Upload
others
View
2
Download
0
Embed Size (px)
Citation preview
The Trouble with WEP
Or, cracking WiFi networksfor fun & profit (not really)
Jim Owens
Overview
Background and a little history How WEP works WEP’s major weaknesses A short course in wardriving
Using kismet to scout out the wireless landscape
Zeroing in with the aircrack-ng suite airodump, to capture traffic aireplay, to replay weakly encrypted packets aircrack, to find the key using statistical
methods
Background & history…
Wireless Equivalent Privacy Adopted in 1999 as part of 802.11
standard Later swallowed whole by 802.11b
standard Initially, used only 40-bit encryption
keys, due to technology export restrictions
Later, expanded to 104-bit keys when export restrictions were eased
Used 6 times as often as WPA/WPA2 despite known fatal weakness* (85% / 14% / 1%)
*Based on a 2006 survey in Seattle area
How WEP works
Plain text gets CRC-32 checksum appended
24-bit initialization vector pre-pended to key as a seed for RC4 key scheduling algorithm
RC4’s pseudo-random generation algorithm outputs keystream
Keystream XORed with plain text IV in plain text pre-pended to message On receipt, keystream regenerated and
XORed with cipher text to produce plain text
WEP’s major weaknesses
IV space too small (224) On a busy network, IVs must repeat in <= 5
hours 50% probability that IV repeats in 5,000
packets RC4 algorithm produces “weak” IVs that
can be correctly guessed 5% or 13% of the time
No key management; typically just one key
IP traffic contains much known plaintext data
Open to injected traffic that is rebroadcast
Wardriving: Kismet
Network detector, sniffer, IDS Works on 802.11b, 802.11a, 802.11g
networks Uses passive monitoring, so hard to
detect Logs sniffed packets in formats
compatible with Wireshark/Tcpdump, Airsnort
Channel surfs automatically Optionally, supports GPS for network
location
Kismet: Install & configure
Binary packages available for most systems
Requires WiFi adaptor that supports monitor mode as “capture source”
Logs traffic in popular formats* Specify source in
/etc/kismet/kismet.conf, as driver,device,source_name
source=ipw2200,eth1,Stella
*Wireshark, Airsnort, etc.
Stella, the WiFi attack animal!
Wardriving: Recon phase
Use Kismet to survey WiFi landscape and to choose a target network
Record necessary data for Aircrack attack: Channel number? SSID? Access point MAC address?
Wardriving: Kismet
Wardriving: Attack phase Aircrack-ng: Software for network
detection, sniffing, WEP cracking, and analysis
Works on 802.11b, 802.11a, 802.11g Uses passive monitoring & packet
injection Main tools
aircrack-ng: Cracking airdecap: Packet decryption airmon: Monitor mode switching aireplay: Packet injection (Linux only) airodump: Exports traffic to .cap files
Wardriving: Aircrack procedure
1.Bring up adapter on target’s channel in monitor mode:
# ifconfig wlan0 up# iwconfig wlan0 mode Monitor channel 9
Capture packets to file on channel, IVs only
# airodump wlan0 ./berlin_dump 9 1
Wardriving: Airodump
Wardriving: Aircrack procedure
1.Find weakly-encrypted packets to replay in interactive mode
# aireplay 2 b 00:14:6C:40:BA:A6 \x 512 wlan0
Finally, crack WEP key with captured IVs
# aircrack n 64 berlindump.ivs
Wardriving: Aireplay
Wardriving: Aircrack
Summary
WEP has numerous serious flaws WEP's flaws are thoroughly documented WEP is readily exploitable in a short
time, by unskilled attackers, using readily available tools
Strong protection is readily available Bottom line:
Don't use WEP, period!
Questions?