Archive for September, 2010

oasis6 PWNED

September 7, 2010

Let me record the steps here so that I won’t forget in the near future. This is my second try after the first try where Ser Yoong logged into the wifi and let me used his MAC Address to spam ARP replay packets and manage to get the IVs flowing like water. This time managed to do it without any clients, and partly referred to Corelan.be, very useful.

  1. Airmon-ng the interface, turn on the monitor mode.
  2. Airodump-ng with the mon0 argument to get all the access points MAC and channel, choose one (WEP)
  3. Airodump-ng again with –channel and –bssid set
  4. Aireplay-ng –test (test injection)
  5. Aireplay-ng replay ARP, -5 using the -h fake associated hosts MAC
  6. Do fake authentication with Aireplay-ng
  7. Flowing incoming ivs
  8. ???
  9. Profit

This time it took 30k ivs to be able to crack the WEP password.

oasis6 pwned*click to enlarge*

eXPeri3nc3.