I uploaded the demo code from Defcon 11. I'm having some issues with the release note / changelog sourceforge stuff, so there is limited info in the sourcecode on how the tools work. Here's some more info in the interim.
wepwedgie consists of two main programs at the moment.
.prgasnarf: looks for shared-key-auth sequences to derive a IV and PRGA - this can later be used as a packet keystream with the same IV.
.wepwedige: injects frames encoded with IV/PRGA from prgasnarf to a user specified target and internet helper. The internet helper is a host that you own that will be monitoring the results from the injected traffic via the internet. ... read more