namtrac35 / wifite

Automatically exported from code.google.com/p/wifite
0 stars 0 forks source link

Even when fake authentication is unsuccessful it'll still try the WEP attack #6

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago
[+] attacking "WEP AP"...
[0:09:46] attempting fake-authentication (attempt 3/3)
[0:09:44] fake authentication unsuccessful :(
[0:09:59] started arp replay attack on "WEP AP"; Ctrl+C for options
[0:09:59] arp replay attack on "WEP AP" captured 16 ivs (3/sec)         
[0:09:54] arp replay attack on "WEP AP" captured 16 ivs (0/sec)         
[0:09:49] arp replay attack on "WEP AP" captured 16 ivs (0/sec)

The attack may as well quit at this point.

Original issue reported on code.google.com by ian.pa...@gmail.com on 23 Sep 2010 at 11:13

GoogleCodeExporter commented 9 years ago
Sometimes a client is connected and generating hundreds of IVs per second (lots 
of Netflix/YouTube traffic).  In this (rare) case, fake-authentication is not 
required to capture enough packets to crack the WEP key.

While this situation is rare, it can happen, and I don't like the idea of 
Wifite *not* cracking a WEP key if it is possible to do so.

However, I've added the switches '-f' or '--force-auth' in revision 19.  With 
these switches active, a WEP attack will end if fake-authentication is 
unsuccessful.  This option is included in the GUI.

If the -f option is not given, Wifite will still continue despite 
fake-authentication failure (default).  I may change the default behavior if 
more users speak up / complain.

Fixed in revision 19.

Original comment by der...@gmail.com on 24 Sep 2010 at 12:47

GoogleCodeExporter commented 9 years ago
From now on, Wifite defaults to quitting an attack if fake authentication fails.

"-f" and "--force-fake" continue the attack if authentication fails.

Thanks for your input; it took a while, but this feature eventually got 
implemented.

Original comment by der...@gmail.com on 28 Sep 2010 at 6:45