Ethical Hacking - NETWORK PENETRATION TESTING(9)

标签：pac   ted   eth   inter   net   oci   was   request   outer   

WEP Cracking Packet Injection

What if the AP was idle, or had no clients associated with it? In this case, we have to inject packets into the traffic in order to force the router to create new packets with new IV‘s.

Before we can start injecting packets into the traffic, we have to authenticate our wifi card with the AP, because AP‘s ignore any requests that come from devices that are not associated with the AP. This can be done easily using airmon-ng like so

aireplay-ng --fakeauth 0 -a[target  MAC] -h[your MAC] [interface]

If this fake authentication was successful the value under the "AUTH" column in airodump-ng will change to "OPN"

Packet injection - ARP request replay

In this method, after successfully associating with the target AP, we will wait for an ARP packet, we will then capture this packet and inject it into the traffic, this will force the AP to generate a new ARP packet with a new IV, we capture this new packet and inject into the traffic again, this process is repeated until the number of IV‘s captured is sufficient enough to crack the key.

aireplay-ng --arpreplay -b [target MAC] -h [your MAC] [interface]

Ethical Hacking - NETWORK PENETRATION TESTING(9)

标签：pac   ted   eth   inter   net   oci   was   request   outer   

原文地址：https://www.cnblogs.com/keepmoving1113/p/11863480.html