v0.1.0
·
4 commits
to main
since this release
v0.1.0
StrongWind1
StrongWind
This tag was signed with the committer’s verified signature.
StrongWind1
StrongWind
fe17f50
This commit was signed with the committer’s verified signature.
StrongWind1
StrongWind
WEPWolf is an offline, passive WEP key-recovery tool: point it at a pcap, pcapng, or gzip-compressed capture and it recovers the WEP key from the captured 802.11 traffic — no wordlist, no external cracker, no radio. It re-implements aircrack-ng's WEP attack family and every recovered key is differentially validated to match aircrack-ng on the captures in its test set. This is the first release.
Attacks
- The full passive family — PTW (Klein plus a Maitra-Paul second vote), KoreK (17 weighted correlations with FSE-2013
a_optweighting), and FMS. - The Sepehrdad "Smashing WEP" RC4-bias database (FSE 2013) — the complete bias table voted together, which aircrack-ng does not ship; it recovers a WEP-104 key from fewer packets than PTW alone.
- Dictionary and weak-key generators — each word tried as a raw key, a hex key, and through the Neesus-Datacom (40-bit) and MD5 (104-bit) passphrase generators.
- A gated 40-bit brute force as the last-resort fallback for thin captures.
- One acceptance path — every candidate key is confirmed by RC4-decrypting real frames and checking the CRC-32 ICV. There is no heuristic acceptance anywhere in the codebase.
Known-plaintext mining
- Destination-driven — reads the cleartext 802.11 destination MAC to pick the right known plaintext per frame: IPv6 Neighbor Discovery (sixteen reliable octets, WEP-104 reach), EAPOL, and confirmed IPv4 multicast/broadcast (mDNS / SSDP / IGMP / DHCP). This recovers frames aircrack-ng's
known_clearmis-keys. - WEP-104 from ordinary traffic — reconstructs known plaintext from the ARP and IPv4 headers, then pins the strong key octets and sweeps the weakest exhaustively.
- Per-WEP-key-slot cracking — a multi-key access point (Key ID 0–3) yields a verified key per slot, where a single BSSID-keyed vote table reports at most one.
Performance
- Parallel multi-file ingest — a directory of captures is parsed concurrently and merged deterministically; the result is byte-for-byte identical regardless of thread count, with peak memory bounded by the WEP material rather than the input size.
- SIMD — PCLMULQDQ CRC-32 and a batched-RC4 known-plaintext prefilter for the brute kernel (about 4× the scalar grind), with runtime tier detection (SSE2 → AVX-512) and a byte-exact scalar fallback on every tier.
- Sweep / grind scheduler — cheap attacks run BSSID-parallel, the 40-bit brute runs one network at a time on the full pool, and a key found on one network is reused against co-located access points that share it. A per-BSSID time budget (default 30 s) keeps one hard network from starving the run.
Output and interface
- Three surfaces, the same information — a column-aligned table (default),
--plain(tab-separatedkey/wep/statrecords), and--json(typed NDJSON). Each carries the recovered keys, a WEP-BSSID summary (most IVs first), then a stats banner that accounts for every packet read. - aircrack-style flags —
-b/-n/-f/-x/-c/-q/-wwhere they correspond. - More — live progress bars, a hashcat-style
--potfile, frame carving (--carve) that collapses a multi-file capture set into one re-crackable pcap, and--debug"why uncracked" diagnostics.
Passive and offline only
WEPWolf reads capture files you already have on disk. It never captures traffic, injects frames, or touches a radio. WPA and active attacks are out of scope.
Install
Download the binary for your platform below and put it on your PATH (chmod +x on Linux/macOS). A macOS universal binary covering both architectures is included.
| Platform | Asset |
|---|---|
| Linux x86_64 | wepwolf-linux-x86_64 (static, musl) |
| Linux arm64 | wepwolf-linux-arm64 (static, musl) |
| macOS (Apple Silicon + Intel) | wepwolf-macos-universal |
| Windows x86_64 | wepwolf-windows-x86_64-msvc.exe |
| Windows arm64 | wepwolf-windows-arm64-msvc.exe |
Verify
Every artifact is checksummed, the checksum file is cosign-signed (keyless), and each binary carries SLSA build provenance.
# checksums
sha256sum -c SHA256SUMS # or: shasum -a 256 -c SHA256SUMS
# cosign signature on the checksum file (keyless)
cosign verify-blob SHA256SUMS \
--signature SHA256SUMS.sig \
--certificate-identity-regexp 'https://github.com/StrongWind1/WEPWolf/' \
--certificate-oidc-issuer https://token.actions.githubusercontent.com
# SLSA build provenance for a downloaded binary
gh attestation verify wepwolf-linux-x86_64 --repo StrongWind1/WEPWolfLinks
- Documentation: https://strongwind1.github.io/WEPWolf/
- How it compares to aircrack-ng: https://strongwind1.github.io/WEPWolf/comparison/
- Full changelog: https://github.com/StrongWind1/WEPWolf/blob/v0.1.0/CHANGELOG.md