Communicate via an WEP-encrypted access point with easside-ng

Easside-ng is an auto-magic tool which allows you to communicate via an WEP-encrypted access point (AP) without knowing the WEP key. It first identifies a network, then proceeds to associate with it, obtain PRGA (pseudo random generation algorithm) xor data, determine the network IP scheme and then setup a TAP interface so that you can communicate with the AP without requiring the WEP key. All this is done without your intervention.

easside-ng menu

root@kali:~# easside-ng -h

Easside-ng 1.2 rc4 - (C) 2007, 2008, 2009 Andrea Bittau
http://www.aircrack-ng.org

Usage: easside-ng <options>

Options:

-h                : This help screen
-v   <victim mac> : Victim BSSID
-m      <src mac> : Source MAC address
-i           <ip> : Source IP address
-r    <router ip> : Router IP address
-s     <buddy ip> : Buddy-ng IP address (mandatory)
-f        <iface> : Interface to use (mandatory)
-c      <channel> : Lock card to this channel
-n                : Determine Internet IP only

easside-ng Usage Example

First, run buddy-ng, then launch the easside-ng attack, specifying as many of the options as you can.

root@kali:~# buddy-ng
Waiting for connexion

root@kali:~# easside-ng -v de:ad:be:ef:ca:fe -m 3c:46:d8:4e:ef:aa -s 127.0.0.1 -f wlan0mon -c 6
Setting tap MTU
Sorting out wifi MAC

Source:

• Easside-ng Wiki
• Easside-ng Homepage

 

• Author: Thomas d’Otreppe, Original work: Christophe Devine
• License: GPLv2