Presentation is loading. Please wait.

Presentation is loading. Please wait.

MIS 5212.001 Week 12 Site:

Published byRebekah Tempest Modified over 10 years ago

Similar presentations

Presentation on theme: "MIS 5212.001 Week 12 Site:"— Presentation transcript:

1 MIS 5212.001 Week 12 Site: http://community.mis.temple.edu/mis5212sec001s15/ http://community.mis.temple.edu/mis5212sec001s15/

2  In the news  Presentation (1)  WEP  Revisit Kismet  Introduction to Aircrack  Attacking WEP  WPA-PSK  Next Week 2MIS 5212.001

3  Submitted  http://thehackernews.com/2015/04/hack-delete- youtube-video.html http://thehackernews.com/2015/04/hack-delete- youtube-video.html  http://www.wired.com/2015/04/ny-cops-used- stingray-spy-tool-46-times-without-warrant/ http://www.wired.com/2015/04/ny-cops-used- stingray-spy-tool-46-times-without-warrant/  http://www.darkreading.com/risk/7-bugs- breaches-and-compromises-to-rock-2015-(so- far)/d/d-id/1319672 http://www.darkreading.com/risk/7-bugs- breaches-and-compromises-to-rock-2015-(so- far)/d/d-id/1319672  http://thehackernews.com/2015/04/anonymous- cyber-attack-israel.html http://thehackernews.com/2015/04/anonymous- cyber-attack-israel.html MIS 5212.0013

4  Submitted MIS 5212.0014

5  What I noted  http://krebsonsecurity.com/2015/04/revolution- crimeware-emv-replay-attacks/ http://krebsonsecurity.com/2015/04/revolution- crimeware-emv-replay-attacks/  http://www.theregister.co.uk/2015/04/07/mozilla _crypto_encryption_snafu_pull/ http://www.theregister.co.uk/2015/04/07/mozilla _crypto_encryption_snafu_pull/  http://www.theregister.co.uk/2015/04/07/uberpo pular_crypto_app_uses_xor_and_nothing_else_hack er_says/ http://www.theregister.co.uk/2015/04/07/uberpo pular_crypto_app_uses_xor_and_nothing_else_hack er_says/  http://www.securityweek.com/google-lets-smtp- certificate-expire http://www.securityweek.com/google-lets-smtp- certificate-expire  https://securityledger.com/2015/04/research-iot- hubs-expose-connected-homes-to-hackers/ https://securityledger.com/2015/04/research-iot- hubs-expose-connected-homes-to-hackers/ MIS 5212.0015

6 6

7  Basic encryption for wireless networks  Specified in IEEE 802.11-1997  Required a minimum 40-bit key, usually set at 104-bit  Uses RC-4 encryption  Applied only to data frames (Payload)  Still widely used, especially on older gear MIS 5212.0017

8  Described as 64 or 128 bit  Reality is 40 or 104  The pre-shared key (Not the same as WPA- PSK) is either 5 or 13 bytes  Initialization vector is transmitted with each packet  IV and key are concatenated to create a per packet key  IV is not a secret!  Four possible keys, index 0-3 MIS 5212.0018

9  One bit field in the frame control field  Called by a number of different names  WEP bit  Privacy bit  Secure bit  With this bit set, the receiving station expects to see a four byte WEP header immediately following the 802.11 header  Also expects to see a four byte trailer immediately following the payload or data portion MIS 5212.0019

10  The four byte header is also the initialization vector or IV along with the index number to designate which WEP key was used  Again, this was used with the WEP key to encrypt the data packet  The four byte trailer is the Integrity Check Value or ICV  This function similar to a CRC check to protect against packet modification MIS 5212.00110

11  Stream cypher  One byte at a time  100 bytes of plaintext = 100 bytes of cypher text + eight bytes of WEP overhead  Requires a unique key (No re-use)  Recall: concatenated from IV and shared secret  Uses a pseudo randomization function referred to as PRGA (Pseudo-random generation algorithm )  PRGA is XOR’d with the plaintext  Recall article on XOR from in the news MIS 5212.00111

12  Poor  Key selection  Message integrity check  Initialization Vector (too short)  No replay protection  Challenge response reveals PRGA  Key is reversible from cypher test (XOR) MIS 5212.00112

13  Restricted to 5 or 13 character pre-shared key  Reduced key efficiency to 2 24  Users often use dictionary words MIS 5212.00113

14  Weak IV selection leads to key recovery  Known plaintext reveals key information  First two bytes of WEP payload are mandated by 802.11 header spec (0xAA 0xAA)  Once you have enough weak IVs, you can recover the key  We will look at the Aircrack-ng tool for this MIS 5212.00114

15  Pre-installed in Kali  Similar issue to Kismet, will need to launch from terminal, not from drop down  Aircrack-ng site has detailed information on installation, building from source, and use  http://aircrack-ng.org/ http://aircrack-ng.org/ MIS 5212.00115

16  Need to connect wireless card to Kali  Need to verify using iwconfig command  Then launch Kismet for a little recon  This will also force the wireless card in to monitor mode  Since StarDrive is my AP we’ll focus on it MIS 5212.00116

17  Double clicking on name gives me detail screen  Note  MAC Address  WEP bit  “Network” menu has option to close window and return to summary MIS 5212.00117

18 MIS 5212.00118

19  We found the AP we want to attack  Know Name (SSID), MAC Address (BSSID), WEP  This also had the affect of forcing wlan0 into monitor mode MIS 5212.00119

20  Lots of extras at:  http://aircrack- ng.org/doku.php?id=simple_wep_crack&Dok uWiki=6a160c439893f7cfb1e861fe023a1e9d http://aircrack- ng.org/doku.php?id=simple_wep_crack&Dok uWiki=6a160c439893f7cfb1e861fe023a1e9d  We’ll run through a few MIS 5212.00120

21  Created ARP traffic to get data faster  You do need access to wired network, so limited applicability in the wild  Used command: MIS 5212.00121

22  Running command:  This will create log file capture*.cap for further analysis MIS 5212.00122

23  Once enough data has been collected, run  aircrack-ng output*.cap  If you don’t have enough data you will see MIS 5212.00123

24  Eventually, with enough IVs you can get to this: MIS 5212.00124

25  Recall, WPA introduced TKIP  WPA2 introduced CCMP and kept TKIP  Both work with both personal and enterprise  Personal – PSK, Enterprise 802.1x  WPA and WPA2 very similar for PSK MIS 5212.00125

26  PSK – Pre-Shared Key  KEK – Key Encryption Key  PMK – Pairwise Master Key – Comes from PSK or EAP method  PTK – Pairwise Temporal Key  Two MIC keys (RX and TX  EAPOL Key Encryption Key  EAPOL Key Confirmation Key MIS 5212.00126

27  PMK is 256 bits in length  PMK is derived using passphrase, ssid, and ssid length information  Hashed 4096 times using HMAC-SHA1  This means process cannot be reversed to extract passphrase MIS 5212.00127

28  Combines MAC of STA and AP with STA and AP nonces  Update nonces generate fresh keys  Uses PMK as additional input (Re: Key) along with the phrase “Pairwise Key Expansion” and combines with above and hashed w/ SHA1 to generate a PTK Note: Nonce is a random value generated by both STA and AP MIS 5212.00128

29  PTK is 384/512 bits in length  First 16 bytes – HMAC MIC key  Next 16 – EAPOL-Key KEK  Next 16 – Temporal Encryption Key  Next 8 – TX TKIP Michael (MIC) Key  Next 8 – RX TKIP Michael (MIC) Key MIS 5212.00129

30 Step 1ANonce, start new PTK negotion SNonce, MIC of Frame 2Step 2 Step 3MIC of frame 3 MIC of frame 4, ready to TX/RX Step 4 MIS 5212.00130

31 MIS 5212.00131  Example  First four lines are 4-Way Handshake  Source has capture file if you want to look for yourself Source: http://mrncciew.com/2014/08/16/decrypt-wpa2-psk-using-wireshark/http://mrncciew.com/2014/08/16/decrypt-wpa2-psk-using-wireshark/

32  AP beacon frames identify capability information  Cypher suite support  Auth key management  Wireshark can filter traffic, then manual inspection can identify MIS 5212.00132

33  Example of beacon frame in wireshark  http://www.hackxcrack.es/forum/hacking- wireless/cracking-wpawpa2-con-reaver/ http://www.hackxcrack.es/forum/hacking- wireless/cracking-wpawpa2-con-reaver/ MIS 5212.00133

34  In the news  More wireless  John the Ripper  Attacking WPA-PSK  Final thoughts MIS 5212.00134

35 ? MIS 5212.00135

Download ppt "MIS 5212.001 Week 12 Site:"

Similar presentations

Crack WEP Lab Last Update 2014.08.12 1.1.0 1Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com.

Crack WEP Lab Last Update Copyright 2014 Kenneth M. Chipps Ph.D.
CN8816: Network Security 1 Security in Wireless LAN 802.11i Open System Authentication Security Wired Equivalent Privacy (WEP) Robust Security Network.

CN8816: Network Security 1 Security in Wireless LAN i Open System Authentication Security Wired Equivalent Privacy (WEP) Robust Security Network.
Wireless Cracking By: Christopher Zacky.

Wireless Cracking By: Christopher Zacky.
IEEE 802.11i IT443 Broadband Communications Philip MacCabe October 5, 2005

IEEE i IT443 Broadband Communications Philip MacCabe October 5, 2005
Crack WPA Lab Last Update 2014.06.11 1.0.0 1Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com.

Crack WPA Lab Last Update Copyright 2014 Kenneth M. Chipps Ph.D.
CSE 6590 1.  Wired Equivalent Privacy (WEP) ◦ first security protocol defined in 802.11  Wi-Fi Protected Access (WPA) ◦ defined by Wi-Fi Alliance 

CSE  Wired Equivalent Privacy (WEP) ◦ first security protocol defined in  Wi-Fi Protected Access (WPA) ◦ defined by Wi-Fi Alliance 
Understanding and Achieving Next-Generation Wireless Security Motorola, Inc James Mateicka.

Understanding and Achieving Next-Generation Wireless Security Motorola, Inc James Mateicka.
Attack and Defense in Wireless Networks Presented by Aleksandr Doronin.

Attack and Defense in Wireless Networks Presented by Aleksandr Doronin.
IPsec Internet Headquarters Branch Office SA R1 R2

IPsec Internet Headquarters Branch Office SA R1 R2
Wireless Security Ryan Hayles Jonathan Hawes. Introduction  WEP –Protocol Basics –Vulnerability –Attacks –Video  WPA –Overview –Key Hierarchy –Encryption/Decryption.

Wireless Security Ryan Hayles Jonathan Hawes. Introduction  WEP –Protocol Basics –Vulnerability –Attacks –Video  WPA –Overview –Key Hierarchy –Encryption/Decryption.
1 MD5 Cracking One way hash. Used in online passwords and file verification.

1 MD5 Cracking One way hash. Used in online passwords and file verification.
Chalmers University of Technology Wireless security Breaking WEP and WPA.

Chalmers University of Technology Wireless security Breaking WEP and WPA.
MIS 5212.001 Week 13 Site:

MIS Week 13 Site:
WEP Weaknesses Or “What on Earth does this Protect” Roy Werber.

WEP Weaknesses Or “What on Earth does this Protect” Roy Werber.
The Trouble with WEP Or, cracking WiFi networks for fun & profit (not really) Jim Owens.

The Trouble with WEP Or, cracking WiFi networks for fun & profit (not really) Jim Owens.
Wireless Network Security: WEP And Beyond Heidi Parsaye Jason DeVries Roxanne Ilse Heidi Parsaye - Jason DeVries - Roxanne Ilse.

Wireless Network Security: WEP And Beyond Heidi Parsaye Jason DeVries Roxanne Ilse Heidi Parsaye - Jason DeVries - Roxanne Ilse.
Wired Equivalent Privacy (WEP)

Wired Equivalent Privacy (WEP)
Security in Wireless LAN 802.11 Layla Pezeshkmehr CS 265 Fall 2003-SJSU Dr.Mark Stamp.

Security in Wireless LAN Layla Pezeshkmehr CS 265 Fall 2003-SJSU Dr.Mark Stamp.
E-mail: kemal@cs.siu.edu Department of Computer Science Southern Illinois University Carbondale Wireless and Network Security Lecture 9: IEEE 802.11.

Department of Computer Science Southern Illinois University Carbondale Wireless and Network Security Lecture 9: IEEE
IEEE 802.11 Wireless Local Area Networks (WLAN’s).

IEEE Wireless Local Area Networks (WLAN’s).

Similar presentations

Ads by Google