CEH.V6.-.Module.20.Hacking.Wireless.Networks

CEH.V6.Module.20.Hacking.Wireless.Networks

Info iconThis preview shows page 1. Sign up to view the full content.

View Full Document Right Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited WEP Tool: WEPCrack WEPCrack is an open source tool for breaking 802.11 WEP secret keys This tool is an implementation of the attack described by Fluhrer, Mantin, and Shamir in the paper “Weaknesses in the Key Scheduling Algorithm of RC4” While AirSnort has captured the media attention, WEPCrack was the first publicly available code that demonstrated the above attack The current tools are Perl-based and are composed of the following scripts: • WeakIVGen.pl • prism-getIV.pl • WEPCrack.pl Source: wepcrack.sourceforge.net EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited WEPCrack: Screenshot EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited WEP Tool: WepLab WepLab is a tool designed to teach how WEP works, what different vulnerabilities it has, and how they can and be used in practice to break a WEP protected wireless network WEP WepLab acts as a WEP Security Analyzer and a WEP Key Cracker WepLab tries to break the WEP key using several known attacks: • Bruteforce • Dictionary • Statistical attacks EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited WepLab: Screenshot 1 WepLab WepLab starting to crack a pcap file by a statistical attack EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited WepLab: Screenshot 2 WepLab showing progress information in a statistical attack EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited WepLab: Screenshot 3 WepLab showing analyzing process information of a pcap fil file EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Attacking WPA Encrypted Networks Networks WPA utilizes a 256-bit pre-shared key or a passphrase that can vary in length from eight to sixty-three bytes Short passphrase-based keys (less than 20 bytes) are vulnerable to the offline dictionary attack The pre-shared key that is used to set up the WPA encryption can be captured during the initial communication between the access point and the client card After capturing pre-shared key, it is easy to “guess” the WPA key using the same concepts that are used in any password dictionary attack EC-Council Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Attacking WEP with WEPCrack on on Windows using Cygwin WEPCrack is a set of Open Source PERL scripts intended to break 802 802.11 WEP secret keys Cygwin is a Linux-like environment for Windows that consists of a DLL DLL (cygwin1.dll) EC-Council Executing WEPCrack.pl in Cygwin Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited Attacking WEP with WEPCrack on Windows using PERL Interpreter ActiveState ActivePerl (www.activestate.com), provides a robust PERL development environment that is native to Windows Wi WEPCrack was written so that it could be ported to any platform that has a PERL interpreter without modif...
View Full Document

This note was uploaded on 02/12/2013 for the course CEH v6 taught by Professor John during the Summer '13 term at West Point.

Ask a homework question - tutors are online