yea but that would need a client to spoof and that would still kinda rule out the whole no clients thing. But if you were to brute force a mac. That would be kinda cool but still you would be brute forcing. My whole reason for the post honestly was to find a way without deauthing or brute forcing. Maybe some sort of packet decryption method. Where you could use your data packets to crack the actually SSID. I know it sounds dumb but it was just an idea. You would think it is impossible but look how far technology and security has come. You can crack into a network wirelessly. Seems like 10 or less years ago you had to use a phone line to get on the internet.
If the key is obtained you should be able capture decrypted packets in Wireshark. Still, there would need be traffic with the SSID though....
EDIT: forgot to add there is a vulnerability of the Nesses Datacom Algorithm where it is easy do decrypt because there are so many collisions. All WRT-54Gs that I've seen use this to generate WEP keys.
Edited by tekio, 27 September 2009 - 02:00 PM.