dimitar.me

Yesterday I stumbled upon a new wireless card with an Atheros chipset and as we know the majority of the them are supported by madwifi. That indeed was the case with this one.

The next step was to put it in my laptop and get out on the porch to have some fun. It is always exciting to crack WEP no matter how many times you had done it. With two wireless NICs in my notebook this time it looked like things were going faster. I used one to capture the packets and the other one to associate with the target and inject ARP requests.

The result is pictured above. I have blurred out some of the information for apparent reasons. I let it go for too long- almost two and a half hours, which was not necessary. With the PTW WEP-cracking method we only need a few thousand IVs to be successful. With the rate that I was capturing data packets (more than a 1000 a minute), it meant that I only needed 10 to 20 min. But since I wanted to use the FMS/Korek method on the same target as well, I let it gather a lot more packets. The later method requires quite a bit more IVs. Depending on the size of the key you might need over a million data packets.

So… do not use WEP encryption… you will be owned in minutes!