Wep0ff is new tool to crack WEP-key without access to AP by mount fake access point attack against WEP-based wireless clients.
It uses combination of fragmentation and evil twin attacks to generate
traffic which can be used for KoreK-style WEP-key recovery.
This tool can be used to mount fake access point attack against WEP-based wireless clients.
This code tested patched madwifi-old drivers with athraw support, but also works with madwifi-ng. With madwifi-ng you need to create two virtual interfaces: one in master mode (for fake AP) and second in monitor mode (to listen on).
How to Use:
1. Setup fake AP with KARMA tools or iwconfig
iwpriv ath0 mode 2
iwconfig ath0 mode master essid foo enc 1122334455 channel 7
echo 1 > /proc/sys/dev/ath0/rawdev
echo 1 > /proc/sys/dev/ath0/rawdev_type
ifconfig ath0
up ifconfig ath0raw up
2. Start this program (./wep0ff ath0raw 00:01:02:03:04:05)
3. Wait until client connect to fake access point
4. Launch airodump-ng to collect packets
5. Launch aircrack-ng to recover WEP key
NOTE:
Wep0ff runs on the Linux OS, and does not run on the Windows Vista OS
As such U need to either,
a) install linux on your comp/lappy
b)use a live CD (Backtrack is recommended by most L337 h@xors)
c)Create a virtual drive using a tool like wubi (for ubuntu) on your system and install and run Linux off it
Using these steps you can , as you put it, “get this baby working”
You can download it here:
Wep0ff
+ comments + 2 comments
thanxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
thanxxxxxxxxxxxxxxxx
Post a Comment