1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

How To Crack WEP

Discussion in 'Computer Security' started by Mr.Cheeks, Sep 3, 2006.

  1. Mr.Cheeks

    Mr.Cheeks 1st ever Gold Member! Gold Member

    5,369
    85
    190
    Introduction

    Hundreds, perhaps thousands of articles have been written about the vulnerability of WEP (W ired E quivalent P rivacy), but how many people can actually break WEP encryption? Beginners to WEP cracking have often been frustrated by the many wireless cards available and their distribution-specific commands. And things are further complicated when the beginner is not familiar with Linux.

    In this three part series, we will give you a step by step approach to breaking a WEP key. The approach taken will be to standardize as many variables as possible so that you can concentrate on the mechanics of WEP cracking without being hindered by hardware and software bugs. The entire attack is done with publicly available software and doesn't require special hardware - just a few laptops and wireless cards....

    To read the full article, click here...

    Zeb - what are your views on this?

    btw: Pete said it was ok for me to publish this article.
     
  2. zebulebu

    zebulebu Terabyte Poster

    3,748
    330
    187
    LOL at anyone who even thinks WEP is remotely secure.

    This article stole my thunder somewhat - I was going to write a tutorial on how to do it with BackTrack, Kismet and AirSnarf, but this article pretty much covers everything your friendly neighbourhood script kiddie could wish for. I remember how cool it was the first time I managed to sniff enough traffic to crack a WEP key - nowadays I could do it in my sleep and it would take a fraction of the time it did when I first found out the technique.

    Incidentally - anybody sitting there looking smug 'cos they're running WPA, well WPA is crackable too. In fact, its quicker than rinsing WEP if you don't choose a strong passphrase. I'll post a tutorial on that in the next couple of weeks - since I've got some new guy starting at work and I want to walk him through a WLAN audit and the inherent insecurities associate with it. WPA is still pretty secure for most home users, provided you're sensible about the key you use (i.e. choose a long one and don't make it a dictionary word)

    Most secure you can get for wireless is WPA with RADIUS authentication - thats pretty much uncrackable (at present)
     
    Certifications: A few
    WIP: None - f*** 'em
  3. Sparky
    Highly Decorated Member Award

    Sparky Zettabyte Poster Moderator

    10,190
    296
    319
    I agree WEP is crap but what’s the deal with locking down your wireless connection by only allowing connections from a known MAC address, waste of time? :blink
     
    Certifications: MSc MCSE MCSA:M MCSA:S MCITP:EA MCTS(x5) Security+ Network+ A+
    WIP: Exchange 2007\2010
  4. zebulebu

    zebulebu Terabyte Poster

    3,748
    330
    187
    Absolutely.

    Its so trivial to change your MAC address that even clueless script kiddies can do it - so it represents absolutely no security at all other than protecting you from the most casual of attackers.

    In fact, I'd argue that, with the mindset of most wannabe hAx0r$ being what it is, you're probably MORE likely to become a target as they want to try and show you that they '0wN' you - and no feeble attempt at locking down your WAP is going to protect you from their 'skillz'

    I'll post a tutorial on changing your MAC later - I've got that knocking around somewhere from a couple of years back when I was consulting
     
    Certifications: A few
    WIP: None - f*** 'em
  5. Sparky
    Highly Decorated Member Award

    Sparky Zettabyte Poster Moderator

    10,190
    296
    319
    Sounds good, so is it easy to spoof a MAC address then? I have locked down wireless points (with WEP) before by only allowing one MAC address to connect (the laptop) and also switching off DHCP. Again this looks like a waste of time! 8)
     
    Certifications: MSc MCSE MCSA:M MCSA:S MCITP:EA MCTS(x5) Security+ Network+ A+
    WIP: Exchange 2007\2010
  6. zebulebu

    zebulebu Terabyte Poster

    3,748
    330
    187
    You can change your MAC in Windoze in lots of different ways - one of them (if your WNIC supports it) is so quick it will take you less than thirty seconds. Another way is to go through your registry and change it there. There are also third party tools that will do the job for you at the click of a button.

    I'll try and dig that tutorial out from somewhere
     
    Certifications: A few
    WIP: None - f*** 'em
  7. Sparky
    Highly Decorated Member Award

    Sparky Zettabyte Poster Moderator

    10,190
    296
    319

    Nice one, how would someone spoof a MAC address if they didnt know it? isnt there millions on combinations? 8)
     
    Certifications: MSc MCSE MCSA:M MCSA:S MCITP:EA MCTS(x5) Security+ Network+ A+
    WIP: Exchange 2007\2010
  8. Bluerinse
    Honorary Member

    Bluerinse Exabyte Poster

    8,871
    167
    256
    Yes, indeed I did. The reason that I think it's appropriate (in case anyone is wondering), is that everybody, especially if they are IT professionals, or they want to be, should be aware that WEP is not secure and hence not rely on it to protect your wireless network/s. Far too many people are using WEP still even though the information on how to crack it has been freely available to all and sundry on the net for yonks.

    Use WEP at your own risk! WPA as Zeb has stated is also no longer considered secure. WPA2 is the latest incarnation of WPA.

    Whether WPA2 is still secure or not, I will ask Zeb to clarify??
     
    Certifications: C&G Electronics - MCSA (W2K) MCSE (W2K)
  9. zebulebu

    zebulebu Terabyte Poster

    3,748
    330
    187
    WPA2 is still virtually uncrackable at present. Many, many people are working on it, and there have been rumours of some success, but I've yet to see any evidence of this. That said - I don't have my ear as firmly stuck to the ground as I used to, so it may well be that some nerds somehwere have already hung it out to dry :D

    Incidentally - WPA, provided you use a difficult passphrase, is still harder to crack than WEP. Whats frightening is that so many people believed the hype about it being 'infinitely more secure than WEP' that they configured it with relatively weak passwords - meaning it is often actually much QUICKER to crack than WEP by someone who knows what they are doing and is armed with the right tools. Cracking WPA only requires you to capture a few packets - and this can be achieved in seconds by implementing a widely-known ARP-replay attack - whereas cracking WEP will always take around 5-10 million captured packets to crack (that sounds like a lot but, on a reasonably busy WLAN, its only a couple of hours)
     
    Certifications: A few
    WIP: None - f*** 'em
  10. Theprof

    Theprof Petabyte Poster Forum Leader

    4,570
    68
    196
    this stuff is intereseting and Zeb thanks for letting us know some of the stuff, cause I did not know that about the WPA2, I knew that WEP wasnt secure, and hence I never used it, I always stuck with WPA, but WPA2 is something for me to read about now. Thanks again Zeb
     
    Certifications: A+ | CCA | CCAA | Network+ | MCDST | MCSA | MCP (270, 271, 272, 290, 291) | MCTS (70-662, 70-663) | MCITP:EMA | VCA-DCV/Cloud/WM | VTSP | VCP5-DT | VCP5-DCV
    WIP: VCAP5-DCA/DCD | EMCCA
  11. Boycie
    Honorary Member

    Boycie Senior Beer Tester

    6,281
    85
    174
    So let me get this right. WPA with a weak password is easier to crack than WEP? :blink

    Si
     
    Certifications: MCSA 2003, MCDST, A+, N+, CTT+, MCT
  12. Mr.Cheeks

    Mr.Cheeks 1st ever Gold Member! Gold Member

    5,369
    85
    190
    but people should use a strong password anyway, regardless of how uncrackable WPA or whatever is... if you use a weak password, expect to get penetrated hard...
     
  13. Jakamoko
    Honorary Member

    Jakamoko On the move again ...

    9,915
    60
    229
    OK, let's keep ourselves clean here ....

    IMPORTANT NOTICE:


    Please note that this post contains both facts and opinions as posted by this site's Members, and in no way constitutes the views, thoughts, beliefs, opinions or otherwise of CertForums. We in no way condone, or otherwise, any actions, techniques or suggestions posted here, and reserve the right to remove this thread at anytime if deemd to place CertForums in a legally unsound position.


    Now, back to the discussion (with the above in mind !! :D )
     
    Certifications: MCP, A+, Network+
    WIP: Clarity

Share This Page

Loading...