Re: Testing WEP Key on pcap dump

[Jason Ostrom <justiceguy () pobox com>]

Thanks to all who have replied. So far I've seen that both Kismet and
Airsnort can do this.  There is also a nice tool called WepAttack, that
does a brute force / dictionary attack on the WEP key with a supplied
wordlist.  I found this useful, because I could specify myriad keys in
wordlist that I suspected were the keys.

All the best,
Jason

On Wed, 2004-04-21 at 18:24, Joshua Wright wrote:
> Jason,
>
> Jason Ostrom wrote:
> > I have a pcap dump using Kismet Wireless sniffer on a BSSID using
> > 128-bit WEP encryption.  If I think I know the 26 character HEX WEP
> > key, is there a way to easily decrypt all of the traffic for a
> > specific BSSID based on input of this WEP key, and then display the
> > decrypted pcap output in Ethereal?  Or another way of seeing if this
> > WEP key is able to decrypt from the pcap dump for that specific BSSID?
>
> The Airsnort package has a tool called "decrypt" that can be used to 
> decrypt a pcap file with a given WEP key.  This can also be done with 
> Kismet, although it's a little more difficult - see the README for details.
>
> -Josh


------------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
-------------------------------------------------------------------------------