Cracking the WEP

[IAteYourMother]

Do you guys know of any programs that can bypass WEP encryption for Windows. The only one I know of is airsnort.

 

[AkumaBao]

You are pretty mcuh stuck with that for cracking WEP keys. You can always get a FreeBSD or Linux bootable CD and use dwepcrack or kismet assuming your card is Prism2 based. Also, if you are a Mac user of any kind, you can use KisMac.

 

[monzi]

If your using windows, then linux bootable live cd is your best bet.

Your gonna have to figure out how to use it from there, unless you know linux, dont bother.

Setting up Kismet is a bitch and a half.

-monzi

 

[whalen]

AirDump and AirCrack are two tools that are available for windows. AirDump captures the IV's needed, and AirCrack cracks keys from the capture files.

 

[groovin]

wow,, no posts on this thread yet warning about asking blackhat questions on this forum.

 

[jtusa]

Originally posted by: groovin
wow,, no posts on this thread yet warning about asking blackhat questions on this forum.

Tools like this aren't just for bad. They are very useful for testing your own networks.

 

[Tarrant64]

Originally posted by: jtusa4

Originally posted by: groovin
wow,, no posts on this thread yet warning about asking blackhat questions on this forum.

Tools like this aren't just for bad. They are very useful for testing your own networks.

true. some companies use those tools to test their own security/stability on their networks.

 

[EvanAdams]

is knopix std for this?

 

[mboy]

I beleive airmagnet and comview for wifi can crack WEP keys as well, but they are not freely available tools. They can get pretty $$$$.

 

[groovin]

well, i never said this question was bad... i said no one had given a warning... warnings are not necesarily for the original poster as well. Ive read many security related questions in various forums that started off as harmless "how do i test my network" but ended up being an online How to 0wn your neighbor's wifi.

 

[JeffMD]

I havnt commented hoping it would go away, this isnt the right place. There is no positive effects to cracking wep. There is no situation where an admin would want to test if his wep can be cracked. It is pretty common knowledge that it ISN'T that hard to crack, and that any admin looking to actually secure there net from any cracker will want to use the new encryptions (which I belive havnt been cracked yet?).

 

[navyjay]

is knopix std for this?

Be cautious if you use Knoppix. Before trying anything with a bootable OS on CD, you need to back up your system!

I was trying it out of curiosity one day on my WinXP laptop. It didn't *break* it per se, but it definately modified something in Windows. My configuration when I rebooted in Windows had changed and was acting funny. For example, some windows for applications running in my taskbar were displayed next to the start menu that I've never seen before. I couldn't close them at all. After a couple more reboots, it seemed to go away, but I'm pretty sure my system hangs at random times now where I've never had this happen before.

 

[imported_gimper48]

There are plenty of "good" reasons for Admins to crack wep. If say you are using acls and other methods and want to see if those are holding by trying to crack the WEP. There are many applicable uses for testing with these tools. For one thing as a network admin you should at least know what "bad" people can see\do.

 

[JeffMD]

gimper.. learn to read. WEP CAN be cracked. theres NOTHING you can do or change or tweak to make it harder to crack. As an admin you would know this. There is NO..ZERO..ZILCH reason to hack your own wep.

 

[sp43t4r]

Sure there is a reason to TRY to crack your own WEP.

Maybe you are running a risk analysis and need metrics and documentation to prove to Upper Management that security provisions need upgrading/funding.

Maybe you want to see how long it takes to crack your WEP key. While WEP can be cracked, it should take longer with a longer key. Even though it can be cracked, length of time involved might make it secure ENOUGH.

I am sure we can come up with more reasons. Try thinking in a bigger scheme before you rip someone there slick.

- sp43t4r -

 

[jtusa]

Originally posted by: sp43t4r
Sure there is a reason to TRY to crack your own WEP.

Maybe you are running a risk analysis and need metrics and documentation to prove to Upper Management that security provisions need upgrading/funding.

Maybe you want to see how long it takes to crack your WEP key. While WEP can be cracked, it should take longer with a longer key. Even though it can be cracked, length of time involved might make it secure ENOUGH.

I am sure we can come up with more reasons. Try thinking in a bigger scheme before you rip someone there slick.

- sp43t4r -

That's what I was thinking as well. "Looking at the numbers" and documentation are everything. Management likes something in their hand that they can look at and quantify, not just a "Yeah, it can be cracked."

 

[ScottMac]

Length of the key is irrelevent: booth key lengths use a 24 bit IV.

Key length may come into play against a standard dictionary crack, but with a packet capture analysis, key length doesn't come into play at all.

FWIW

Scott

 

[InlineFive]

Originally posted by: jtusa4

Originally posted by: sp43t4r
Sure there is a reason to TRY to crack your own WEP.

Maybe you are running a risk analysis and need metrics and documentation to prove to Upper Management that security provisions need upgrading/funding.

Maybe you want to see how long it takes to crack your WEP key. While WEP can be cracked, it should take longer with a longer key. Even though it can be cracked, length of time involved might make it secure ENOUGH.

I am sure we can come up with more reasons. Try thinking in a bigger scheme before you rip someone there slick.

- sp43t4r -

That's what I was thinking as well. "Looking at the numbers" and documentation are everything. Management likes something in their hand that they can look at and quantify, not just a "Yeah, it can be cracked."

If you look at AirCrack it can bust an 128-Bit WEP key in about 30min. That's not secure.

 

[Triggerhappy007]

How do you know if WEP is enabled if you can see an AP with your wireless card?

 

[InlineFive]

Originally posted by: Triggerhappy007
How do you know if WEP is enabled if you can see an AP with your wireless card?

Any decent WiFi utility will pick up a network regardless of encryption. I've tried a couple of utilities and they all see mine as "SSID: Not broadcasted, Auth: WPA, Encrypt: AES-CCMP". The exception is the WinXP SP2 WiFi manager which doesn't see it if SSID is not broadcasted.

 

[ktwebb]

"I was trying it out of curiosity one day on my WinXP laptop. It didn't *break* it per se, but it definately modified something in Windows."

The bootable CD version of Knoppix runs solely off the CD. You can access your FAT or NTFS hard drive however and you may have done something to alter your windows settings. You'd have to do it actively however. Knoppix did not taint your windows installation.