Learn, hack!

Hacking and security documentation: slides, papers, video and audio recordings. All in high-quality, daily updated, avoiding security crap documents. Spreading hacking knowledge, for free, enjoy. Follow on .

WPA Migration Mode: WEP is back to haunt you...

WiFi, wireless
Diego Sor, Leandro Meiners
Black Hat USA 2010
Indexed on
Mar 27, 2013
File name
File size
451.5 KB

Cisco access points support WPA migration mode, which enables both WPA and WEP clients to associate to an access point using the same Service Set Identifier (SSID). If WEP clients are still around, we can use the traditional WEP cracking arsenal against them. Therefore, we focused on analyzing the consequences of having this feature enabled when no WEP clients are present; for example after the migration to WPA has been carried out but this feature has been left enabled. We found that it is possible for an attacker to crack the WEP key under this scenario (i.e. no WEP clients). Once the key is recovered, it is possible to connect to the access point using this key (as it is operating in WPA migration mode) and access the network.

About us

Secdocs is a project aimed to index high-quality IT security and hacking documents. These are fetched from multiple data sources: events, conferences and generally from interwebs.


Serving 8166 documents and 531.0 GB of hacking knowledge, indexed from 2419 authors from 163 security conferences.


To support this site and keep it alive, you can click on the buttons below. Any help is really appreciated! This service is provided for free, but real money is needed to pay bills.

Flattr this Click here to lend your support to: Keep live SecDocs for an year and make a donation at www.pledgie.com !