Generate WiFi IVS dump with makeivs-ng on Kali Linux

October 25, 2018 Hacking, Kali Linux, Wireless LAN (Wi-Fi) 1 Comment

makeivs-ng is part of the aircrack-ng package and is used to generate an IVS dump file with a given WEP key. The aim of the tool is to provide a way to create dumps with a known encryption key for testing.

makeivs-ng – generate a dummy IVS dump file with a specific WEP key

root@kali:~# makeivs-ng --help

makeivs-ng 1.2 rc4 - (C) 2006-2015 Thomas d'Otreppe
http://www.aircrack-ng.org

usage: makeivs-ng [options]

Common options:
-b <bssid> : Set access point MAC address
-f <num>   : Number of first IV
-k <key>   : Target network WEP key in hex
-s <num>   : Seed used to setup random generator
-w <file>  : Filename to write IVs into
-c <num>   : Number of IVs to generate
-d <num>   : Percentage of dupe IVs
-e <num>   : Percentage of erroneous keystreams
-l <num>   : Length of keystreams
-n         : Ignores ignores weak IVs
-p         : Uses prng algorithm to generate IVs

--help     : Displays this usage screen

makeivs-ng Usage Example

Specify a BSSID (-b de:ad:be:ef:ca:fe), WEP key (-k 123456789ABCDEF123456789AB), and output filename (-w makeivs.ivs).

root@kali:~# makeivs-ng -b de:ad:be:ef:ca:fe -k 123456789ABCDEF123456789AB -w makeivs.ivs
Creating 100000 IVs with 16 bytes of keystream each.
Estimated filesize: 2.29 MB
Using fake BSSID DE:AD:BE:EF:CA:FE
Done.
root@kali:~# aircrack-ng makeivs.ivs
Opening makeivs.ivs
Read 100001 packets.

#  BSSID              ESSID                     Encryption

1  DE:AD:BE:EF:CA:FE                            WEP (100000 IVs)

Choosing first network as target.

Opening makeivs.ivs
Attack will be restarted every 5000 captured ivs.
Starting PTW attack with 100000 ivs.

Aircrack-ng 1.2 rc4

[00:00:00] Tested 621 keys (got 100000 IVs)

KB    depth   byte(vote)
0    1/  2   76(113152) 1E(111104) 48(109824) 1C(109568) A6(109568)
1    1/  3   F5(112640) 06(111616) 33(111616) F4(111616) 05(111104)
2    0/  2   31(137216) F9(113664) 76(113152) DC(110336) B9(109568)
3   10/  3   E1(108800) 0A(108544) 34(108032) 3E(108032) 48(108032)
4    9/  4   7D(109312) BA(109056) 5E(108800) D6(108800) 11(108288)

KEY FOUND! [ 12:34:56:78:9A:BC:DE:F1:23:45:67:89:AB ]
Decrypted correctly: 100%

Source:

Author: Thomas d’Otreppe, Original work: Christophe Devine

License: GPLv2

Check Also

SamSam Ransomware

SamSam Ransomware

The Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) and the …

New Exploits for Unsecure SAP Systems - blackMORE Ops

New Exploits for Unsecure SAP Systems

A presentation at the April 2019 Operation for Community Development and Empowerment (OPCDE) cybersecurity conference describes SAP systems with unsecure configurations exposed to the internet. Typically, SAP systems are not intended to be exposed to the internet, as it is an untrusted network. Malicious cyber actors can attack and compromise these unsecure systems with publicly available exploit tools, termed “10KBLAZE.” The presentation detailed the new exploit tools and reports on systems exposed to the internet.

One comment

  1. Sukeh905
    November 29, 2018 at 3:57 pm

    Good

    Reply

Use WordPress.com, Twitter, Facebook, or Google+ accounts to comment (anonymous comments allowed). Leave your solution to help others.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Designed by blackMORE Ops
© Copyright 2023, All Rights Reserved

Privacy Policy on Cookies Usage

Some services used in this site uses cookies to tailor user experience or to show ads.

Facebook
%d bloggers like this: