Re: WEP attacks based on IV Collisions

From: leonardo (billtorvalds1@yahoo.it)
Date: Sun Jun 06 2004 - 18:09:25 EDT

• Next message: mak_pen@hotmail.com: "Wireless pentesting requirements"
• Previous message: Brian Taylor: "RE: USB delivered attacks"
• In reply to: pen-test@nym.hush.com: "RE: WEP attacks based on IV Collisions"
• Next in thread: Andrew A. Vladimirov: "Re: WEP attacks based on IV Collisions"
• Reply: Andrew A. Vladimirov: "Re: WEP attacks based on IV Collisions"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

* Thursday 03 June 2004, alle 13:43, pen-test@nym.hush.com scrive:
> This is only true if Shared Key Authentication is in use. Vendors saw
> this as moronic years ago. I'm not sure how many AP's (if any) use Shared
> Key Authentication as the default, but every AP I've seen has had Open
> System Authentication as an option (which essentially just skips that
> step).

that's good, but Is it the same for clients? if we're still talking
about plain 802.11 with WEP then you can always deauthenticate a client
and behave like an AP, asking the client to authenticate with Shared
Key. Then you just have to send as a challenge text the bytes you want
that client to crypt for you.

ciao,
leonardo.

-- 
0C5F B8DE 3136 1506 96D0  1806 7674 D513 A66E 7854

• Next message: mak_pen@hotmail.com: "Wireless pentesting requirements"
• Previous message: Brian Taylor: "RE: USB delivered attacks"
• In reply to: pen-test@nym.hush.com: "RE: WEP attacks based on IV Collisions"
• Next in thread: Andrew A. Vladimirov: "Re: WEP attacks based on IV Collisions"
• Reply: Andrew A. Vladimirov: "Re: WEP attacks based on IV Collisions"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:55 EDT