Arvind,
Arvind Sood wrote:
The problem relates to creating traffic on a wireless network in case
you dont find a lot of traffic for a good capture. Is there any way
you can create traffic on a WEP network without knowing
- the IP Address (address range) the Access Point and wireless clients
are using
- the WEP key being used (makes sense - that is why you are running a WEP crack)
Besides aireplay (not sure why you are getting a SEGFAULT, it worked OK
for me - maybe check the Aircrack documentation?), you could use
WEPWedgie. This tool was written by Anton Rager a few years ago, and
allows you to inject packets into the network after determining PRGA
from the WEP challenge/response mechanism.
http://www.sf.net/projects/wepwedgie/
The current version relies on the Airjack drivers for operation, meaning
you'll have to run it on a Linux 2.4 kernel system. I wrote a small
patch to add an option to send ICMP echo requests to the broadcast
address (since you might not know any internal addresses), which is
available at http://home.jwu.edu/jwright/code/ww-broadcasticmp.diff.
Unfortunately, Airjack has some timing issues which makes it somewhat
ineffective for injecting large quantities of packets, but this will get
you started. While at Shmoocon (you guys rock!) I started re-writing
WEPWedgie to port it to a more reliable packet injection framework (and
code cleanup) for another project, I'll make that available when I get
it finished.
Good luck,
-Josh
--
-Joshua Wright
jwright@hasborg.com
http://home.jwu.edu/jwright/
pgpkey: http://home.jwu.edu/jwright/pgpkey.htm
fingerprint: FDA5 12FC F391 3740 E0AE BDB6 8FE2 FC0A D44B 4A73
Today I stumbled across the world's largest hotspot. The SSID is "linksys".
