Release Notes: A bug with small packets (like arp) has been fixed. The minimun size has been decreased to 20 bytes. This release works like a charm with an arp replay attack. It prints the right ASCII password when a WEP key is cracked using the dictionary mode.
Release Notes: A bug in bruteforge.c was fixed, and a new way to coordinate multiple process cracking was implemented. Another bug in bruteforge.c was fixed to allow --ascii to go up to 0x7F. Support was added for --alpha (only letters) and --alnum (letters and numbers) in the bruteforce attack. wlan0 is now the default interface for capturing packets. Pressing "q" now quits sniffing and flushes the pcap file. Help for command line parameters was simplified. Some divide by 0 bugs were fixed. The --wordfile option was added to make it possible to launch the dictionary based attack without using John the Ripper to generate words.
Release Notes: This release fixes a bug with those WEP keys which have a 0xFF byte value, a bug that made Weplab show the wrong BSSID with --analyze, and a problem with --ascii in bruteforce attack. There is now a manual page. Minor bugs were fixed related to console printed messages.
Release Notes: The default options for statistical attacks have changed and are now [ -s 3 --perc 50 ]. The commandline options are now more relaxed and robust. A PRISM_HEADER datalink has been added for capture packets. This release has been tested and works fine with John The Ripper 1.6.
Release Notes: BSSID is automatically detected and selected if it is not specified with --bssid. The "analyze" switch (-a) now shows all packets per BSSID. Big endian issues fixed. Small fixes were made for the Windows platform. A small bug was fixed with rc4 decryption. A small change was made to Korek inverse attack.
Release Notes: Full Korek's attacks are implemented. A new command line option -s lets you specify the minimum stability required Now WEP is crackable from 150.000 packets using statistical attacks. It is also possible to crack WEP despite weak IV avoidance firmware. Dictionary attack has been implemented (uzy), but not fully tested. Now rejected bytes are never tested. Minor bugs have been fixed, and there are speed improvements in brute force attacks.
Release Notes: New statistical attacks (Korek's attacks) were added. It is now possible to crack the key even with less than 500k packets. A bug with the second byte attack was fixed, but it remains to be tested in depth. BSSID detection was added. Information about the time needed to crack the current key was added, for benchmarking purposes. Some minor fixes in the README file and Help were made.