Description: In this talk Rick Farina a.k.a Zero Chaos and Thomas D'Otreppe a.k.a Mister X discuss the latest advancements in cracking WEP Cloaking and 802.11 non public band communication.
Mister X also releases Airdecloak-ng, a tool which removes the cloaked packets from a pcap file and thus allow aircrack-ng to break the key. Internally the logic is to identify these spoofed chaff packets by analyzing the sequence number and IV field. As Wep cloaked packets are necessarily data packets (at least in the current implementation according to Thomas) it is not possible for them to follow the sequence number or IV accurately, thus allowing for a very easy filtering. The Sequence number technique was first mentioned by Joshua Wright in his blog. Later that year Vivek Ramachandran and Amit Vartak from Airtight Networks demoed the first version of the WEP Cloaking cracker by modifying Aircrack-ng.
Farina on the other hand spoke about a very interesting topic - non public band communication using 802.11 . He points out that with minor tweaks to the driver code it is possible to listen and send on non public bands. However, he cautions everyone that even though listening on non public bands is allowed, transmission is punishable by US law. The slides to their Defcon 16 presentation is available here. The video of their talk is embedded below.
Tags: fun ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.