gencases man page
gencases — 802.11b weak IV generation tool
| gencases |
gencases is used to generate test 802.11b packets that are encrypted with weak initialization vectors as described by Fluhrer, Mantin, and Shamir (FMS). The packets are saved to a user specified file in libpcap compatible format for later use with the airsnort(1) program. The intent is to provide airsnort with the packets required to demonstrate the FMS attack. Arguments to gencases allow the user to specify the WEP key that will be used to encrypt the packets as well as the number of packets to be generated for each byte of the wep key. The generated packets represent UDP echo requests from host 192.168.0.2 (on a wired net) to host 192.168.0.10 (on a wireless net) and the corresponding replies. The wireless client has MAC 00:02:2d:01:23:45, the wired host has MAC 00:04:5A:AB:CD:EF, and the access point has BSSID 00:02:2D:98:76:54. The generated packet file can be examined with standard packet analysis tools such as tcpdump or ethereal. It can also be loaded into airsnort(1) which, given that a sufficient number of cases were generated for each key byte, will produce a cracked WEP key. Running the generated file through the decrypt(1) utility will produce the decrypted versions of the packets which should reflect the echo request/reply traffic described above, and which can be verified using tcpdump or ethereal.
- Password as an ASCII string. 5 or 13 characters for 40 and 128 bit WEP cases respectively.
- Password as a colon separated list of 2 digit hex values. 5 or 13 hex values for 40 and 128 bit WEP cases respectively.
- Output file for generated cases.
- Number of sample cases to generate for each key byte (1-256). Default is 100.
Generate 100 cases per key byte with the ASCII password "hello" to file "test"
gencases -s hello -f test
Generate 200 cases per key byte with the hex key "23:56:89:ab:de" to file "test"
gencases -h 23:56:89:ab:de -f test -n 200