Description: Welcome to Part 16 of the WLAN Security Megaprimer! Please start this series by watching Part 1 http://www.securitytube.net/video/1756, if you have not done so already.
In this video, we will learn the basics of the Caffe Latte Attack. This attack uses the Message Modification flaw in WEP to its advantage to crack the WEP key just using a client. There is no need to be anywhere near to the access point to do this.
The basic idea is to first monitor the air and find what clients are probing for. The second step is to setup a WEP fake AP using Airbase-ng. The client will connect to us and we will send an authentication success to the it. This will ensure that the client finishes the association phase and starts sending data (DHCP) requests. This is the starting point for the Caffe latte attack.
Tags: 802.11 , WEP , Cracking , Aireplay-ng , ARP , replay , security , hacking , wireless , weak IV , Caffe Latte , Message Modification , XOR ,
Thanks mate, seems great !
Thanks Sir... for this awesome video..
Vivek, Please try to have video per day, I can't wait your video, Yo are the best!!
what is your next mega primer
Awesome :)
Thank you Mr. Vivek.
Another killer video, Vivek. Your charts did make a difficult subject more understandable. We're getting into the stuff now that I am most interested in (ie how these attacks actually work at the packet level).
I'm renaming this the 'Ginger Tea' attack :-)
Glad to see you back and producing great videos again Vivek, keep up your incredible work, it is very gratefully received :-)
@m0e1, Machinist, Kamel Thanks Guys!
@Zidane Next will be Metasploit Advanced - programming and extending the framework
@WCNA Thanks for letting me know. Some of these things are really mathematical, so even I am not sure if I am able to get it across in an easy to understand way. I really want everyone to know what is happening in the background of all those fun tools :) After you know how they work, they are even more fun to work with :)
@Blackmarketeer Nice one my friend :) Its so hot right now in India, that I use air-conditioning in chill mode, and nothing better than ginger tea, cold weather and some hackin! :)
Next video posted now: http://www.securitytube.net/video/1835
thank you :)
One of these days you're going to have to let us look outside your window so we can all scream "Stop honking your horns, can't you see we're hacking here!"
hello . its perfect .
i found a paper about caffe latte attack :
http://toorcon.org/2007/talks/25/Caffe-Latte-By-Sohail-Vivek.doc
@behruz Thanks!
@WCNA In India, they will just honk back ;) I am used to the noise
@soheil.r Thats a very outdated paper, incomplete. The best documentation is here :
http://www.airtightnetworks.com/home/resources/knowledge-center/caffe-latte.html
I haven't heard of caffe latte attack before, but have heard of other similar attack vectors. Quite interesting attack and at first, I thought the attacker was using a high gain antenna to amplify his signals, and make the victim connect back to his honeypot.
Anyhow, your explaination was very clear, consize and above all very easy to understand. Thank you for making these videos possible, it has been a very great leacture.
By the way, how can I make some donations?
Wahoo!! Back from vacation. Another fantastic video! Thanks Vivek!
This might be useful in MITM for networks that one has already cracked the key to, but i barely thought of it after this video, so I'm posting it here. If you know the wep key, you can use the "-w" option, and set the wep key that the client should use for authentication. I hope this is useful :)
Another great video! Thanks Vivek!
Awesome and very helpful video.
Thank Vivek.
Nice Primer :-)
Wouldn't it also work if I send some challenge with:
11111111111111111111111111111111
and see what I will get back to find out the wep-key?
Thank you
Or Full "XOR-Key"
I'm new in all of these but Vivek your diagram is very very helpful and easy to understand. I'm following you on your videos. I hope you continue with making more of this educational videos.
i see the network but on iPhone not connect automatically and when try to connect it manually it ask for WEP Key !!! any one else :(
how to make client connect back automatically to my honeypot AP !!!
this is just awesome
thanx vivek!