | *If another interface started other then ath0 then stop all of them first by using " | + | *If another interface started other than ath0 then stop all of them first by using " |
+ | *On mac80211-based drivers, airmon-ng will respond with something like this: | ||
+ | |||
+ | | ||
+ | |||
+ | | ||
+ | | ||
+ | For such interfaces, use the interface name after " | ||
==== Step 3 - Use aireplay-ng to do a fake authentication with the access point ==== | ==== Step 3 - Use aireplay-ng to do a fake authentication with the access point ==== | ||
Line 546: | Line 554: | ||
The base tutorial assumes you are using the native MAC address of your wireless device as the source MAC. If this is not the case, then you need to change the process used. Since this is an advanced topic, I will provide the general guidelines and not the specific detail. | The base tutorial assumes you are using the native MAC address of your wireless device as the source MAC. If this is not the case, then you need to change the process used. Since this is an advanced topic, I will provide the general guidelines and not the specific detail. | ||
- | Preferably, you should change the native MAC address of your wireless device to the MAC you will be spoofing. | + | Preferably, you should change the native MAC address of your wireless device to the MAC you will be spoofing. |
how_to_crack_wep_with_no_clients.txt · Last modified: 2018/03/11 20:15 by mister_x