> > I collected roughly 2 mil packets with kismac and running the wep > > crack (the > > "both" option) it hangs and sometimes crashes my whole machine. > > I'm trying the same .kismac file on the new .03c version. > > Has anyone else had similar results? Also what exactly does the > > .kismac > > file save? (The .kismac I've been trying to run the wep crack on is > > only > > ~10 mb. > >the 10 mb is ok. kismac only logs 4 byte for each weak packet. is there >a chance that you can send me this file for further analysis? > I'm pretty sure i still have the file (from .03b) and I could send it to you if you have an ftp or somwhere I could dump it? My email would certainly deny 10 mb file, and unless it's a weekend I dont have access to a network that isn't behind a firewall which makes it hard to use aim/icq/dcc file transfers. Just let me know :) > > Last question, if I had a computer that is allowed on a wlan (the wep > > code > > has been stored on the machine) and another computer not allowed on > > the > > network. I'm wondering if I save a pcap file from the machine allowed > > on > > the wlan, can i load that into kismac and then use the wep crack to > > figure > > out the wep code? > >well there are possible attacks on such a scenario. since you know what >one computer is sending the other one could build up a dictionary for >each iv. the file would be around 24 gb big. however no program that i >know of uses such an attack, but it would also work on networks, that >do not produce weak ivs! i was thinking of such a dictionary attack in >order to break eap-tls, but it did not require a computer in the same >wifi-network, but somewhere in the internet. >if it is a mac, you are aware of the keychain feature? > The machine is a windows laptop. Specifically an IBM thinkpad, not sure what model but nothing special. I would think that it would be easier to break the encryption of the stored key on the laptop itself rather than have a 24 gb dictionary file. I remember seeing windows password uncovering programs (lets you see what's behind the ***** when typing a password) but that was years ago. It uses the Orinoco Client Manager Software which has a spot to enter 4 keys (options include: 40 bit hex or ascii, 104 bit hex/ascii) and a drop down to choose which key to use. I don't quite understand this feature. If I change the drop box from using Key 1 to Key 2 it functions just as it was before. Anyone have any ideas? > > Using a Linksys wpc11 card I pick up several channels of a wlan. In > > order > > to pick up more data and spend less time hopping from other inactive > > channels I set the hop to only include these too channels 1 & 5. Oddly > > there is one AP on channel 5 that fluctuates from wep enabled to > > disabled > > every second or so. Is this an error in the MacJack driver or a bug > > elsewhere? Using my internal airport with the viha driver never picks > > up > > this odd switch between the wep enabled to disabled. > > Anyone else have this experience? > >this is normal. prism2 cards do not hand over the wep bit in the frame >header. so kismac uses a heuristic method to determine between weped >and not weped packets. nothing to worry about. > >mick _________________________________________________________________ Add photos to your e-mail with MSN 8. Get 2 months FREE*. http://join.msn.com/?page=features/featuredemail