Jump to content

Network encryption cracking

Add links
From Wikipedia, the free encyclopedia
This is an old revision of this page, as edited by 82.31.144.96 (talk) at 20:47, 11 October 2008 (AirSnort). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

Network encryption cracking is the breaching of network encrptions (eg WEP, WPA, ...), usually trough the use of a special encryption cracking software. It may be done trough a range of attacks (active and passive) including injecting traffic, decrypting traffic and dictonary-based attacks.

Methods

As mentioned above, several types of attacks are possible. More precisely they are:

  • Decrypting traffic based on tricking access points (active attack)
  • Injecting traffic based on known plaintext (active attack)
  • Gathering traffic and performing brute force/dictionary based attacks
  • Decrypting traffic using statistical analysis (passive attack)

Injecting traffic

Injecting traffic means inserting forged encrypted messages into the network. It may be done if either the key is known (to generate new messages), but also if the key is not known and only a encrypted message and plaintext message is gathered, trough comparisation of the two. Programs able to do the latter are Aireplay and WepWedgie.

Decrypting

Decryption often requires 2 tools; 1 for gathering packets and another for analysing the packet and determining the key. Gathering packets may be done trough tools as WireShark, Prismdump, ... and cracking may be done trough tools as WEPCrack, AirSnort, AirCrack, WEPLab, ...

When gathering packets, often a great amount of them are required to perform cracking. Depending on the attack used, 5-16 million frames may be required. The attack-command itself however is surprisingly simple. Some examples:

WEPCrack

Commands to be inputted into WEPCrack are:
perl \progra~1\wepcrack\pcap-getIV.pl
This command generates a log-file (ivfile.log) from a captured packet obtained by WireShark or prismdump A packet with atleast 5 million frames is required.
perl \progra~1\wepcrack\wepcrack\.pl ivfile.log
This command asks WEPCrack to determine the key from the log-file [1]

AirCrack

Aircrack is another program that's even simpler to use as no command need to be entered; instead the user is asked to type in some parameters and click some buttons.

First airodump is started to gather the packets; herefore channel and MAC-filter are asked, yet the user does not need to know them per se (instead 0 and p may be inputted respectively). Then, airacrk is started, the file just created by airodump is accessed, a 0 needs to be entered and the program determines the key.

AirSnort

AirSnort is an even simpler program, as it is completely interface-based. As the attack is only a simple brute-force attack however, cracking the encryption can take a while (from several days to a few weeks). Especially if traffic is low (only 4 users or so on network, the cracking will take atleast 2 weeks). bud bud bud

Comparisation of tools

A comparisation of the tools noted above may be found at Security Focus.

References

  1. ^ Hacking Wireless Networks for Dummies
Retrieved from "https://en.wikipedia.org/w/index.php?title=Network_encryption_cracking&oldid=244640010"