Dan May 18, 2007 9:21 AM

I’ve used their aircrack-ptw tool to crack a WEP key, and it is incredibly fast. Used with packet injection anyone using WEP will be wide open in less than 3 minutes. People, use WPA2!

FooDooHackedYou May 18, 2007 10:14 AM

Interesting. A d00d called Hackar1 did a talk on hacking WEP at shmoocon this year. He also cracked WEP with ease using sniffed packets and FPGAs (specialized circuit boards). He’s also hacked WPA and bluetooth.

Paul May 18, 2007 10:55 PM

He goes by H1kari, and his attacks leveraged the ability to precompute hashes, especially against WPA-Personal (pre-shared keys). Aircrack-ptw is unrelated.

Robert May 19, 2007 4:39 AM

Check out Andrea Bittau’s fragmentation attack. Once you’ve sniffed a single packet you can transmit arbitrary data (without knowing the wep key) in 8 byte fragments.

(which also lets you generate lots of crackable traffic very easily, if you want to use more standard attacks to find the key)

Leave a comment


Allowed HTML <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre> Markdown Extra syntax via

Sidebar photo of Bruce Schneier by Joe MacInnis.