802.11 Security: WPA/WPA2 Cracking Constan'nos Kolias George Mason - - PowerPoint PPT Presentation

802 11 security wpa wpa2 cracking
SMART_READER_LITE
LIVE PREVIEW

802.11 Security: WPA/WPA2 Cracking Constan'nos Kolias George Mason - - PowerPoint PPT Presentation

Jan 09, 2024 575 likes •896 views

802.11 Security: WPA/WPA2 Cracking Constan'nos Kolias George Mason University kkolias@gmu.edu Wireless Communica>ons Transmission of data without the use of wires Few cm to several km Modula'on of radio waves modula'on is the

slide-1
SLIDE 1

802.11 Security: WPA/WPA2 Cracking

Constan'nos Kolias George Mason University kkolias@gmu.edu

slide-2
SLIDE 2

Wireless Communica>ons

  • Transmission of data without the use of wires
  • Few cm to several km
  • Modula'on of radio waves
  • modula'on is the process of varying one or more proper'es of a periodic waveform
  • with a modula'ng signal that typically contains informa'on
  • Federal Communica'ons Commission (FCC) regulates the use of the radio

specturm

  • 9kHz to 300Ghz
  • hHps://en.wikipedia.org/wiki/Radio_spectrum
  • Parts of the radio spectrum are allocated for different applica'ons
  • Some parts are sold or licensed to operators
  • Some parts are free
slide-3
SLIDE 3

Advantages & Disadvantages

  • Makes communica'on possible where cables don’t reach
  • Convenience
  • The air medium is open to everyone
  • The boundaries of a transmission cannot be confined
slide-4
SLIDE 4

WiFi

  • Commercial name of the protocol IEEE 802.11
  • It is one of the most ubiquitous wireless networks
  • Home Networks
  • Enterprise Networks
  • Communica'on is based on frames
  • Essen'ally is sequence of bits
  • 802.11 defines the meaning
  • Vendors implement the protocol
  • 2.4Ghz Industrial Scien'fic Medical (ISM) and 5Ghz
  • Range depends on transmission power, antenna type, the country, and the

environment

  • Typical 100^
slide-5
SLIDE 5

Channels

  • The equipment can be set in
  • nly one channel at a 'me
  • Each country has its own rules
  • Allowed bandwidth
  • Allowed power levels
  • Stronger signal is preferred
slide-6
SLIDE 6

Modes of Opera>on

  • Master
  • Acts as an AP
  • Managed
  • Acts as a client, the default mode
  • Ad Hoc
  • No AP, direct communica'on, no mul'-hop
  • Mesh
  • No AP, direct communica'on, mul'-hop
  • Repeater
  • Repeats incoming signals
  • Promiscuous
  • Monitor all traffic of a network, requires associa'on
  • Monitor
  • Monitor all traffic, no associa'on required
slide-7
SLIDE 7

Deployment Architectures

Infrastructure P2P/Ad-hoc

slide-8
SLIDE 8

Frame Types

  • Management
  • Ini'aliza'on, maintain and

finaliza'on

  • Control
  • Management of the data

exchange

  • Data
  • Encapsula'on of informa'on
  • hHp://www.willhackforsushi.com/papers/

80211_Pocket_Reference_Guide.pdf

slide-9
SLIDE 9

Introduc>on

slide-10
SLIDE 10

Beaconing

  • The AP adver'se their presence
  • Once every 100ms
  • They transmit a message of type Beacon
  • It contains the name of the network (SSID)
  • Capabili'es
slide-11
SLIDE 11

802.11 Security Modes: Open Access

  • Open Access
  • No protec'on (whitelists)
slide-12
SLIDE 12

802.11 Security Modes:WEP

  • Based on RC4 Encryp'on
  • Broken
slide-13
SLIDE 13

802.11 Security Modes: WPA/WPA2

  • Based on AES
  • Much more secure
  • Current standard
slide-14
SLIDE 14

States of a Client

slide-15
SLIDE 15

WPA2

slide-16
SLIDE 16

Key Hierarchy

slide-17
SLIDE 17

WPA/WPA2 Four Way Handshake

Client AP Passphrase Passphrase

slide-18
SLIDE 18

WPA/WPA2 Four Way Handshake

Client AP Passphrase Passphrase Compute PSK Compute PSK Compute PMK (= PSK) Compute PMK (= PSK)

slide-19
SLIDE 19

Computa>on of PSK

  • Passphrase is a secret “phrase” you

choose during the AP configura'on

  • 8-63 characters long
  • It is also the secret you insert in

your device when you connect to a network

  • SSID is the name of network
  • PBKDF2 hashes 3 components

4096 'mes

  • Heavy computa'on

PBKDF2 Passphrase SSID SSID Length PSK

slide-20
SLIDE 20

WPA/WPA2 Four Way Handshake

Client AP Passphrase Passphrase Compute PSK Compute PSK Nonce_A Compute PMK (= PSK) Compute PMK (= PSK)

slide-21
SLIDE 21

WPA/WPA2 Four Way Handshake

Client AP Passphrase Passphrase Compute PSK Compute PSK Nonce_A Compute PTK Compute PMK (= PSK) Compute PMK (= PSK)

slide-22
SLIDE 22

Computa>on of PTK

  • PMK is derived from the

Passphrase

  • Nonce_A is a random number

chosen by the AP and received through the first message

  • Nonce_C is a random number

chosen by the client

  • MAC_A the hardware address of

the AP

  • MAC_C the hardware address of

the client

PMK Nonce_A Nonce_C PTK MAC_A MAC_C

slide-23
SLIDE 23

WPA/WPA2 Four Way Handshake

Client AP Passphrase Passphrase Compute PSK Compute PSK Nonce_A Compute PTK Compute PMK (= PSK) Compute PMK (= PSK) Nonce_C + MIC

slide-24
SLIDE 24

WPA/WPA2 Four Way Handshake

Client AP Passphrase Passphrase Compute PSK Compute PSK Nonce_A Compute PTK Compute PMK (= PSK) Compute PMK (= PSK) Nonce_C + MIC Verify MIC Authen'cate Client

slide-25
SLIDE 25

WPA/WPA2 Four Way Handshake

Client AP Passphrase Passphrase Compute PSK Compute PSK Nonce_A Compute PTK Compute PMK (= PSK) Compute PMK (= PSK) Nonce_C + MIC Verify MIC Authen'cate Client Key Installa'on + MIC

slide-26
SLIDE 26

WPA/WPA2 Four Way Handshake

Client AP Passphrase Passphrase Compute PSK Compute PSK Nonce_A Compute PTK Compute PMK (= PSK) Compute PMK (= PSK) Nonce_C + MIC Verify MIC Authen'cate Client Key Installa'on + MIC Verify MIC Authen'cate AP

slide-27
SLIDE 27

WPA/WPA2 Four Way Handshake

Client AP Passphrase Passphrase Compute PSK Compute PSK Nonce_A Compute PTK Compute PMK (= PSK) Compute PMK (= PSK) Nonce_C + MIC Verify MIC Authen'cate Client Key Installa'on + MIC Key Installed + MIC Verify MIC Authen'cate AP

slide-28
SLIDE 28

Cracking WPA/WPA2

  • If aHacker is present at a 4-way handshake
  • Nonce_A
  • Nonce_C
  • MAC_A
  • MAC_C
  • BUT NOT PMK
  • He must compute the PMK
  • To compute the PMK(=PSK)
  • SSID
  • SSID length
  • BUT NOT passphrase
  • What can he do???
slide-29
SLIDE 29

Cracking WPA/WPA2

  • Create a dic'onary of possible passphrases
  • hHp://www.aircrack-ng.org/doku.php?id=faq#where_can_i_find_good_wordlists
  • Choose a passphrase
  • Create the PMK
  • Use to PMK to produce PTK
  • Use this key to generate the MIC of message 3
  • If the MICs match the correct passphrase was used
  • If not…repeat
slide-30
SLIDE 30

Lab Setup

  • External card
  • Alpha AWUS036H
  • Provides stronger signal
  • AP
  • WNDR3700
  • WNR1000
  • Linksys WRT54GL
  • OS
  • Kali Linux on VM
  • So^ware pen-tes'ng tools
slide-31
SLIDE 31

Other AQacks

  • Deauthen'ca'on Flooding
  • Make everyone loose their connec'on
  • Beacon Flooding
  • Flood a client with fake network names
  • Authen'ca'on Request Flooding
  • Burden the AP with invalid authen'ca'on requests
  • Evil Twin
  • Create a network with the same name in which the aHacker can see

everything

  • Crack the key (WEP)