Pulling WEP KEYs/MAC FILTER From Linksys/D-link ect

[devilbile]

Dumb Newbie quesiton regarding this exploit:
http://www.securiteam.com/securitynews/6P0021P60A.html
(searched web and AO, I don't know where to look i guess)

I Copied and pasted exploit to a file named "exploit" on my Slackware *nix box and tried to execute by doing sh ./exploit I've chmod 4711 it but to know avail I keep getting errors when I run the exploit:

bash-2.05a# ./exploit
./exploit: typedef: command not found
./exploit: char: command not found
./exploit: char: command not found
./exploit: char: command not found
./exploit: char: command not found
./exploit: line 12: syntax error near unexpected token '}'
./exploit: line 12: '}'

I'm sure i'm executing the script the wrong way
Thanks

[devilbile]

Dumb Newbie quesiton regarding this exploit:
http://www.securiteam.com/securitynews/6P0021P60A.html
(searched web and AO, I don't know where to look i guess)

I Copied and pasted exploit to a file named "exploit" on my Slackware *nix box and tried to execute by doing sh ./exploit I've chmod 4711 it but to know avail I keep getting errors when I run the exploit:

bash-2.05a# ./exploit
./exploit: typedef: command not found
./exploit: char: command not found
./exploit: char: command not found
./exploit: char: command not found
./exploit: char: command not found
./exploit: line 12: syntax error near unexpected token '}'
./exploit: line 12: '}'

I'm sure i'm executing the script the wrong way
Thanks

[g00n]

since it's a program and not a script.. you have to compile it.

[g00n]

since it's a program and not a script.. you have to compile it.

[Algaen]

It's a c program, not a shell script. You have to compile it, not just make it executable.
It would be best to save it as exploit.c and then run

# cc exploit.c

You can then run ./a.out to try the exploit.
Good luck!

[Algaen]

It's a c program, not a shell script. You have to compile it, not just make it executable.
It would be best to save it as exploit.c and then run

# cc exploit.c

You can then run ./a.out to try the exploit.
Good luck!

[avenger_jcc]

pretty wild... My old boss told me how impossible it is to get this stuff cracked with all the encryption... and then against my advice installed a linksys WAP in a bank system....
Yikes.

[avenger_jcc]

pretty wild... My old boss told me how impossible it is to get this stuff cracked with all the encryption... and then against my advice installed a linksys WAP in a bank system....
Yikes.

[devilbile]

Algaen or anyone else that wants to help my dumb arse,

I tried 'cc exploit.c -o exploit' and also 'gcc exploit.c -o exploit' .. However to no avail I keep getting errors

bash-2.05a# cc exploit.c -o exploit
exploit.c:8: parse error before character 0240
exploit.c:8: warning: no semicolon at end of struct or union
exploit.c:13: warning: `packed' attribute ignored
exploit.c: In function `main':
exploit.c:17: parse error before character 0240

Thanks Algaen for your help..

for those of you that want to try this exploit on windows boxes lookup pong.exe and wepcrck.exe on google.com. In regards to Avenger_jcc's post, this exploit only works if you are associated with the victim access point, also if you have updated firmware on your access point you should be in the clear for now!

[the_JinX]

it did compile for me (with 1 warning)

gcc -c exploit.c -o exploit

./exploit

got me an exception error (sigsev)

so the compilation did work, the execution didn't..

well too bad..

tested on slackware 9.0 rc3 (build 14-03-2003)