Great info, Beat. How many other people have had luck on the 104/128 bit keys? I'm curious to hear others' experiences with those. There aren't a lot of 40 bit APs in my neighborhood (at least in discussing it with my technical neighbors), so I would assume there isn't as much 40 bit stuff as their used to be. On 2/27/06, Beat Zahnd <beat.zahnd@xxxxxxxxxxxxx> wrote: > > Geoffrey Kruse wrote: > > > I have been able to crack wep with 350,000 ivs. I have only been able > > to do this using a usb adaptor, using the airport extreme passive mode, > > I have never cracked a 128 bit key no matter how many ivs I collect! > > I cracked several 104 bit keys. Usualy I collect with kismac and crack > with aircrack. A recent aircrack has much more options i.e. only using > printable characters or the so called fudge factor: > > > $ ./aircrack > > > > Common options: > > > > -a <amode> : force attack mode (1/WEP, 2/WPA-PSK) > > -e <essid> : target selection: network identifier > > -b <bssid> : target selection: access point's MAC > > -p <nbcpu> : SMP support: # of processes to start > > -q : enable quiet mode (no status output) > > -w <words> : path to a dictionary file > > > > Static WEP cracking options: > > > > -c : search alpha-numeric characters only > > -t : search binary coded decimal chr only > > -d <start> : debug - specify beginning of the key > > -m <maddr> : MAC address to filter usable packets > > -n <nbits> : WEP key length: 64 / 128 / 152 / 256 > > -i <index> : WEP key index (1 to 4), default: any > > -f <fudge> : bruteforce fudge factor, default: 2 > > -k <korek> : disable one attack method (1 to 17) > > -x : do bruteforce the last two keybytes > > -y : experimental single bruteforce mode > > > > aircrack 2.4 - (C) 2004,2005 Christophe Devine > > > > usage: aircrack [options] <.cap / .ivs file(s)> > > One 128-bit wep net I cracked after collecting ~350'000 ivs. But as this > is a statistical method cracking works only in 1 of 10 cases using this > meager packet base. So you have to keep trying ... > > > Greetings, Beat > > -- > Beat ZAHND > Physics Institute > University of Bern phone +41 31 631 3466 > Sidlerstrasse 5 fax +41 31 631 4405 > CH-3012 Bern (Switzerland) mailto:beat.zahnd@xxxxxxxxxxxxx > > -- Digital things worthwhile: http://www.digg.com, http://del.icio.us, http://www.boingboing.net, iTunes, Skype, Bluetooth Headset Enjoy the documented stupidity at http://beatdown.blogspot.com