How, when there are no clients?

hongman · #1 (**permalink**) 03-13-2006, 03:19 PM

Hi all

Ok, so now I'm ok with cracking most WEP wlans with clients.

My next step - learn how to do it if there are NO clients.

I know Aireplay can associate with the AP, but this doesnt generate any ARP packets.

So how would one approach this?

Thanks

Hong

hongman · #2 (**permalink**) 03-20-2006, 04:59 PM

Still stuck on this one!

yeehawjared · #3 (**permalink**) 03-29-2006, 02:32 PM

sometimes there really are clients on a network but you can't see them. I don't know your scenario, but sending a mass deauth causes some clients to come out of the woodwork. This happens all the time with really quiet networks.

keep your eye on airodump while it's running to see if any clients are exposed after a mass deauth.

hongman · #4 (**permalink**) 03-29-2006, 02:39 PM

Cool, thanks for that info.

WHat is the correct command for mass deauth using Aireplay?

slice · #5 (**permalink**) 03-29-2006, 10:09 PM

Just do attack 0 without the -c option.

hongman · #6 (**permalink**) 03-30-2006, 08:11 AM

Ok, so you can maybe get some 'quiet' clients to appear by doing a mass deauth.

What about if there are truky no clients? Is it possible then?

hobbes · #7 (**permalink**) 03-30-2006, 09:42 AM

Use the fake-auth attack to put a client on the network, then de-auth it and grab the SYN packet.

hongman · #8 (**permalink**) 03-30-2006, 12:42 PM

Is SYN the same as ARP?

Digger · #9 (**permalink**) 03-31-2006, 06:45 AM

Watch this video , it works like a charm

tested it and aproved

http://hardware-place.com/download.php?view.42

hobbes · #10 (**permalink**) 03-31-2006, 07:03 AM

That's awsome, man, thanks for doing that.

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode