Security for a day

While (finally) working through the last hands on practical of the excellent Offensive Security’s Wifu course, I hit an odd road block.

The Aireplay-ng  attack on SKA was not going well. This was annoying, to say the least.

My command airodump-ng  –channel 1 –bssid 00:01:02:03:04:05 –w ska wlan0 was running fine and capturing traffic happily from my test  Linksys WAP54G firmware v3.1

The four output files generated from the command appeared, but the magic .xor file refused to appear despite issuing numerous de-authentication commands

airodump-ng  -0 10 –a 00:01:02:03:04:05  -c 00:00:DE:AD:BE:EF wlan0

Turning off and on the wireless client machine’s NIC didn’t fix this either.

I noticed the banner of the airodump-ng output:

CH 1 ][ Elapsed: 10 mins ][ 2010-04-01 09:48 ][ Broken SKA: 00:01:02:03:04:05

A quick search turned up a link to http://www.aircrack-ng.org/doku.php?id=airbase-ng, then the searching turned up various people ranting and talking madness.

Just to finish off my evening study on a sane note, I dug out an old Netgear wireless router and set it up for shared WEP encryption. Joy of joys airodump-ng saw the authentication handshake and dumped it out in to a .xor file just as it did in the notes.

I was then able to crack the massively secure 64 bit (okay 40 bit) shared WEP key in about 10 seconds after generating enough IV’s – Hurra!