Crack WEP Lab Last Update 2014.08.12 1.1.0 1Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com.

Slides:



Advertisements
Similar presentations
FatMax Licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 2.5 LicenseCreative Commons Attribution-NonCommercial-ShareAlike 2.5.
Advertisements

Overview How to crack WEP and WPA
AARP Tax-Aide Sonoma/Napa District Bill Dornbush, TC Guide to Printer Sharing.
1 Practical stuff Crack the WPA key of this laptop. SSID: « Philips WiFi » Password list and cowpatty table available on CD (only useful today).
Copyright Kenneth M. Chipps Ph.D. Cisco CCNA Exploration CCNA 2 Routing Protocols and Concepts Chapter 7 RIP Version 2 Last Update.
Copyright 2014 Kenneth M. Chipps Ph.D. Software Defined Networking Lab Using Mininet and the POX Controller Last Update
ACM Wi-Fi Workshop Presented By: Chris Rawlings Brad Emge.
PPPoE Last Update Copyright Kenneth M. Chipps Ph.D. 1.
Microsoft Virtualization Last Update Copyright 2011 Kenneth M. Chipps Ph.D.
Wireless Cracking By: Christopher Zacky.
Crack WPA Lab Last Update Copyright 2014 Kenneth M. Chipps Ph.D.
WLAN Security: Cracking WEP/WPA
Attack and Defense in Wireless Networks Presented by Aleksandr Doronin.
Getting your Arduino to Work: Microsoft Windows 1.Install Arduino programming environment 2.Install Arduino Uno driver 3.Make sure you can download a program.
Copyright 2009 Kenneth M. Chipps Ph.D. Host Addressing Last Update
Lab6 – Debug Assembly Language Lab
1 MD5 Cracking One way hash. Used in online passwords and file verification.
The Trouble with WEP Or, cracking WiFi networks for fun & profit (not really) Jim Owens.
COMPREHENSIVE Windows Tutorial 10 Improving Your Computer’s Performance.
Downloading and Installing AutoCAD Architecture 2015 This is a 4 step process 1.Register with the Autodesk Student Community 2.Downloading the software.
Copyright Kenneth M. Chipps Ph.D. How to Use SNMP to Collect Network Data Last Update
Check Disk. Disk Defragmenter Using Disk Defragmenter Effectively Run Disk Defragmenter when the computer will receive the least usage. Educate users.
Integrity Check As You Well Know, It Is A Violation Of Academic Integrity To Fake The Results On Any.
Installation Ubuntu for Libraries. Step 1: Download Head on to Pick Ubuntu LTS; just click the big orange.
Thick v Thin Access Points Lab Last Update Copyright 2014 Kenneth M. Chipps Ph.D.
Capturing Wireless Frames With A NIC Last Update Copyright 2012 Kenneth M. Chipps Ph.D.
Systems Software Operating Systems.
Software Development. Chapter 3 – Your first Windows 8 app.
MIS Week 11 Site:
Dainis Krakops’ Wireless Network MOTOROLA SURFboard SB5101 CABLE MODEM Enables cable operators to provide broadband Internet connection for my LAN devices.
Guide to Wireless Printing AARP Tax-Aide Sonoma County Bill Dornbush, TC.
Wireless Networking 102.
System Resources INFO1119 (Fall 2012).
DWR-113 FAQ’s 3G WiFi Router.
Shark: A Wireless Internet Security Test Bed Senior Design Project May07-09 Stephen Eilers Jon Murphy Alex Pease Jessica Ross.
NUMOSS NURUL ‘IZZATI BINTI OTHMAN A
Lab How to Use WANem Last Update Copyright 2011 Kenneth M. Chipps Ph.D. 1.
How to Download and Install a Print Driver on a Windows PC.
1999 Cabletron Systems. Wireless Networking RoamAbout RoamAbout Installation Installation/Configuration of: Network adapter card on a: Windows 95 system.
Ethical Hacking Defeating Wireless Security. 2 Contact Sam Bowne Sam Bowne Computer Networking and Information Technology Computer Networking and Information.
Citrix Virtualization Last Update Copyright 2011 Kenneth M. Chipps Ph.D.
Instructor: Chris Trenkov Hands-on Course Python for Absolute Beginners (Spring 2015) Class #001 (January 9, 2015)
Wireless Network Security Dr. John P. Abraham Professor UTPA.
Xen Virtualization Last Update Copyright 2011 Kenneth M. Chipps Ph.D.
1 C-DAC/Kolkata C-DAC All Rights Reserved Computer Security.
1. Insert the Resource CD into your CD-ROM drive, click Start and choose Run. In the field that appears, enter F:\XXX\Setup.exe (if “F” is the letter of.
Hosted Virtualization Lab Last Update Copyright Kenneth M. Chipps Ph.D.
Wireless Encryption: WEP and cracking it. Eric Shea.
Hands-On Ethical Hacking and Network Defense Lecture 14 Cracking WEP Last modified
IST 222 Day 3. Homework for Today Take up homework and go over Go to Microsoft website and check out their hardware compatibility list.
KSU 2015-Summer Cyber Security | Group 1 | Seul Alice Bang Get a Wifi Password.
Wireless Security John Himmelein Erick Andrew Christian Adam Varun Bapna.
Myrtle Entertainment System Scanner How to work your way to installing a program via Myrtle Entertainment System Scanner.
An operating system (OS) is a collection of system programs that together control the operation of a computer system.
How to Recover Deleted Photos from Android Cell Phone? Android is keeping on improving their products and make sure to provide the best software service.
“Candidates were not advantaged by defining every type of operating system provided as examples in the explanatory notes of the standard. Candidates who.
Advance startup options Shift Restart. Restart options.
Troubleshooting Dashhawk Issues. Here's what you have to do to have the DashHawk run properly Go to the ACTUAL PROGRAM file (not the short cut)
OSA vs WEP WPA and WPA II Tools for hacking
Chapter Objectives In this chapter, you will learn:
Wireless Attacks: WEP Module Type: Basic Method Module Number: 0x00
Presented By: Rohit Maurya
We will talking about : What is WAP ? What is WAP2 ? Is there secure ?
Advanced Penetration testing
Only For Education Purpose
Hacking Wi-Fi Beyond Script Kiddie and WEP
Advanced Penetration testing
Breaking into Wi-Fi Networks
Advanced Penetration testing
Department of Engineering Science EE 465 (CES 440) - Intro
Presentation transcript:

Crack WEP Lab Last Update Copyright 2014 Kenneth M. Chipps Ph.D.

Objective In this lab we will see how to recover the WEP PSK using the tools included with Kali Linux Copyright 2014 Kenneth M. Chipps Ph.D. 2

Source This lab is based on the article –Tutorial: Simple WEP Crack from the aircrack-ng.org website Copyright 2014 Kenneth M. Chipps Ph.D. 3

Equipment Used In this example the wireless network will be created using a Linksys WAP55AG access point with these settings Copyright 2014 Kenneth M. Chipps Ph.D. 4

WAP55AG Wireless Networks Copyright 2014 Kenneth M. Chipps Ph.D. 5

WAP55AG WEP Key Copyright 2014 Kenneth M. Chipps Ph.D. 6

Equipment Used To recover the WEP key, tools included with Kali Linux will be run from a Virtual Box virtual machine The wireless NIC attached to the computer running the virtual machine is an Alfa AWUS036H This NIC was selected as it is supported natively by both Windows and Linux Copyright 2014 Kenneth M. Chipps Ph.D. 7

Equipment Used It also can inject frames into the network which is a requirement for this method Copyright 2014 Kenneth M. Chipps Ph.D. 8

Install the NIC Plug the Alfa NIC into the computer with just the base operating system running Let the operating system install the driver and activate the NIC Copyright 2014 Kenneth M. Chipps Ph.D. 9

Create the Virtual Machine Start Virtual Box Using the normal procedures create a virtual machine using these settings –Operating System Ubuntu 32 bit –Memory 1024 –Hard Drive Size 16 Copyright 2014 Kenneth M. Chipps Ph.D. 10

Install Kali Linux Copy Kali Linux to a location on the computer where you can find it Start the virtual machine created above When it asks for the location of the operating system file, click on the small file folder and select the location of the Kali Linux iso file Wait for Kali Linux to load and run Copyright 2014 Kenneth M. Chipps Ph.D. 11

Attach NIC to Kali Linux As the wireless NIC is a USB device it must be attached to this virtual machine To do this in Virtual Box from the Kali Linux virtual machine menu bar select –Devices USB Devices –The name of the wireless NIC The device driver for the virtual machine will be loaded Copyright 2014 Kenneth M. Chipps Ph.D. 12

Attach NIC to Kali Linux The wireless NIC will appear in Kali Linux Copyright 2014 Kenneth M. Chipps Ph.D. 13

WEP Key Recovery Method WEP is a perfectly acceptable method to use to restrict access to an based wireless network in the appropriate environment For example, where I live the nearest neighbor is about ½ a mile away To access a wireless network I might secure with WEP someone would have to be on my property or in a neighbor’s field Copyright 2014 Kenneth M. Chipps Ph.D. 14

WEP Key Recovery Method In addition they would have to know the procedure for cracking a WEP key This is not very likely where I live If nothing else is available WEP might then be a suitable security method On the other hand if this wireless network was in a college dormitory populated by engineering or IT majors, then WEP would be a poor choice Copyright 2014 Kenneth M. Chipps Ph.D. 15

WEP Key Recovery Method Why is WEP so easy to break Recall that the key to breaking a code is repetition of something in the traffic WEP’s use of an initialization vector which is repeated is the lock which is easily broken Let’s go break this lock Copyright 2014 Kenneth M. Chipps Ph.D. 16

WEP Key Recovery Method The method used here is to utilize aireplay-ng to replay an ARP frame in order to generate new unique initialization vectors Then aircrack-ng uses these new unique IVs to crack the WEP key ARP frames are created in order to have enough traffic on the network to create the number of IVs needed Copyright 2014 Kenneth M. Chipps Ph.D. 17

WEP Cracking Steps The steps required to break WEP are –Start the wireless interface in monitor mode on the channel being used by the access point –Ensure that the wireless NIC can inject frames into the wireless stream Copyright 2014 Kenneth M. Chipps Ph.D. 18

WEP Cracking Steps –Start airodump-ng on the channel with a filter based on the access point’s MAC address to collect the new unique IVs –Use aireplay-ng to perform a fake authentication with the access point –Start aireplay-ng in ARP request replay mode to inject packets –Run aircrack-ng to crack the key using the IVs collected Copyright 2014 Kenneth M. Chipps Ph.D. 19

Start NIC in Monitor Mode The NIC needs to be in monitor mode so that it can hear all wireless frames instead of just the ones addressed to it A frame from this inclusive stream will be selected for injection back into the stream Copyright 2014 Kenneth M. Chipps Ph.D. 20

Start NIC in Monitor Mode To do this start a terminal session Stop the NIC by entering where wlan0 is the name of the NIC you are using as displayed from the Linux command line using the iwconfig program –airmon-ng stop wlan0 Run iwconfig again to be sure there are no other wireless NICs running Copyright 2014 Kenneth M. Chipps Ph.D. 21

Start NIC in Monitor Mode Start the NIC in monitor mode –airmon-ng start wlan0 6 where 6 is the channel number the access point is using The OS should report that the NIC is in monitor mode It may take a minute or so It should look similar to this Copyright 2014 Kenneth M. Chipps Ph.D. 22

Start NIC in Monitor Mode Copyright 2014 Kenneth M. Chipps Ph.D. 23

Start NIC in Monitor Mode If it also lists some processes that need to be turned off so that they do not interfere with this process turn them off using the kill command For example in my case –kill 2479 –kill 2509 –kill 3381 Copyright 2014 Kenneth M. Chipps Ph.D. 24

Test Frame Injection To test the ability of the NIC to send frames to the access point by running this command all on one line –aireplay-ng -6 –e linksys-g –a 00:0C:41:14:A4:BB wlan0 where -6 is the channel, linksys-g is the SSID, and 00:0C:41:14:A4:BB is the MAC address of the access point Copyright 2014 Kenneth M. Chipps Ph.D. 25

Test Frame Injection The system should respond with a message saying that the injection worked Copyright 2014 Kenneth M. Chipps Ph.D. 26

Test Frame Injection Copyright 2014 Kenneth M. Chipps Ph.D. 27

Capture IVs With Airodump-ng Now we will generate the IVs we need to have enough to break WEP Start another terminal session Run this command all on one line –airodump-ng –c 6 --bssid 00:0C:41:14:A4:BB –w output wlan0 Copyright 2014 Kenneth M. Chipps Ph.D. 28

Capture IVs With Airodump-ng –where 6 is the channel, 00:0C:41:14:A4:BB is the MAC address of the access point, output is the file name the system will store the data in, and wlan0 is the name of the NIC Copyright 2014 Kenneth M. Chipps Ph.D. 29

Authenticate With Aireplay-ng An access point will not accept a frame from a device that is not authenticated It tracks this by MAC address A MAC address of an already associated NIC can be used or a fake authentication session can be created We will use the fake authentication method Copyright 2014 Kenneth M. Chipps Ph.D. 30

Authenticate With Aireplay-ng Open another terminal session All on one line run the command –aireplay-ng e linksys-g -a 00:0C:41:14:A4:BB -h 00:0F:B5:88:AC:82 wlan0 Copyright 2014 Kenneth M. Chipps Ph.D. 31

Authenticate With Aireplay-ng where 1 is for fake authentication, 0 is the reassociation time in seconds, linksys-g is the SSID, 00:0C:41:14:A4:BB is the MAC address of the access point, and 00:0F:B5:88:AC:82 is the NIC MAC address Copyright 2014 Kenneth M. Chipps Ph.D. 32

Authenticate With Aireplay-ng Copyright 2014 Kenneth M. Chipps Ph.D. 33

Start Aireplay-ng in ARP Mode Aireplay-ng is used now to listen for ARP requests and then reinject them back into the network in order to generate IVs Anything could be used that will cause the access point to create an IV ARP is just convenient for this purpose All on one line run this command –aireplay-ng -3 -b 00:0C:41:14:A4:BB -h 00:0F:B5:88:AC:82 wlan0 Copyright 2014 Kenneth M. Chipps Ph.D. 34

Run Aircrack-ng The last step is to use aircrack-ng to recover the key by examining the output file just created Start another console session and enter – aircrack-ng -b 00:0C:41:14:A4:BB output*.cap Let it run In a minute or two we will have the answer Copyright 2014 Kenneth M. Chipps Ph.D. 35

WEP Key Recovered In the case as the aircrack-ng terminal screen shows it is AA:BB:CC:DD:EE:FF Copyright 2014 Kenneth M. Chipps Ph.D. 36

WEP Key Recovered Copyright 2014 Kenneth M. Chipps Ph.D. 37

Finish the Lab Stop all of the programs running in the terminal windows by using Ctrl C Close all of the terminal windows Logout of Kali Linux Stop the virtual machine Copyright 2014 Kenneth M. Chipps Ph.D. 38

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.