Penetration Testing mailing list archives
Re: Pentesting a WEP-protected wifi network
From: "Francisco Pecorella" <fpecor () cantv net>
Date: Tue, 10 Jan 2006 22:00:38 -0400
Hi Rodrigo,The main idea in order to do a pentest to a wireless network is follow these steps:
(1) Use any sniffer (remember disable the promiscuos mode) in order to capture wireless data "protected". It is recommendable that you capture more over 100 Mb of data. I suggest that you use Kismet, airodump and airoplay.
(2) Use aircrack written by Christophe Devine in order to crack the data captured. For example if your capture was called "capture.pcap":
$ aircrack -f2 -n 128 capture.pcap (3) Wait, Wait some seconds and ready :-). You will have the WEP Key. -- Regards, FP----- Original Message ----- From: "Rodrigo Blanco" <rodrigo.blanco.r () gmail com>
To: <pen-test () securityfocus com> Sent: Tuesday, January 10, 2006 3:59 AM Subject: Pentesting a WEP-protected wifi network
Hello list, I am currenty trying to pentest a wireless network protected with WEP (not sure if 40/64 or 104/128 bit). I would like to know what are the best tools to use if the equipment I have for the pentest is an XP workstation with a 802.11b D-link wireless card. I know there are many tools for Unix / Linux with certain wifi cards, but I would like to prove if it is feasible to break a WEP key with just an XP and any wifi card. Thanks in advance for your help and best regards, Rodrigo. ------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms,login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do!Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
------------------------------------------------------------------------------Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
Current thread:
- Pentesting a WEP-protected wifi network Rodrigo Blanco (Jan 10)
- RE: Pentesting a WEP-protected wifi network Chris Serafin (Jan 10)
- Re[2]: Pentesting a WEP-protected wifi network Roman Shirokov (Jan 11)
- Re: Re[2]: Pentesting a WEP-protected wifi network Ivan . (Jan 11)
- RE: Re[2]: Pentesting a WEP-protected wifi network Chris Serafin (Jan 11)
- Re: Pentesting a WEP-protected wifi network AF (Jan 21)
- Re[2]: Pentesting a WEP-protected wifi network Roman Shirokov (Jan 11)
- Re: Pentesting a WEP-protected wifi network Francisco Pecorella (Jan 10)
- Re: Pentesting a WEP-protected wifi network Robin Wood (Jan 11)
- Re: Pentesting a WEP-protected wifi network David M. Zendzian (Jan 10)
- RE: Pentesting a WEP-protected wifi network John (Jan 13)
- <Possible follow-ups>
- RE: Pentesting a WEP-protected wifi network Rapaille Maxime (Jan 11)
- RE: Pentesting a WEP-protected wifi network Chris Serafin (Jan 10)