WEP Cracking, FBI Style( In Just 3 Minutes ) !

Okay, before we begin, I give you Hungry Hacker´s fun facts on WEP.

FUN FACTS:

-WEP stands for Wired Equivalent Privacy

-WEP is used to secure wireless networks from eavesdroppers

-WEP usually takes hours to crack

WEP has always been a long and tedious job, untill recently, when two FBI agents demonstrated how it´s possible to crack WEP in under 4 minutes (3 to be exact).

Here is how they did it:

1. Run Kismet to find your target network. Get the SSID and the channel.

2. Run Airodump and start capturing data.

3. With Aireplay, start replaying a packet on the target network. (You can find a ‘good packet’ by looking at the BSSID MAC on Kismet and comparing it to the captured packet’s BSSID MAC).

4. Watch as Airodump goes crazy with new IVs. Thanks to Aireplay.

5. Stop Airodump when you have about 1,000 IVs.

6. Run Aircrack on the captured file.

7. You should see the WEP key infront of you now.

PROGRAMS USED:

-Kismet

Kismet is an 802.11 layer2 wireless network detector, sniffer, and intrusion detection system.

It is designed for Linux.

You can download it at www.kismetwireless.net

A windows version can be downloaded at http://www.renderlab.net/projects/wrt54g/kiswin.html

-Aircrack (Includes Airodump, Aireplay, Aircrack and optional Airdecap for decrypting WEP/WPA capture files)

Aircrack is the 802.11 WEP and WPA-PSK keys cracking program that can recover this keys once enough encrypted packets have been captured with airodump.

Airdecap is used to decrypt WEP/WPA capture files.

Airmon can be used to configure the wireless card.

Aireplay is used to inject frames.

Airodump is used for packet capturing of raw 802.11 frames and is particularly suitable for collecting WEP IVs (initialization vectors) for the intent of using them with aircrack-ng.

Download the whole suit at www.aircrack-ng.org

Av fun and enjoy,

-Hungry Hacker

Read more »

Securing A Wireless Network Connection With WEP Or WPA

I have just set up a wireless connection at home – whenever I log on it says that the connection is unsecure – how do I secure it? I have a new Toshiba Laptop and a Phillips Router. I saw something about a WEP key….where do I enter this?

You are right to worry about this problem, actually, because any open wireless network is an invitation for neighbors and various unsavory characters to connect to your network as if they were on your local area network. This means that they’d be able to use your network-friendly printer, your networked hard drive backup system, and try to break into your computers too. In addition, they’d be able to use your network connection itself and if they were to download tons of illegal music, for example, the RIAA could get your ISP to shut you down, or if they downloaded porn or terrorism research data, well, the FBI could get involved. Not good! Fortunately, it’s pretty easy to secure a wireless network system: you need to log in to your router / base station (your Phillips unit), which is probably done by simply entering a special IP address in your Web browser (try 192.168.1.1 if the documentation that was included with the router doesn’t explain). If that fails, you might need to hook the router directly to the computer via a USB cable, though those are definitely rare systems.

Once you’ve hooked up, you should find a multi-tab configuration tool that has one tab labeled “Security” or similar. Click on that and you should be able to find “Password” as an option or button. Click on that and it should give the options of WEP or WPA. I recommend that you choose WPA and use a long password – it’s far more secure than WEP.

Here’s an example from the configuration screen of my Linksys router:

As you can see, it’s a bit complicated, but once you enter a password it automatically generates all the scary looking (hexidecimal) security codes: any of those will be what you would enter on your Toshiba laptop — once — to be securely connected forever.

I hope that helps you get your hatches battened down!

Read more »