Title text:
In 1899, people were walking around shouting ‘23’ at each other and laughing, and confused reporters were writing articles trying to figure out what it meant.
Transcript:
Transcript will show once it’s been added to explainxkcd.com
Source: https://xkcd.com/3184/
I did that too, but back then it was called Backtrack Linux. I bought a special Atheros chipset WiFi card for my laptop’s PCMCIA slot. The built-in 802.11b WiFi card worked under Linux but only by using the Windows ME driver in NDISWrapper, which didn’t support promiscuous mode.
The Atheros chipsets could be configured (by flashing the firmware with a blob I got from a BBS, if I recall) to capture the traffic from nearby wireless networks. In particular, I wanted to pick up the signal from when a device first connects. There was a bug in Windows XP that could cause the WiFi to drop briefly, then promptly reconnect. By triggering that bug over and over I could capture a lot of reconnect packets in a short time frame.
Then I’d save the data to a big file and pipe it to Aircrack and extract the Wired Equivalent Privacy password.
I was a 1337 H4XX0|2 B-)
Tap for spoiler
Well, that’s how the tutorial said it would work anyway. I actually never could get enough packets captured. The signal strength was too low
Just to toss this in there, it totally wasn’t a bug, you were sending a deauth packet to force them to reconnect then recapturing their auth sequence until you had enough packets to crack the WEP key. A pretty fun demo back then was to setup a wireless bridge between an open public network and a rogue AP (usually we’d just use a pcmcia WiFi card bridge to the internal WiFi adapter); then (due to pretty much no https anywhere), you could follow peoples browsing habits, log into their MySpace/LiveJournal/DeadJournal/GeoCities/etc (passwords were pretty commonly passed in plaintext), etc.
It was never done nefariously, but allowed us to learn a lot.