WepAttack
Page 1 of 3 123 LastLast
Results 1 to 10 of 22

Thread: WepAttack

  1. #1
    Senior Member
    Join Date
    Oct 2002
    Posts
    314

    WepAttack

    Hello All,

    I`m doing a wireless security assessment for a client and they want me to break the WEP key in use on their wireless network, or at least die trying....(this is due to the dept that has hired me to do this wanting to show the dept that uses it that WEP is indeed crappy, a write up on this will not suffice it seems)

    Anyway, rather then sit there and run airsnort for hours on end I thought I would give WepAttack http://wepattack.sourceforge.net) a whirl and see how it works out.

    Its an offline brute force attack tool that tried to guess the WepKey based on a dictioanry. Now, since the client is use 128 bit WEP am I right in assuming that a full dictionary file of all possible hex values is needed? or am I missing the point?

    Also, does anyone know any other offline attack tools for Kismet dumps?

    thanks
    Quis custodiet ipsos custodes

  2. #2
    HeadShot Master N1nja Cybr1d's Avatar
    Join Date
    Jul 2003
    Location
    Boston, MA
    Posts
    1,840
    for a 128 bit WEP, the larger the dictionary, the better it is. You will indeed need a full dictionary, including hex, to solve it in a reasonable time. (unless you wanna leave your computer on trying to crack it for hours).

  3. #3
    Banned
    Join Date
    Feb 2004
    Posts
    21
    If you had a Wepon, you could shot a hole through it for access.

  4. #4
    Senior Member
    Join Date
    Oct 2002
    Posts
    314
    Cybr1d, yes I have several large dictioanry files...considered generating a list of all possible hex keys...but that would take a while and I think i would need a SAN to store it.

    JuJu thanks for the constructive comment, unfortunately I cannot go around shooting access points..
    Quis custodiet ipsos custodes

  5. #5
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Posts
    4,325
    Please, correct me if I'm wrong...

    Brute force is different from dictionary.

    A dictionary attack will use only what is in the dictionary file...
    Dictionary attacks are good for cracking passwords and the such... cause most of the time, people are going to use an easy to remember/crack password.

    Brute force will try everything... no "dictionary" needed...

    Right? Wrong?
    Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

  6. #6
    I'd rather be fishing DjM's Avatar
    Join Date
    Aug 2001
    Location
    The Great White North
    Posts
    1,867
    Originally posted here by R0n1n
    JuJu thanks for the constructive comment, unfortunately I cannot go around shooting access points..
    The Jargon Dictionary : Terms : The T Terms : troll


    troll
    troll v.,n. 1. [From the Usenet group alt.folklore.urban] To utter a posting on Usenet designed to attract predictable responses or flames; or, the post itself. Derives from the phrase "trolling for newbies" which in turn comes from mainstream "trolling", a style of fishing in which one trails bait through a likely spot hoping for a bite. The well-constructed troll is a post that induces lots of newbies and flamers to make themselves look even more clueless than they already do, while subtly conveying to the more savvy and experienced that it is in fact a deliberate troll. If you don't fall for the joke, you get to be in on it. See also YHBT. 2. An individual who chronically trolls in sense 1; regularly posts specious arguments, flames or personal attacks to a newsgroup, discussion list, or in email for no other purpose than to annoy someone or disrupt a discussion. Trolls are recognizable by the fact that the have no real interest in learning about the topic at hand - they simply want to utter flame bait. Like the ugly creatures they are named after, they exhibit no redeeming characteristics, and as such, they are recognized as a lower form of life on the net, as in, "Oh, ignore him, he's just a troll." 3. [Berkeley] Computer lab monitor. A popular campus job for CS students. Duties include helping newbies and ensuring that lab policies are followed. Probably so-called because it involves lurking in dark cavelike corners.
    Some people claim that the troll (sense 1) is properly a narrower category than flame bait, that a troll is categorized by containing some assertion that is wrong but not overtly controversial. See also Troll-O-Meter.

    The use of `troll' in either sense is a live metaphor that readily produces elaborations and combining forms. For example, one not infrequently sees the warning "Do not feed the troll" as part of a followup to troll postings.
    DjM

  7. #7
    0_o Mastermind keezel's Avatar
    Join Date
    Jun 2003
    Posts
    1,024
    Exactly right.
    Its an offline brute force attack tool that tried to guess the WepKey based on a dictioanry.
    Sounds interesting....sounds maybe like some hybrid that uses both. Maybe some intelligent brute forcer that uses combinations of syllables? Or more likely something that uses dictionary terms first and then combines numbers with words and then uses every other possible combination of digits that hasn't been used yet. I could be way off but I've heard of stuff like that before although I wouldn't know how to go about finding it.

    P.S. Sup Phish? I'm baaaack

  8. #8
    Senior Member
    Join Date
    Oct 2002
    Posts
    314
    ok, sorry my mistake...its primarily a dicitonary tool...sorry its been a long day....
    Quis custodiet ipsos custodes

  9. #9
    Senior Member
    Join Date
    Oct 2002
    Posts
    314
    so, after a shot of caffeine.. WepAttack is a tool that uses a dictionary to attempt to crack wep keys. I`m making a new improved wordlist right now using Egoistic which will hopefully crack the key.

    However it also has the ability to be linked into JTR which could then allow it to try brute force as well, right now I`m in wordlist land, brute force is next..

    so WepCrack raw = dictionary, WepCrack and JTR = brute force
    Quis custodiet ipsos custodes

  10. #10
    Senior Member
    Join Date
    Oct 2002
    Posts
    314
    and its called wepattack! wepcrack was this morning....thats it, i`m going to bed...

    lol
    Quis custodiet ipsos custodes

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •