cafe-latte
Table of Contents
Cafe Latte attack
Description
The Cafe Latte attack allows you to obtain a WEP key from a client system. Briefly, this is done by capturing an ARP packet from the client, manipulating it and then send it back to the client. The client in turn generates packets which can be captured by airodump-ng. Subsequently, aircrack-ng can be used to determine the WEP key.
These links provide a detailed explanation of the attack plus some ways to protect yourself from it:
Where did the attack name come from? The concept is that a WEP key could be obtained from an innocent client at a coffee bar in the time it takes to drink your cafe latte.
Usage
aireplay-ng -6 -h 00:09:5B:EC:EE:F2 -b 00:13:10:30:24:9C -D rausb0
Where:
- -6 means Cafe-Latte attack
- -h 00:09:5B:EC:EE:F2 is our card MAC address
- -b 00:13:10:30:24:9C is the Access Point MAC (any valid MAC should work)
- -D disables AP detection.
- rausb0 is the wireless interface name
Usage Examples
None at this time.
Usage Tips
None at this time.
Usage Troubleshooting
None at this time.
cafe-latte.txt · Last modified: 2010/11/21 15:52 by sleek