[kismac] Re: kismac crash/hang

  • From: "John Lauck" <notjohnwork@xxxxxxxxxxx>
  • To: kismac@xxxxxxxxxxxxx
  • Date: Wed, 19 Feb 2003 23:33:25 -0500

> > I collected roughly 2 mil packets with kismac and running the wep
> > crack (the
> > "both" option) it hangs and sometimes crashes my whole machine.
> > I'm trying the same .kismac file on the new .03c version.
> > Has anyone else had similar results?  Also what exactly does the
> > .kismac
> > file save?  (The .kismac I've been trying to run the wep crack on is
> > only
> > ~10 mb.
>
>the 10 mb is ok. kismac only logs 4 byte for each weak packet. is there
>a chance that you can send me this file for further analysis?
>

I'm pretty sure i still have the file (from .03b) and I could send it to you 
if you have an ftp or somwhere I could dump it?  My email would certainly 
deny 10 mb file, and unless it's a weekend I dont have access to a network 
that isn't behind a firewall which makes it hard to use aim/icq/dcc file 
transfers.  Just let me know :)

> > Last question, if I had a computer that is allowed on a wlan (the wep
> > code
> > has been stored on the machine)  and another computer not allowed on
> > the
> > network.  I'm wondering if I save a pcap file from the machine allowed
> > on
> > the wlan, can i load that into kismac and then use the wep crack to
> > figure
> > out the wep code?
>
>well there are possible attacks on such a scenario. since you know what
>one computer is sending the other one could build up a dictionary for
>each iv. the file would be around 24 gb big. however no program that i
>know of uses such an attack, but it would also work on networks, that
>do not produce weak ivs! i was thinking of such a dictionary attack in
>order to break eap-tls, but it did not require a computer in the same
>wifi-network, but somewhere in the internet.
>if it is a mac, you are aware of the keychain feature?
>
The machine is a windows laptop.  Specifically an IBM thinkpad, not sure 
what model but nothing special.  I would think that it would be easier to 
break the encryption of the stored key on the laptop itself rather than have 
a 24 gb dictionary file.  I remember seeing windows password uncovering 
programs (lets you see what's behind the ***** when typing a password) but 
that was years ago.  It uses the Orinoco Client Manager Software which has a 
spot to enter 4 keys (options include: 40 bit hex or ascii, 104 bit 
hex/ascii) and a drop down to choose which key to use.  I don't quite 
understand this feature.  If I change the drop box from using Key 1 to Key 2 
it functions just as it was before.  Anyone have any ideas?

> > Using a Linksys wpc11 card I pick up several channels of a wlan.  In
> > order
> > to pick up more data and spend less time hopping from other inactive
> > channels I set the hop to only include these too channels 1 & 5.  Oddly
> > there is one AP on channel 5 that fluctuates from wep enabled to
> > disabled
> > every second or so.  Is this an error in the MacJack driver or a bug
> > elsewhere?  Using my internal airport with the viha driver never picks
> > up
> > this odd switch between the wep enabled to disabled.
> > Anyone else have this experience?
>
>this is normal. prism2 cards do not hand over the wep bit in the frame
>header. so kismac uses a heuristic method to determine between weped
>and not weped packets. nothing to worry about.
>
>mick


_________________________________________________________________
Add photos to your e-mail with MSN 8. Get 2 months FREE*.  
http://join.msn.com/?page=features/featuredemail


Other related posts: