SlideShare a Scribd company logo

Wireless Attacks

Download as PPTX, PDF
P
primeteacher32

This document discusses cracking WEP encryption on wireless networks. It explains that monitor mode allows a wireless card to capture all network traffic, including unencrypted data. It also describes how to use tools like aircrack-ng, wep_crack, and WEPAttack to perform dictionary attacks and brute force the 5 or 13 byte encryption keys by exploiting weaknesses in the WEP algorithm and capturing large numbers of packets with duplicate initialization vectors. With enough captured packets, these tools can typically recover WEP keys within minutes, regardless of the passphrase complexity.

Related slideshows

The CIA triad.pptx
The CIA triad.pptxThe CIA triad.pptx
The CIA triad.pptx
 
Network security
Network securityNetwork security
Network security
 
Wifi Security
Wifi SecurityWifi Security
Wifi Security
 
1 of 9
Chapter 12 Targeting the Network
 Wired Equivalent Privacy (WEP)  Wi-Fi Protected Access (WPA, WPA2)
 Types: ◦ Managed mode – What is typically used  Card passes only 802.3 data  Sniffing in this mode will NOT report management frames, control frames, or wireless-header data  Card will only pass to sniffer data on connected networks  Card automatically decrypts data ◦ Ad hoc mode – Used to form ad hoc networks ◦ Master mode – Wireless card acts as an access point ◦ Monitor mode (also called RFMON mode) – Receive-only mode  Card in this mode will pass to sniffer ALL data from ALL perceived networks (not just connected ones)  Data not decrypted by card
 Encryption key is a concatenation of: ◦ A five or thirteen byte pre-shared key (could be generated from a passphrase of other sizes) ◦ A three byte, non-secret initialization vector (IV)  Sent in packet  Varies from packet to packet  RC4 algorithm accepts encryption key and data length and generates a pseudorandom bit stream (PRGA) the size of the data
 PRGA is XORed with plaintext to generate ciphertext ◦ Recall the following: If C=A⊕B and D=C⊕B, then D=A ◦ So RC4 uses symmetrical encryption  We already know the IV, all we need to figure out is a five or thirteen byte PSK  Some WEP problems: ◦ Dictionary attacks work well, since people often use real words as their passphrases ◦ Weaknesses in the process (the Neesus Datacom algorithm) commonly used to transform passphrases into PSKs make the effective key length even smaller than the actual one (24 bits instead of 40, for example)
 Use a packet sniffer such as Wireshark, aerodump-ng or Kismet to capture data ◦ WNIC should be in monitor mode ◦ Need sufficient number of duplicate IVs; to get them:  Listen long enough  Generate IVs by replaying broadcasts (e.g., ARP requests)  Can guess that something is an ARP request if it is a broadcast with a 28-byte payload (68 byte total packet length)  Can use Aireplay-ng to retransmit ◦ With sufficient network traffic, ANY WEP password (regardless of complexity) can be broken
 wep_crack ◦ Can brute force any 5-byte PSK generated by the Neesus Datacom algorithm in under ten seconds ◦ Does NOT work with 13-byte PSK  WEPAttack ◦ Works with 5-byte and 13-byte PSKs ◦ Dictionary attack  Tries Neesus Datacomm algorithm  Tries truncating or padding dictionary words to 5 and 13 bytes  Aircrack-ng ◦ Utilizes the fact that there is known plaintext inside all encrypted packets (e.g., first two bytes of encrypted 802.2 header are always hex AAAA) ◦ Utilizes the duplicated IVs ◦ Can crack 13-byte PSKs in about two minutes with 95% success rate if it has 85,000 captured packets. (The more packets captured, the higher the success rate.)
 Basic Service Set Identifier (BSSID) – WAP’s MAC address  Extended Service Set Identifier (ESSID) – network’s name  Station (client) MAC address  A dictionary, possibly customized  Packet capture of initial handshake ◦ Wait for someone to connect to network ◦ Issue a deauth DoS (e.g., with aireplay-ng or airdrop-ng) ◦ To sniff the communication, use a program such as:  airodump-ng  Wireshark  kismet
 John the Ripper  aircrack-ng  coWPAtty

More Related Content

Wireless Attacks

  • 2.  Wired Equivalent Privacy (WEP)  Wi-Fi Protected Access (WPA, WPA2)
  • 3.  Types: ◦ Managed mode – What is typically used  Card passes only 802.3 data  Sniffing in this mode will NOT report management frames, control frames, or wireless-header data  Card will only pass to sniffer data on connected networks  Card automatically decrypts data ◦ Ad hoc mode – Used to form ad hoc networks ◦ Master mode – Wireless card acts as an access point ◦ Monitor mode (also called RFMON mode) – Receive-only mode  Card in this mode will pass to sniffer ALL data from ALL perceived networks (not just connected ones)  Data not decrypted by card
  • 4.  Encryption key is a concatenation of: ◦ A five or thirteen byte pre-shared key (could be generated from a passphrase of other sizes) ◦ A three byte, non-secret initialization vector (IV)  Sent in packet  Varies from packet to packet  RC4 algorithm accepts encryption key and data length and generates a pseudorandom bit stream (PRGA) the size of the data
  • 5.  PRGA is XORed with plaintext to generate ciphertext ◦ Recall the following: If C=A⊕B and D=C⊕B, then D=A ◦ So RC4 uses symmetrical encryption  We already know the IV, all we need to figure out is a five or thirteen byte PSK  Some WEP problems: ◦ Dictionary attacks work well, since people often use real words as their passphrases ◦ Weaknesses in the process (the Neesus Datacom algorithm) commonly used to transform passphrases into PSKs make the effective key length even smaller than the actual one (24 bits instead of 40, for example)
  • 6.  Use a packet sniffer such as Wireshark, aerodump-ng or Kismet to capture data ◦ WNIC should be in monitor mode ◦ Need sufficient number of duplicate IVs; to get them:  Listen long enough  Generate IVs by replaying broadcasts (e.g., ARP requests)  Can guess that something is an ARP request if it is a broadcast with a 28-byte payload (68 byte total packet length)  Can use Aireplay-ng to retransmit ◦ With sufficient network traffic, ANY WEP password (regardless of complexity) can be broken
  • 7.  wep_crack ◦ Can brute force any 5-byte PSK generated by the Neesus Datacom algorithm in under ten seconds ◦ Does NOT work with 13-byte PSK  WEPAttack ◦ Works with 5-byte and 13-byte PSKs ◦ Dictionary attack  Tries Neesus Datacomm algorithm  Tries truncating or padding dictionary words to 5 and 13 bytes  Aircrack-ng ◦ Utilizes the fact that there is known plaintext inside all encrypted packets (e.g., first two bytes of encrypted 802.2 header are always hex AAAA) ◦ Utilizes the duplicated IVs ◦ Can crack 13-byte PSKs in about two minutes with 95% success rate if it has 85,000 captured packets. (The more packets captured, the higher the success rate.)
  • 8.  Basic Service Set Identifier (BSSID) – WAP’s MAC address  Extended Service Set Identifier (ESSID) – network’s name  Station (client) MAC address  A dictionary, possibly customized  Packet capture of initial handshake ◦ Wait for someone to connect to network ◦ Issue a deauth DoS (e.g., with aireplay-ng or airdrop-ng) ◦ To sniff the communication, use a program such as:  airodump-ng  Wireshark  kismet
  • 9.  John the Ripper  aircrack-ng  coWPAtty

Editor's Notes

  1. Image taken from http://www.airtightnetworks.com/uploads/pics/Encryption_Decryption_WEP_01.png
  2. The use of keys in WPA and WPA2 is complex and beyond the scope of this course. If you are interested in reading about it, a good resource is available at http://www.og150.com/assets/Wireless%20Pre-Shared%20Key%20Cracking%20WPA,%20WPA2.pdf (Just be warned that they are hawking a product.)