jc-wepcrack
jc-duration-printer
pico-wepcrack
ps3-wepcrack
pcap-wepcrypt
prism-strip
simple-replay
pcap2air
libairware
lorcon
downloads
news
jc-duration printer implements the most successful 802.11 implementation fingerprinting technique I have discovered. It works by statistically analyzing the duration field of 802.11 frames. If you're interested in the details check out this uninformed paper or, for even more in-depth reading, my thesis . The beta release is available here
jc-duration-printer still has a lot of work to be done to be usable by end-users. With that said, it is included in airbase now, mostly to encourage me to work on it. First on my todo list is to replace the entire back-end with a real database. After that, a user-friendly front end to duration-print-matcher that loads the correct database as well as only looks at a window of packets centered on the association request of a client needs to be built.
jc-duration-printer could be useful to anyone interested in 802.11 research, which is why I'm making it available in beta form. It's even been mentioned in a few news stories. The code and algorithms are (hopefully) very well documented, as it was the result of my thesis work. :)
The following image shows the print matching program correctly determine the driver that created input.pcap (in this a Cisco Aironet card). The mac address is the address of the client in input.pcap that we are interested in, and the -P switch is the path to the print database we want to use.
| ./duration-print-matcher -a 00:0D:29:02:44:B8 -p ./input.pcap -P ./print-db/mixed--wrt54g/ |
 |
If you are -really- interested in this, you'll want the following (large) tarball, which includes the entire set of pcaps used to create the fingerprinting database as well as the code. If you just want to mess around, all the code and the (much smaller) print dataase is now included in recent airbase snapshots and releases.