The Caffe Latte attack
In the Honeypot attack, we noticed that clients will continuously probe for SSIDs they have connected to previously. If the client had connected to an access point using WEP, operating systems such as Windows cache and store the WEP key. The next time the client connects to the same access point, the Windows wireless configuration manager automatically uses the stored key.
The Caffe Latte attack was invented by Vivek, one of the authors of this book, and was demonstrated in Toorcon 9, San Diego, USA. The Caffe Latte attack is a WEP attack that allows a hacker to retrieve the WEP key of the authorized network, using just the client. The attack does not require the client to be anywhere close to the authorized WEP network. It can crack the WEP key using just the isolated client.
In the next exercise, we will retrieve the WEP key of a network from a client using the Caffe Latte attack.