Introduction
In aspect one we examined the newest generation of passive WEP cracking equipment that use statistical or brute force strategies to recover WEP encryption keys from captured wireless network visitors. This time, from the 2nd and final article, we take a look at active equipment that use 802.11 transmissions to assault WEP networks.
All of these active wireless attack techniques talked about with this post demand the power to inject arbitrary packets onto a wireless network. Despite the fact that various injection strategies can be found, most need Linux, are unsupported, and use hacked drivers which have assistance and availability issues. All of them need at the very least one wireless PCMCIA card depending on the Prism2 chipset (including the Senao 2511-CD-PLUS). Fortuitously, the Auditor Security Assortment [ref 1] live cd-rom can save you quite a few headaches because it incorporates ready-to-use drivers for a number of active assault resources.
Beware of network disruptions which can be caused by active attacks. Employing these instruments could have unpredictable effects in different environments. In my testing, I've encountered a few programs that had to be rebooted in order to purpose once again after becoming bombarded with injected packets.
Speedy site visitors generation
If you've spent much time sniffing wireless networks (and, should you are reading this article, I bet you have) then you probably have noticed that the source and destination MAC addresses are plainly visible for every packet even when the packet contents are encrypted with WEP. This allows you to uniquely identify hosts on the wireless network as well as hosts on a bridged, wired LAN. If you've never tried targeted traffic analysis of an encrypted wireless network, I highly recommend the exercise. Find a busy network, fire up Ethereal [ref 2], and try to answer as many of the following questions as you can:
How many access points share the same ESSID?
Does the access point bridge or route visitors?
Is EAP used? If so,
Cheap Office 2007, what EAP type?
Is open system or shared key authentication in use?
What is the MAC address of the default gateway?
What are the NIC vendors for wireless hosts?
What are the NIC vendors for wired hosts?
What is the vendor of the access point?
Can you find a DNS transaction?
Can you find a TCP three-way handshake?
Can you find an HTTP transaction?
What hosts transmit/receive the most bytes/packets?
Does any traffic occur with a distinct periodicity (like POP3 every 5 minutes)?
Can you find any ARP traffic? (hint: frame.pkt_len==68 and wlan.da==ff:ff:ff:ff:ff:ff)
No wireless network according to WEP provides protection against replay attacks. With the right tools, you can get any captured packet and reinject it back onto the network. The packet will be correctly encrypted even though you have no idea of its contents. Then again, you might have a pretty good guess as to its contents according to site visitors analysis. You might choose something that is likely for being an ARP request, hoping that it will generate a response from another host about the network. If you're right, you could replay the same packet hundreds or even thousands of times per 2nd,
microsoft Office 2010 Serial, forcing that host to spew an enormous stream of responses, individually encrypted with different IVs.
This method described is exactly the method used by aireplay, a tool that comes with aircrack [ref 3]. A screenshot of aireplay is shown below in Figure one. As we discovered in portion a single, both aircrack and WepLab [ref 4]are capable of cracking WEP keys after collecting just several hundred thousand packets. With a successful aireplay assault, you can generate that many packets in just some minutes. Therefore, people who say that re-keying every 10 minutes makes WEP unbreakable are dead wrong. Per-session,
Office 2010 Product Key, per-user keys also don't stand a chance against this assault. WEP is truly dead. . . once more.
Figure 1. Aireplay at work.
The Auditor Protection Collection live cd-rom makes it relatively easy to try aireplay because it consists of aircrack's patched hostap driver by default, but you will need two wireless cards with a minimum of several inches distance between their antennas. You might find it easier to use two laptops, a single with a Prism2 card to replay captured packets, and a 2nd to capture all the new visitors that is generated. Be prepared to spend some time finding an appropriate packet to replay; you could need to preserve individual packets with Ethereal and feed them to aireplay.
Another tool that implements a similar assault has been around for much longer in the BSD world. Portion of OpenBSD's Wnet, reinj performs the same assault as aireplay and does it all with just a single Prism2 card (as does the newest beta of aireplay). Whichever tool you use to generate visitors, I recommend WepLab or aircrack for cracking the WEP key.
Encrypted packet injection
Most of the WEP attack instruments around the scene today focus on cracking WEP keys, but there are also other WEP vulnerabilities that can be exploited. WEPWedgie [ref 5], a tool released in 2003 by Anton Rager, allows an attacker to craft an arbitrary plaintext packet and inject it into the wireless network without knowledge of the WEP key. The receiving stations accept the packet as if the sender used the correct key to encrypt the packet. The way WEPWedgie is able to accomplish this is by reconstructing the keystream that was used to encrypt a particular plaintext. With knowledge of some plaintext and the resulting ciphertext, a simple XOR operation yields the keystream that results from a particular IV. And because WEP allows the same IV to be used over and over once again, WEPWedgie can use the keystream to correctly encrypt and inject any variety of packets whose contents are limited only by the length of the known keystream.
There are numerous ways that an attacker can discover the ciphertext for a known plaintext, but the method used by WEPWedgie's prgasnarf is to listen for shared key authentication. The 802.eleven standard defines two types of authentication, "open system authentication" (which you can think of as "no authentication") and "shared key authentication" (which you can think of as "the most misguided authentication mechanism ever devised"). In shared key authentication, the AP transmits 128 bytes of plaintext, and then the station encrypts the plaintext and transmits the resulting ciphertext utilizing the same key and cipher that are used by WEP to encrypt subsequent network traffic. Believe it or not, this horrifying scheme is still getting recommended by certain vendors [ref 6] as a safety enhancement, but it is less common in practice than open system authentication.
Once a keystream has been captured (hint: spoofed deauthentication), WEPWedgie provides numerous interesting packet injection attacks. A simple one particular sends a ping to a target of your choice. The other attacks provide a method of port scanning targets on the wireless network using a chosen source address. As long since the target network has Internet connectivity, you can use the address of a host you control on a remote network and sniff the results of your scan on that host. Interpretation of the results is up to you.
Figure 2. Wepwedgie injecting pings.
To try out WEPWedgie, you'll need a system running a Linux 2.4 kernel, a Prism2 card, and Abaddon's AirJack [ref 7] driver. Unfortunately the Auditor CD's 2.6 kernel isn't supported by AirJack, so you'll have to prepare a system on your own. You might find the Wi-Fi Dog of War [ref 8] instructions helpful to get AirJack working.
Single packet decryption
KoreK, the individual who brought us the improved algorithms used in aircrack and WepLab, released a tool several months ago about the NetStumbler forums that enables an attacker to decrypt individual packets without knowledge of the WEP key. Called chopchop [ref 9], this tool replays a single encrypted packet, modifying a single byte at a time. By monitoring the access point to find out if it accepts the modified packet, chopchop is able to determine the plaintext value of that particular byte and move on to the next. Within many seconds (and thousands of replayed packets), chopchop can decrypt an entire packet. It doesn't matter what encryption key was used, or if a separate key is used for each user, or if the key changes every hour or minute; any packet may be decrypted.
Figure 3. Chopchop decrypting a single packet.
You can use the Auditor CD and a single Prism2 card to try chopchop. Use the switch-to-wlanng script that Auditor provides, pop the card out and then back in once more,
Microsoft Office Home And Business 2010, and the linux-wlan-ng driver will be working, complete with KoreK's injection modifications.
The next era
Since the release of chopchop, the task of acquiring a valid keystream for encrypted packet injection has become trivial for all WEP encrypted networks. Joshua Wright is working on a new version of WEPWedgie that incorporates the chopchop attack and works with newer drivers. Christophe Devine's upcoming version of aireplay, already released as a beta, uses the same technique to allow the forgery of any ARP request. Numerous people are working to improve wireless drivers, including implementation of packet injection with a wider selection of hardware (prism54 is reported to work already), and construction of an abstraction layer for packet injection.
Conclusion
Some vendors continue to sell products that completely lack reasonable wireless protection features. In just two months since the publication of component one particular of this informative article, I've encountered multiple brand new devices, including Wi-Fi VOIP phones and an access point provided by a cable Internet provider, that provide no encryption capability other than WEP. As long as this continues,
Purchase Windows 7, white hats and black hats alike will keep improving the attack methods that render WEP even worse than useless.
For the most aspect, the newer WEP assault equipment exploit vulnerabilities that were described in theory four or more years ago. Perhaps people will learn from the history of WEP the lesson that theoretical vulnerabilities will become real vulnerabilities. Until they do, you can use these penetration testing instruments to assess the weaknesses of your own network and maybe even convince someone that change is needed.
Resources and links
[1] Auditor Safety Collection:
[2] Ethereal:
[3] aircrack:
[4] WepLab:
[5] WEPWedgie:
[6] Linksys recommends shared key authentication:
[7] AirJack:
[8] Wi-Fi Dog of War Mini How-To:
[9] chopchop:
About the author
Michael Ossmann is a security administrator for Exempla Healthcare.
Purchase Windows 7 WEP Dead Again, Part 2 Syman
Linear Mode
