Presentation is loading. Please wait.

Presentation is loading. Please wait.

MASNET GroupXiuzhen ChengFeb 8, 2006 CSCI388 Project 1 Crack the WEP key Liran Ma Department of Computer Science The George Washington University

Published byMadeleine Harris Modified over 9 years ago

Similar presentations

Presentation on theme: "MASNET GroupXiuzhen ChengFeb 8, 2006 CSCI388 Project 1 Crack the WEP key Liran Ma Department of Computer Science The George Washington University"— Presentation transcript:

1 MASNET GroupXiuzhen ChengFeb 8, 2006 CSCI388 Project 1 Crack the WEP key Liran Ma Department of Computer Science The George Washington University lrma@gwu.edu

2 MASNET GroupXiuzhen ChengFeb 8, 2006 Project resolutions n Experiment with IEEE 802.11b/g networks. n Learn how to use different network analysis tools. n Exploit 802.11 (WEP) security properties.

3 MASNET GroupXiuzhen ChengFeb 8, 2006 Warning n Do not hack any wireless networks other than the one provided for this course. n It is your sole responsibility for your actions!

4 MASNET GroupXiuzhen ChengFeb 8, 2006 Notes (1/2) n No laptop will be provided for this project. If you really can not have a laptop, talk to me after class. n Linux OS is highly recommended for this project, though Windows can do the same job as well. u The best practice is to use a special security Linux distribution (such as WHAX, backtrack and etc) with u A USB flash drive with 1G above capacity.

5 MASNET GroupXiuzhen ChengFeb 8, 2006 Notes (2/2) n A “good” 802.11b/g wireless card, which must be able to run in promiscuous mode. u Not all cards will do this, especially USB based ones. u Most PCMCIA cards will do promiscuous mode just fine though. n You are not required to follow exactly the procedures/steps mentioned below as long as you answer the question correctly. u Those steps are just meant to provide you with some guidelines.

6 MASNET GroupXiuzhen ChengFeb 8, 2006 Wireless Access Point (AP) Location n There is only one AP located in 719, which is near to AC 725, running both 802.11b and 802.11g. You can work at AC 725 because it is an open lab. n The network name, i.e., the SSID is CSCI388. n Please report to cheng@gwu.edu if the AP seems to be failing.cheng@gwu.edu

7 MASNET GroupXiuzhen ChengFeb 8, 2006 Step 1: network survey n You will have to find the detailed information about the wireless network: u AP’s MAC address. u Security protocol running. u Encryption key length. u Clients association. u Any other information that can help you to crack the key. n For windows users, survey the site using Netstumbler. n For Linux users, use either Kismet or Air snort.

8 MASNET GroupXiuzhen ChengFeb 8, 2006 Step 1: (snap shot of netstumbler)

9 MASNET GroupXiuzhen ChengFeb 8, 2006 Step 2: Data collection n Due to the broadcasting feature of the wireless communication, you can sniff the traffic even you are not a legitimate user. u Collect data packets using tools such as Ethereal, Kismet. u After collecting enough encrypted data (ranges from 500 mega to 1G), you are ready to crack the WEP. u For extra credits, you need to detect which service the server is running and figure out how to get the file via hacking that service.

10 MASNET GroupXiuzhen ChengFeb 8, 2006 Step 2: (snap shot of ethereal)

11 MASNET GroupXiuzhen ChengFeb 8, 2006 Step 3: crack the key n Crack the WEP key using the collected data. You can recovery the key by: u The weakness of the key scheduling in RC4. u Active dictionary attack. u Or any other attacking measures (some attacking method can make your life much easier. Last year’s record is two hours). u Once you recovery the key (in ASCII format, convert it to ASCII if you get a key in hexadecimal format), you know you did it right.

12 MASNET GroupXiuzhen ChengFeb 8, 2006 Extra credits: Hack into the server n Use the data collected in step 2: u Detect which service the server is running. u figure out the user name and password. u Then, get the file from the server using the user name and password. u You may need a little extra works in order to associate with the AP and get access to the server.

13 MASNET GroupXiuzhen ChengFeb 8, 2006 What to turn in n A zip or tar ball file that contains: u Detailed cracking steps (including what tools are used, how to install and run them, provide snapshot if necessary). u The WEP encryption key. u One legitimate MAC address. u Answers to the questions. n Extra credits: u The user account and its password of the service that is running on the server. u The file you see after you hack into the server.

14 MASNET GroupXiuzhen ChengFeb 8, 2006 Available tools n Windows Wireless Security Tools u Ethereal – a free network protocol analyzer (sniffer) http://www.ethereal.com/http://www.ethereal.com/ u WinPcap – for capturing packets http://winpcap.polito.it/default.htmhttp://winpcap.polito.it/default.htm u Netstumbler – site surveying utility http://www.netstumbler.com/http://www.netstumbler.com/ u tinyPEAP – Official tinyPEAP site http://www.tinypeap.comhttp://www.tinypeap.com u Change MAC address: http://www.nthelp.com/NT6/change_mac_w2k.htm or http://students.washington.edu/natetrue/macshift/http://www.nthelp.com/NT6/change_mac_w2k.htm http://students.washington.edu/natetrue/macshift/ u WepLab – a Wep Security Analyzer. http://weplab.sourceforge.net/http://weplab.sourceforge.net/ n Linux Wireless Security Tools u Ethereal – a free network protocol analyzer (sniffer) http://www.ethereal.com/http://www.ethereal.com/ u LibPcap – should be available with your distribution of Linux. u Kismet – A VERY good tool for surveying wireless networks puts Netstumbler to shame http://www.kismetwireless.net/http://www.kismetwireless.net/ u Airsnort – A utility for cracking WEP keys. Also, you can get information about Monitor mode on the Airsnort page. You may find this useful, although not essential. http://airsnort.shmoo.com/http://airsnort.shmoo.com/ u For changing you MAC address in Linux, use ifconfig hw ether. u WepLab – a Wep Security Analyzer. http://weplab.sourceforge.net/http://weplab.sourceforge.net/ u WepAttack – this tool uses different approach (active dictionary attack) to crack the WEP. You are welcome to try it. http://wepattack.sourceforge.net/http://wepattack.sourceforge.net/

15 MASNET GroupXiuzhen ChengFeb 8, 2006 Questions? Good luck and have fun!

16 MASNET GroupXiuzhen ChengFeb 8, 2006 Backup slides: Snapshot of Kismet

17 MASNET GroupXiuzhen ChengFeb 8, 2006 Backup slides: Snapshot of AirSnort

Download ppt "MASNET GroupXiuzhen ChengFeb 8, 2006 CSCI388 Project 1 Crack the WEP key Liran Ma Department of Computer Science The George Washington University"

Similar presentations

Ethical Hacking Module XV Hacking Wireless Networks.

Ethical Hacking Module XV Hacking Wireless Networks.
Security+ All-In-One Edition Chapter 10 – Wireless Security

Security+ All-In-One Edition Chapter 10 – Wireless Security
ITEC 6324 – Assignment Seven IEM Baseline Activity / Tool (Netstumbler, Kismet, Airopeek & AirSnort. Name: Victor Wong Instructor: Dr Crowley.

ITEC 6324 – Assignment Seven IEM Baseline Activity / Tool (Netstumbler, Kismet, Airopeek & AirSnort. Name: Victor Wong Instructor: Dr Crowley.
Overview How to crack WEP and WPA

Overview How to crack WEP and WPA
Wireless LAN Security Understanding and Preventing Network Attacks.

Wireless LAN Security Understanding and Preventing Network Attacks.
Password Cracking, Network Sniffing, Man-in-the-Middle attacks, and Virtual Private Networks Lab 2 – Class Discussion Group 3 Ruhull Alam Bhuiyan Keon.

Password Cracking, Network Sniffing, Man-in-the-Middle attacks, and Virtual Private Networks Lab 2 – Class Discussion Group 3 Ruhull Alam Bhuiyan Keon.
1 MSc EEM118 Research Dissertation CITE, UEL Cryptography and Network Security Dr David Xiao

1 MSc EEM118 Research Dissertation CITE, UEL Cryptography and Network Security Dr David Xiao
Crack WEP Lab Last Update 2014.08.12 1.1.0 1Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com.

Crack WEP Lab Last Update Copyright 2014 Kenneth M. Chipps Ph.D.
Wireless Cracking By: Christopher Zacky.

Wireless Cracking By: Christopher Zacky.
Crack WPA Lab Last Update 2014.06.11 1.0.0 1Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com.

Crack WPA Lab Last Update Copyright 2014 Kenneth M. Chipps Ph.D.
Hacking WLAN // BRUTE FORCE CRACKER // TCP/IP. WLAN HACK Wired Equivalent Privacy (WEP) encryption was designed to protect against casual snooping, but.

Hacking WLAN // BRUTE FORCE CRACKER // TCP/IP. WLAN HACK Wired Equivalent Privacy (WEP) encryption was designed to protect against casual snooping, but.
Attack and Defense in Wireless Networks Presented by Aleksandr Doronin.

Attack and Defense in Wireless Networks Presented by Aleksandr Doronin.
1 MD5 Cracking One way hash. Used in online passwords and file verification.

1 MD5 Cracking One way hash. Used in online passwords and file verification.
The Trouble with WEP Or, cracking WiFi networks for fun & profit (not really) Jim Owens.

The Trouble with WEP Or, cracking WiFi networks for fun & profit (not really) Jim Owens.
Man in the Middle Paul Box Beatrice Wilds Will Lefevers.

Man in the Middle Paul Box Beatrice Wilds Will Lefevers.
Analysis of 802.11 Privacy Jim McCann & Daniel Kuo EECS 598.

Analysis of Privacy Jim McCann & Daniel Kuo EECS 598.
December 17, 2002 1 Wi-Fi Mark Faggiano GBA 576. December 17, 20022 Purpose of the Project  I hear Wi-Fi, WLAN, 802.11 everywhere  What does it all.

December 17, Wi-Fi Mark Faggiano GBA 576. December 17, Purpose of the Project  I hear Wi-Fi, WLAN, everywhere  What does it all.
Packet Capture Using Ethereal. Definition for Sniffer: A program and/or device that monitors data traveling over a network. Sniffers can be used both.

Packet Capture Using Ethereal. Definition for Sniffer: A program and/or device that monitors data traveling over a network. Sniffers can be used both.
Wireless Insecurity.

Wireless Insecurity.
Handoff Delay for 802.11b Wireless LANs Masters Project defense Anshul Jain Committee: Dr. Henning Schulzrinne, Columbia University Dr. Zongming Fei, University.

Handoff Delay for b Wireless LANs Masters Project defense Anshul Jain Committee: Dr. Henning Schulzrinne, Columbia University Dr. Zongming Fei, University.

Similar presentations

Ads by Google