Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated:
1
00:00:00,690 --> 00:00:07,770
The third injection method we're going to talk about is the fragmentation attack the fragmentation attack
2
00:00:07,800 --> 00:00:10,240
is very similar to the previous one.
3
00:00:10,230 --> 00:00:17,790
But in this attack we have to obtain one thousand five hundred bytes of the R-Ga. the pseudo random
4
00:00:17,790 --> 00:00:26,250
generation algorithm because we need to order the full fifteen hundred bytes this attack is we need
5
00:00:26,250 --> 00:00:30,740
to be closer to the target network to successfully run this attack.
6
00:00:30,840 --> 00:00:34,420
But it's much quicker than the Korac chop chop attack.
7
00:00:35,600 --> 00:00:43,520
So again after we obtained the R-Ga. we can use it to create to forge a new packet and then we're going
8
00:00:43,520 --> 00:00:51,560
to inject this new force packet into the into the traffic to increase the number of Iberis very quickly.
9
00:00:51,710 --> 00:00:59,080
So the concept is very simple we're going to capture a packet determine its P R-GA create a forge in
10
00:00:59,080 --> 00:01:02,630
your pocket and then inject that packet into the air.
11
00:01:03,140 --> 00:01:04,910
So let's see how we can do this.
12
00:01:06,450 --> 00:01:10,820
Again first thing is going to be running aero dump against the target network.
13
00:01:11,130 --> 00:01:17,810
So I'm just going to change the name here from chop chop to fragmentation or just going to code fragment
14
00:01:18,750 --> 00:01:19,910
hit enter.
15
00:01:19,990 --> 00:01:20,760
And here we go.
16
00:01:20,790 --> 00:01:23,780
A dump is launched on our target network.
17
00:01:23,860 --> 00:01:31,600
Second step as always is fake authentication so that the access point doesn't ignore us and it starts
18
00:01:31,600 --> 00:01:33,490
communicating with us.
19
00:01:33,550 --> 00:01:40,870
So we do that and we see here we have successfully associated with the target network and the authentication
20
00:01:40,870 --> 00:01:42,220
has changed to open.
21
00:01:42,460 --> 00:01:44,440
So that's very good.
22
00:01:44,530 --> 00:01:49,380
Third step is going to be our fragmentation them.
23
00:01:49,570 --> 00:01:55,630
It's very similar to the chop shop attack so you can see here that's my chop shop code that I used the
24
00:01:55,630 --> 00:01:57,320
chapter come on.
25
00:01:57,370 --> 00:02:00,990
So it's exactly the same command just set up chop chop.
26
00:02:01,000 --> 00:02:04,180
I'm going to say fragment.
27
00:02:04,400 --> 00:02:12,410
So it's airplay and you fragment be the target address of my target network and then change the MAC
28
00:02:12,410 --> 00:02:18,290
address of my own network sort of my own network.
29
00:02:18,650 --> 00:02:23,990
So I'm just going to associate myself again and do the fragmentation attack.
30
00:02:28,200 --> 00:02:34,290
So it's waiting for a packet now wants to capture the packet it's going to try to terminate its p r
31
00:02:34,290 --> 00:02:37,110
g a.
32
00:02:37,180 --> 00:02:38,290
Here we go.
33
00:02:38,500 --> 00:02:39,500
We got a packet.
34
00:02:39,760 --> 00:02:41,840
So it's asking me do I want to use this.
35
00:02:41,860 --> 00:02:46,170
I'm going to say yes please.
36
00:02:46,200 --> 00:02:48,330
Now I was trying to determine the R-Ga.
37
00:03:05,670 --> 00:03:08,080
So the packet wasn't useful.
38
00:03:08,130 --> 00:03:11,490
I'm just waiting for another packet to use it's asking me do I want to use this.
39
00:03:11,490 --> 00:03:35,500
I'm going to say yes again.
40
00:03:35,620 --> 00:03:37,530
Again that packet wasn't too useful.
41
00:03:37,540 --> 00:03:40,010
So we're just waiting for another useful packet.
42
00:03:41,100 --> 00:03:45,420
I'm going to re associate myself in the meanwhile and I'm going to say yes
43
00:04:12,620 --> 00:04:15,870
OK now this time this package was useful.
44
00:04:18,410 --> 00:04:21,640
And the keystream is saved to this file.
45
00:04:23,930 --> 00:04:29,330
Okay now we're just going to need to again the same as we did in chop chop.
46
00:04:29,330 --> 00:04:35,670
We're going to use this keystream to create forced buckets.
47
00:04:35,720 --> 00:04:39,440
So I'm just going to copy it's name and I'm going to use the same amount.
48
00:04:39,440 --> 00:04:40,930
I'm just going to clear this for you.
49
00:04:42,230 --> 00:04:47,220
And I'm going to use the same command that we use with the chop chop attack.
50
00:04:47,360 --> 00:04:54,500
The only difference is I'm going to remove the y and I'm going to put the name of the new keystream
51
00:04:54,500 --> 00:04:59,280
that we captured and the name of the packet we're going to create.
52
00:04:59,360 --> 00:05:01,430
I'm going to call this fragment first packet.
53
00:05:04,620 --> 00:05:06,870
So we're just going to go over the commands again.
54
00:05:06,870 --> 00:05:12,050
It's Puckett's porridge minus zero to create an a.p packet.
55
00:05:12,120 --> 00:05:14,480
We put the target Mac address.
56
00:05:14,680 --> 00:05:17,280
Hey it's my own Mac address.
57
00:05:17,280 --> 00:05:23,180
And then K and L are the destination and the source IP address is.
58
00:05:23,520 --> 00:05:27,390
Why is the name of the keystream file.
59
00:05:27,540 --> 00:05:31,290
So it's the file that way that has been created from the previous step.
60
00:05:31,560 --> 00:05:33,140
And that's the name of it.
61
00:05:33,480 --> 00:05:37,030
And then W is the file name that's going to be created.
62
00:05:37,070 --> 00:05:41,790
That's going to contain the first packet and it's going to be called fragments.
63
00:05:42,040 --> 00:05:45,860
Fact and is still not stopped.
64
00:05:45,890 --> 00:05:48,470
It's been successfully read into this file.
65
00:05:48,830 --> 00:05:56,140
So again just like the chop chop I think we're going to inject this new packet into the air.
66
00:05:56,390 --> 00:06:01,870
And this is going to be done using airplay ngi with the minus to option the reply option.
67
00:06:02,190 --> 00:06:08,890
The repair option just going to paste the name of my new first bucket.
68
00:06:08,930 --> 00:06:18,370
So we got airplay and you minus two for a replay or the name of my first packet and zero is my wife
69
00:06:18,370 --> 00:06:21,540
I carried with monitor mode before I do this.
70
00:06:21,590 --> 00:06:26,740
I'm going to associate myself again and then I'm going to hit enter here.
71
00:06:26,850 --> 00:06:32,080
It's asking me do I want to use this because I'm going to say yes.
72
00:06:32,300 --> 00:06:35,460
And here we go we can see the data is flying.
73
00:06:35,660 --> 00:06:40,020
We're injecting around 400 packets per second.
74
00:06:41,100 --> 00:06:46,150
And what's that number is large enough we're going to be able to crack the key.
75
00:06:47,080 --> 00:06:50,850
I can just go here to crack ngi.
76
00:06:50,970 --> 00:06:52,700
So it's going to be a crack.
77
00:06:52,910 --> 00:06:53,240
Angie
78
00:06:56,210 --> 00:06:57,860
fragment test
79
00:07:05,680 --> 00:07:12,660
Cup here is here we go we can see the key that's the key.
80
00:07:12,930 --> 00:07:15,700
And we have 70000 Ivey's.
81
00:07:15,870 --> 00:07:18,950
So if we go back here probably even more 35000.
82
00:07:19,110 --> 00:07:23,370
And the numbers are increasing quickly.
83
00:07:23,610 --> 00:07:28,380
So that was the three methods to inject packets into the air.
84
00:07:28,380 --> 00:07:35,550
There is more methods but that's in my opinion the best three methods to increase the number of data
85
00:07:35,770 --> 00:07:39,320
into the networks.
86
00:07:39,330 --> 00:07:43,440
This way we're able to crack any WEP encrypted network.
8432
Can't find what you're looking for?
Get subtitles in any language from opensubtitles.com, and translate them here.