NetStumbler.org Forums

Go Back   NetStumbler.org Forums > Software > Unix/Linux
Reload this Page I cracked my own WEP
Register Search Today's Posts Mark Forums Read

Reply
Page 1 of 4 1 23 > Last »
 
LinkBack Thread Tools Display Modes
Old 02-12-2004   #1 (permalink)
Eyecannon
Ward River
 
Eyecannon's Avatar
 
Join Date: Aug 2002
Location: Santa Monix
Posts: 679
Lightbulb I cracked my own WEP
I figured this would be a nice place for people to post their results of cracking their own WEP. I finally got a second wireless card to execute this man in the middle type crack. I used the popular software airsnort to do the job.

It took just over a day, and I was maxing out the wireless network bandwidth I'd say 75% of the time. I restarted airsnort a few times so the total packet counts are way low, but the number of Interesting packets is correct, so it took ~4800 of them to get it. This is 64-bit WEP btw...

The total amount of data I had to capture was between 5-6GB. WEP is alot more insecure than I thought, but I am not worried, because a) i never max out my network bandwidth for long periods of time and b) there's no way my neighbors would even think to do such a thing. If you are running a network that you truly need secure, you need to use WPA or LEAP encryption, or tunnel important data thru SSH or something similar.

EDIT: access point is a Linksys WAP11 v1.1 running firmware 1.45.6, associated card is a Aironet/Dell 4800 PCI, and attack card is a ORiNOCO gold.
Attached Images
File Type: png wepcracked.png (34.2 KB, 1563 views)
__________________
No, officer, YOU are under arrest!

http://eyecannon.com/wardrive.html
Last edited by Eyecannon : 02-13-2004 at 01:27 PM.
Eyecannon is offline   Reply With Quote
Old 02-12-2004   #2 (permalink)
nashr
Uber Geek
 
nashr's Avatar
 
Join Date: Aug 2002
Location: Virginia
Posts: 1,615
SWEET! Unlike WarChalking, Wep Cracking is REAL!!!
__________________
Help! I've been Simpsonized!
nashr is offline   Reply With Quote
Old 02-12-2004   #3 (permalink)
ZipperSeven
...killed Darth Plaigus
 
ZipperSeven's Avatar
 
Join Date: Apr 2002
Location: Tallahassee, FL = Lower Georgia
Posts: 261
Thanks for the info...I know this is a 'controlled environment' but I have never seen a practical example of wep cracking. We were going to run a demo once for a security seminar but we didnt think we could get enough data moving over the network to have it cracked at the end of the session.
__________________
...from slashdot:

Quote:
Go over to the NetStumbler Forums if you want to see a prime example of moderators who simply do not take ANY shit from ANYone.
ZipperSeven is offline   Reply With Quote
Old 02-12-2004   #4 (permalink)
audit
Country Boy.
 
audit's Avatar
 
Join Date: Aug 2002
Location: Deep in the Woods.
Posts: 1,911
What type of cards and access points where you using?
__________________
audit

Blackberry Outage Mail List. Be the one of first people to know about RIM outages.
Blackberry Chat Mail List.
My day to day life.
audit is offline   Reply With Quote
Old 02-12-2004   #5 (permalink)
Eyecannon
Ward River
 
Eyecannon's Avatar
 
Join Date: Aug 2002
Location: Santa Monix
Posts: 679
Quote:
Originally posted by audit
What type of cards and access points where you using?
ahhh, first post edited
__________________
No, officer, YOU are under arrest!

http://eyecannon.com/wardrive.html
Eyecannon is offline   Reply With Quote
Old 02-12-2004   #6 (permalink)
Eyecannon
Ward River
 
Eyecannon's Avatar
 
Join Date: Aug 2002
Location: Santa Monix
Posts: 679
Quote:
Originally posted by ZipperSeven
Thanks for the info...I know this is a 'controlled environment' but I have never seen a practical example of wep cracking. We were going to run a demo once for a security seminar but we didnt think we could get enough data moving over the network to have it cracked at the end of the session.
That would probably be pretty difficult... perhaps additional associated clients would speed things up a little bit.
__________________
No, officer, YOU are under arrest!

http://eyecannon.com/wardrive.html
Eyecannon is offline   Reply With Quote
Old 02-12-2004   #7 (permalink)
ZipperSeven
...killed Darth Plaigus
 
ZipperSeven's Avatar
 
Join Date: Apr 2002
Location: Tallahassee, FL = Lower Georgia
Posts: 261
Yeah thats why we ended up dumping it. The only associated client was my box which I was running my presentation off of...could have gotten more but we didn't think that for the audience we were presenting to that it would have made that big of an impact. What was more important was to make people realize that it was possible.
__________________
...from slashdot:

Quote:
Go over to the NetStumbler Forums if you want to see a prime example of moderators who simply do not take ANY shit from ANYone.
ZipperSeven is offline   Reply With Quote
Old 02-12-2004   #8 (permalink)
King_Ice_Flash
Alien Paranoid Stumbler
 
King_Ice_Flash's Avatar
 
Join Date: May 2003
Location: WI
Posts: 2,629
I hope that is not the WEP key you are actually using.
__________________
"Yeah," said a voice from under the table, "you go to pieces so fast people get hit by the shrapnel."
King_Ice_Flash is offline   Reply With Quote
Old 02-12-2004   #9 (permalink)
gmiller220
People are dumb
 
gmiller220's Avatar
 
Join Date: Aug 2002
Posts: 466
Key point to your post I think is that it was 64bit wep. Now try it on 128bit and get back to us with those juicies.
__________________
"Got Google???" It does a Wifi Good
gmiller220 is offline   Reply With Quote
Old 02-12-2004   #10 (permalink)
ZipperSeven
...killed Darth Plaigus
 
ZipperSeven's Avatar
 
Join Date: Apr 2002
Location: Tallahassee, FL = Lower Georgia
Posts: 261
Ok so ignore for the fact that I am not the most savvy person in the world math-wise..but it was my understanding that one of the flaws with RC4 encryption (the encryption behind WEP) was known to be flawed because of the intialization vectors. What I had heard was that if anything, 128 bit was easier to break with this method because of the larger keyspace. Now, like I said, I don't claim to fully understand this...i know pretty much what can and can't be done with WEP but I never got into the guts of encryption.

Anyone here want to correct/clear up this issue for me?
__________________
...from slashdot:

Quote:
Go over to the NetStumbler Forums if you want to see a prime example of moderators who simply do not take ANY shit from ANYone.
ZipperSeven is offline   Reply With Quote
Old 02-12-2004   #11 (permalink)
Eyecannon
Ward River
 
Eyecannon's Avatar
 
Join Date: Aug 2002
Location: Santa Monix
Posts: 679
Quote:
Originally posted by King_Ice_Flash
I hope that is not the WEP key you are actually using.
Why? I don't think it makes it any easier/harder to crack...

Quote:
Originally posted by gmiller220
Key point to your post I think is that it was 64bit wep. Now try it on 128bit and get back to us with those juicies.
From what I've read, it scales linearly, so 128-bit should take twice as long or so as 64-bit. I keep my WEP at 64-bit so my friend who has a 64-bit card can use my AP.
__________________
No, officer, YOU are under arrest!

http://eyecannon.com/wardrive.html
Eyecannon is offline   Reply With Quote
Old 02-12-2004   #12 (permalink)
The Others
PeaceDriver
 
The Others's Avatar
 
Join Date: Apr 2002
Location: Dos Palabras, Mandoras
Posts: 2,920
Quote:
Originally posted by Eyecannon
Why? I don't think it makes it any easier/harder to crack...
It wouldn't, no, but we all know your WEP pass now A quick look on wigle and you could have masses of geeks outside your house in seconds, all using your AP. Also, it could be thought of as guessible.

I'd like to see this using the orinoco card as a client, because o its weak IV filtering rules, and having the prism card as a man in the middle.

Otherwise, it's all very cool

------------------------------------------------------------------------------------

edit:

Drive here and use the settings shown above...

I'd change the WEP, nd bump it up to 128...
__________________
all good ends all

?u=273
Last edited by The Others : 02-12-2004 at 12:23 PM.
The Others is offline   Reply With Quote
Old 02-12-2004   #13 (permalink)
Eyecannon
Ward River
 
Eyecannon's Avatar
 
Join Date: Aug 2002
Location: Santa Monix
Posts: 679
That explains the van parked in my driveway

Too bad I already changed the key
__________________
No, officer, YOU are under arrest!

http://eyecannon.com/wardrive.html
Eyecannon is offline   Reply With Quote
Old 02-12-2004   #14 (permalink)
The Others
PeaceDriver
 
The Others's Avatar
 
Join Date: Apr 2002
Location: Dos Palabras, Mandoras
Posts: 2,920
Quote:
Originally posted by Eyecannon
Too bad I already changed the key
You've just disapointed many spamming leachs, they depend on the genorsity of the insecure.

Not to pry too much, I'll stop now, but what I discovered was fantastic. You live near "Stoner recreation ground" and "stoner avenue"?! Amazing.
__________________
all good ends all

?u=273
The Others is offline   Reply With Quote
Old 02-12-2004   #15 (permalink)
Eyecannon
Ward River
 
Eyecannon's Avatar
 
Join Date: Aug 2002
Location: Santa Monix
Posts: 679
Quote:
Originally posted by The Others
You've just disapointed many spamming leachs, they depend on the genorsity of the insecure.

Not to pry too much, I'll stop now, but what I discovered was fantastic. You live near "Stoner recreation ground" and "stoner avenue"?! Amazing.
Yes... we tried to find a place to live on Stoner Ave but there was nothing available at the time... a kickass spot on that street opens up a month after we move to our present location Didn't know about stoner recreation ground... I thought that was my livingroom
__________________
No, officer, YOU are under arrest!

http://eyecannon.com/wardrive.html
Eyecannon is offline   Reply With Quote
Reply
Page 1 of 4 1 23 > Last »

« linux-wlan-ng-0.2.1-pre26 and NL-2511 | Decrypting captured WEP packets. »

Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



Google
 
Web NetStumbler.org

All times are GMT -7. The time now is 10:20 PM.

Contact Us - NetStumbler.org - NetStumbler.com - Online Backup - Archive - Top

Powered by vBulletin® Version 3.6.8
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO 3.0.0 ©2007, Crawlability, Inc.


All messages express the views of the author and are for entertainment purposes only. Netstumbler.org cannot be held responsible for the authenticity of the content or the actions of its members. By using this site and its services, you warrant that you will not post any messages that are discriminating, obscene, hateful, threatening, or otherwise violates any laws and you release Netstumbler.org from any future claims of any kind whatsoever including, but not limited to, addiction and loss of productivity. All forum messages, private messages and any other content are properties of Netstumbler.org. Even if publicly available, personal or copyrighted information are not to be posted without the consent of the owner. Distribution of licensed and copyrighted materials in any way not endorsed by the copyright owner is strictly prohibited. You may not use this site and its resources to spam other sites or individuals or perform any action that violates any law. Items sold or bought in the For Sale forum are sold as is and no warranty or insurance of any kind is provided. Netstumbler.org cannot be held responsible for the outcome of any transactions and no warranty of any kind is provided, either express or implied. Vulgar words are not allowed in the subject lines ; they may be used in the message body in any forum. The Administrator, Super Moderators and Moderators of Netstumbler.org have the right to remove, edit, move or close any thread for any reason and to reveal your identity and other known information in the event of a complaint or legal action arising from any message posted by you.