wesside-ng
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
wesside-ng [2008/02/08 16:06] – fixed typos darkaudax | wesside-ng [2018/03/11 18:57] (current) – Updated links to tickets mister_x | ||
---|---|---|---|
Line 1: | Line 1: | ||
====== Wesside-ng ====== | ====== Wesside-ng ====== | ||
- | |||
- | ++++++ IMPORTANT ++++++\\ | ||
- | ++++++ IMPORTANT ++++++\\ | ||
- | ++++++ IMPORTANT ++++++\\ | ||
- | |||
- | This functionality will be available in a future release. It is NOT available currently. | ||
- | |||
- | ++++++ IMPORTANT ++++++\\ | ||
- | ++++++ IMPORTANT ++++++\\ | ||
- | ++++++ IMPORTANT ++++++\\ | ||
- | |||
- | |||
===== Description ===== | ===== Description ===== | ||
Line 17: | Line 5: | ||
Wesside-ng is an auto-magic tool which incorporates a number of techniques to seamlessly obtain a WEP key in minutes. | Wesside-ng is an auto-magic tool which incorporates a number of techniques to seamlessly obtain a WEP key in minutes. | ||
- | The original wesside tool was written by Andrea Bittau and was a proof-of-concept program to accompany two published papers. | + | The original wesside tool was written by Andrea Bittau and was a proof-of-concept program to accompany two published papers. |
For you trivia buffs, who knows where the program name " | For you trivia buffs, who knows where the program name " | ||
Line 29: | Line 17: | ||
- After it sniffs an ARP request, it decrypts the IP address by guessing the next four bytes of PRGA using multicast frames and the linear keystream expansion technique. | - After it sniffs an ARP request, it decrypts the IP address by guessing the next four bytes of PRGA using multicast frames and the linear keystream expansion technique. | ||
- It floods the network with ARP requests for the decrypted IP address. | - It floods the network with ARP requests for the decrypted IP address. | ||
- | - Launches the [[http:// | + | - Launches the [[aircrack-ng|aircrack-ng PTW attack]] to determine the WEP key. |
So you may be asking "What is the linear keystream expansion technique?" | So you may be asking "What is the linear keystream expansion technique?" | ||
There are a few known limitations: | There are a few known limitations: | ||
- | * Only open authentication is support. Shared key authentication is not supported. | + | * Only open authentication is supported. Shared key authentication is not supported. |
* Only B and G networks are supported. | * Only B and G networks are supported. | ||
* Fake MAC functionality is broken if there is a lot of traffic on the network. | * Fake MAC functionality is broken if there is a lot of traffic on the network. | ||
Line 52: | Line 40: | ||
*-f Allows the highest channel for scanning to be defined. | *-f Allows the highest channel for scanning to be defined. | ||
*-k Ignores ACKs since some cards/ | *-k Ignores ACKs since some cards/ | ||
- | *-p Determines the minimum number of bytes of PRGA which is gathered. | + | *-p Determines the minimum number of bytes of PRGA which are gathered. |
*-t For each number of IVs specified, restart the airecrack-ng PTW engine. (Optional) | *-t For each number of IVs specified, restart the airecrack-ng PTW engine. (Optional) | ||
*-v Wireless access point MAC address | *-v Wireless access point MAC address | ||
- | When you run wesside-ng, it creates three files automatically in the current directory | + | When you run wesside-ng, it creates three files automatically in the current directory: |
* wep.cap - The packet capture file. It contains the full packet, not just the IVs. | * wep.cap - The packet capture file. It contains the full packet, not just the IVs. | ||
Line 158: | Line 146: | ||
Make sure your card is in monitor mode. | Make sure your card is in monitor mode. | ||
- | Make sure your card can inject by testing it with the [[http:// | + | Make sure your card can inject by testing it with the [[injection_test|aireplay-ng injection test]]. |
Make sure your card supports the fragmentation attack. | Make sure your card supports the fragmentation attack. | ||
Line 165: | Line 153: | ||
There are a few known limitations: | There are a few known limitations: | ||
- | * Only open authentication is support. Shared key authentication is not supported. | + | * Only open authentication is supported. Shared key authentication is not supported. |
* Only B and G networks are supported. | * Only B and G networks are supported. | ||
* Fake MAC functionality is broken if there is a lot of traffic on the network. | * Fake MAC functionality is broken if there is a lot of traffic on the network. | ||
- | ==== "ERROR Max retransmists" message ==== | + | ==== "ERROR Max retransmits" message ==== |
You get an error similar to the following while running the program: | You get an error similar to the following while running the program: | ||
- | [18:23:49] ERROR Max retransmists | + | [18:23:49] ERROR Max retransmits |
B0 00 FF 7F 00 1A 70 51 B0 70 00 0E 2E C5 81 D3 00 1A 70 51 B0 70 00 00 00 00 01 00 00 00 | B0 00 FF 7F 00 1A 70 51 B0 70 00 0E 2E C5 81 D3 00 1A 70 51 B0 70 00 00 00 00 01 00 00 00 | ||
This can be caused if the AP does not acknowledge the the packets you are sending. | This can be caused if the AP does not acknowledge the the packets you are sending. | ||
- | Another reason is that the internal state machine of wesside-ng is confused. | + | Another reason is that the internal state machine of wesside-ng is confused. |
- | ==== RT73 chipset and "ERROR Max retransmists" message ==== | + | ==== RT73 chipset and "ERROR Max retransmits" message ==== |
If you are using the RT73 chipset, try adding the "-k 1" option. | If you are using the RT73 chipset, try adding the "-k 1" option. | ||
Line 188: | Line 176: | ||
==== Known Bugs ==== | ==== Known Bugs ==== | ||
- | There are are a variety of known bugs which are outlined below. | + | There are a variety of known bugs which are outlined below. |
- | + | ||
- | | + | |
- | | + | |
- | + | ||
- | " | + | |
- | | + | |
- | + | ||
- | | + | |
- | | + | |
+ | * [[https:// | ||
+ | * [[https:// | ||
+ | * [[https:// |
wesside-ng.1202483192.txt.gz · Last modified: 2008/02/08 16:06 by darkaudax