New Release 0.1.0 - Added pcap support

Long time no update ;)

Replaced prism-getIV.pl util with a pcap based tool (pcap-getIV.pl) for the collection of weak IVs off 802.11 networks. This tool is included in the WEPCrack-0.1.0.tar.gz release.

Here's some quick directions for the new pcap tool:

1 - Configure your card for monitor_mode with the specific procedures required for the specific card/driver combo you are using. Here's a couple examples:

------- prism2 card/linux-wlan-ng--------
#wlanctl wlan0 lnxreq_wlansniff enable=true prismheaders=false keepwepflags=false channel=6
#ifconfig wlan0 up

------------atheros card/madwifi ---------------
iwconfig ath0 mode monitor
iwconfig ath0 channel 6
ifconfig ath0 up

2 - Run pcap-getIV.pl and specify the capture interface. There are other options to override some of the default settings (type -h to display). There are also some runtime status messages and commands to change runtime settings (press h). Several useful runtime keys are 'd' for debug messages (see if you're getting any encrypted traffic), 's' to dump weak IV statistics, 'c' to launch WEPCrack.pl against collection file, and 'n' to purge/restart collection file.

#./pcap-getIV.pl -i wlan0

3 - run WEPCrack,pl once you collect 60 or soweak IVs for each keybyte. Either bail from pcap-getIV.pl and run WEPCrack.pl or press 'c' from pcap-getIV.pl to launch.

I'm planning to add more capabilities to WEPCrack soon, so keep checking back.

Anton Rager
a_rager@yahoo.com

Posted by Anton Rager 2004-10-06