airdecloak-ng
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionNext revisionBoth sides next revision | ||
airdecloak-ng [2008/12/26 18:40] – Doestoying the managed interface is only needed for madwifi-ng - stop people from killing their wlan0 interfaces on mac80211 drivers. netrolller3d | airdecloak-ng [2009/09/26 22:01] – Fixed typos darkaudax | ||
---|---|---|---|
Line 82: | Line 82: | ||
=== Trying to crack the WEP key === | === Trying to crack the WEP key === | ||
- | aircrack-ng.exe wep_cloaking_full_speed_dl.pcap -b 00: | + | aircrack-ng wep_cloaking_full_speed_dl.pcap -b 00: |
| | ||
{{http:// | {{http:// | ||
Line 197: | Line 197: | ||
=== Timing === | === Timing === | ||
- | The time needed to receive a cloaked frame could be analysed; compared to its uncloaked equivalent since the sensor | + | The time needed to receive a cloaked frame could be analyzed; compared to its uncloaked equivalent since the sensor |
For this, 2 packets are needed (one real and one cloaked) and we have to make sure the " | For this, 2 packets are needed (one real and one cloaked) and we have to make sure the " | ||
Line 227: | Line 227: | ||
{{http:// | {{http:// | ||
- | There' | + | There are a few possibilities |
- both packets can be discarded since they have the same sequence number. | - both packets can be discarded since they have the same sequence number. | ||
- use signal/ | - use signal/ | ||
- | For packet 7538/7539, it will be easier, it's easy to find out which one is cloaked, a beacon has the same sequence | + | For packet 7538/7539, it will be easier, it's easy to find out which one is cloaked, a beacon has the same sequence |
Line 247: | Line 247: | ||
... so other ways have to be used. Beacon will still be used but in another way: since 1319 is a valid sequence number, the previous (1318) and the next (1320) sequence numbers of valid packets are known. It's getting more complicated, | ... so other ways have to be used. Beacon will still be used but in another way: since 1319 is a valid sequence number, the previous (1318) and the next (1320) sequence numbers of valid packets are known. It's getting more complicated, | ||
- | Since it is known that wep cloaking | + | Since it is known that wep cloaking |
^Position^Uncloaked^Cloaked^Frame size^Reason| | ^Position^Uncloaked^Cloaked^Frame size^Reason| | ||
Line 317: | Line 317: | ||
Remove all duplicate sequence numbers for both the AP and the client (that are close to each other). | Remove all duplicate sequence numbers for both the AP and the client (that are close to each other). | ||
- | Basically it apply '' | + | Basically it applies |
== consecutive_sn == | == consecutive_sn == | ||
Line 363: | Line 363: | ||
===== Thanks ===== | ===== Thanks ===== | ||
- | Thanks to Alex Hernandez aka alt3kx from [[http:// | + | Thanks to Alex Hernandez aka alt3kx from [[http:// |
airdecloak-ng.txt · Last modified: 2023/01/17 09:58 by gemesa