I've not tried KoreK's latest, but I can vouch for aircrack busting all the 104 bit
keys I've tested in an average of around 300K unique IV's or less. Didn't
send any 'weak' IV's, just used aireplay (injection) with a few
captured ARP packets.
Seems also to be a better FMS implementation than even h1kari's dwepcrack.
And WPA keys fall to 'cowpatty' if your passphrase is subject to a dictionary
attack. anybody else try that one?
Next up, 802.11i TKIP/AES - a crypto attack won't be as easy, but
maybe a MITM approach...
-Geoff
From: "Frank Keeney" <[EMAIL PROTECTED]> Reply-To: [EMAIL PROTECTED] To: <[EMAIL PROTECTED]> Subject: [SOCALWUG] WEP: Dead Again, Part 1 Date: Tue, 14 Dec 2004 21:25:59 -0800
http://securityfocus.com/infocus/1814
"Tools that changed everything
On August 8th, 2004, a hacker named KoreK posted new WEP statistical
cryptanalysis attack code (soon to become a tool called chopper) to the
NetStumbler forums. While chopper is functional, it is not currently
maintained, and the attacks have since seen better implementations in
aircrack and WepLab. However, the KoreK attacks change everything. No longer
are millions of packets required to crack a WEP key; no longer does the
number of obviously "weak" or "interesting" IVs matter. With the new
attacks, the critical ingredient is the total number of unique IVs captured,
and a key can often be cracked with hundreds of thousands of packets, rather
than millions."
------------------------------------------------------
Frank Keeney Wireless Antennas, Cables and Equipment: http://www.wlanparts.com
Co-Founder, Southern California Wireless User Group: http://www.socalwug.org
IM: Yahoo: wlanparts, AIM: wlanparts, MSN: [EMAIL PROTECTED] VOIP: Skype: wlanparts, FWD: 289372
_________________________________________________________________
On the road to retirement? Check out MSN Life Events for advice on how to get there! http://lifeevents.msn.com/category.aspx?cid=Retirement
