User Tools

Site Tools


cafe-latte

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
cafe-latte [2009/10/11 16:29]
darkaudax fixed typo
cafe-latte [2010/11/21 15:52]
sleek typos
Line 1: Line 1:
 ====== Cafe Latte attack ====== ====== Cafe Latte attack ======
- 
- 
 ===== Description ===== ===== Description =====
  
 The Cafe Latte attack allows you to obtain a WEP key from a client system.  Briefly, this is done by capturing an ARP packet from the client, manipulating it and then send it back to the client.  The client in turn generates packets which can be captured by [[airodump-ng]].   Subsequently, [[aircrack-ng]] can be used to determine the WEP key. The Cafe Latte attack allows you to obtain a WEP key from a client system.  Briefly, this is done by capturing an ARP packet from the client, manipulating it and then send it back to the client.  The client in turn generates packets which can be captured by [[airodump-ng]].   Subsequently, [[aircrack-ng]] can be used to determine the WEP key.
  
-These links provide a detailed explanation of the attack plus some ways to protect yoursefl from it:+These links provide a detailed explanation of the attack plus some ways to protect yourself from it:
  
-  * [[http://www.airtightnetworks.net/knowledgecenter/wep-caffelatte.html|Cafe Latte attack]]+  * [[http://www.airtightnetworks.com/home/resources/knowledge-center/caffe-latte.html|Cafe Latte attack]]
  
-  * [[http://www.esecurityplanet.com/prevention/article.php/3716656|The Caffe Latte Attack: How It Works—and How to Block It]]+  * [[http://www.esecurityplanet.com/trends/article.php/3716656/The-Caffe-Latte-Attack-How-It-Worksand-How-to-Block-It.htm|The Caffe Latte Attack: How It Works—and How to Block It]]
  
 Where did the attack name come from?  The concept is that a WEP key could be obtained from an innocent client at a coffee bar in the time it takes to drink your cafe latte. Where did the attack name come from?  The concept is that a WEP key could be obtained from an innocent client at a coffee bar in the time it takes to drink your cafe latte.
Line 17: Line 15:
 ===== Usage ===== ===== Usage =====
  
-  aireplay-ng -6 -h 00:09:5B:EC:EE:F2 -D rausb0+  aireplay-ng -6 -h 00:09:5B:EC:EE:F2 -b 00:13:10:30:24:9C -D rausb0
  
 Where: Where:
   *-6 means Cafe-Latte attack   *-6 means Cafe-Latte attack
   *-h 00:09:5B:EC:EE:F2 is our card MAC address   *-h 00:09:5B:EC:EE:F2 is our card MAC address
 +  *-b 00:13:10:30:24:9C is the Access Point MAC (any valid MAC should work)
   *-D disables AP detection.   *-D disables AP detection.
   *rausb0 is the wireless interface name   *rausb0 is the wireless interface name
cafe-latte.txt · Last modified: 2010/11/21 15:52 by sleek