Cracking WEP in less than 60 seconds

How to crack WEP in less than 60 seconds.

Actually, it typically takes about 3-10 seconds to recover the WEP key.

I built it and ran it under Umbutu 6.10 using capture files from airdump-ng. Works fairly well on the neighborhood assortment of older PBI/SBC/at&t supplied 2Wire wireless routers that default to WEP encryption even though they are capeable of doing WPA and WPA2. However, it failed on an access point with custom tweaked firmware designed to discourage ARP injection, re-injetion, and flooding as airdump-ng could not get the required number of ARP replies in a reasonable amount of time.

Moral: WEP really sucks. Use WPA or WPA2 instead.

Reply to
Jeff Liebermann
Loading thread data ...

According to the tu-darmstadt site their software can't crack 256bit WEP either.

BTW it's a statistical test: using less than 40.000 frames in 50 pct of all cases.

A 50 pct crtitical region (or 50 pct significance level) is quite large (small) in statistical tests. Levels are usually set to 90 - 95 pct (10

- 5 pct). Using those values will (probably) result in the usual time taken to crack WEP.

Reply to
Axel Hammerschmidt

Jeff Liebermann trolled:

256 or 512 bits WEP? So try to crack mine. Ho ho ho!
Reply to

F8BOE hath wroth:

"Key size is not the only major security limitation in WEP. Cracking a longer key requires interception of more packets, but there are active attacks that stimulate the necessary traffic. There are other weaknesses in WEP, including the possibility of IV collisions and altered packets, that are not helped at all by a longer key. See stream cipher attack."

Reply to
Jeff Liebermann

On Mon, 16 Apr 2007 18:58:18 +0200, F8BOE wrote in :

Misplaced confidence is a fast track to insecurity.

Reply to
John Navas

Are you sure about that John ?



Reply to
Eric Parker Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.