Network encryption cracking: Difference between revisions

Browse history interactively

← Previous edit

Content deleted Content added

VisualWikitext

Revision as of 09:52, 4 October 2008 edit 87.64.196.170 (talk) →Wepcrack ← Previous edit		Latest revision as of 22:14, 24 September 2024 edit undo Kvng (talk \| contribs) Extended confirmed users, New page reviewers 116,060 edits destub
(29 intermediate revisions by 22 users not shown)
Line 1: {{Short description\|Method for breaching computer network security}} Network encryption cracking is the breaching of network encrptions (eg WEP, WPA, ...), usually trough the use of a special [[Wireless security\|encryption cracking software]]. It may be done trough a range of attacks (active and passive) including injecting traffic, decrypting traffic and dictonary-based attacks.▼ {{More citations needed\|date=October 2008}} {{essay\|date=August 2018}} ▲'''Network encryption cracking''' is the breaching of network ~~encrptions~~encryptions (ege.g., WEP, WPA, ...), usually ~~trough~~through the use of a special [[Wireless security\|encryption cracking software]]. It may be done ~~trough~~through a range of attacks (active and passive) including injecting traffic, decrypting traffic, and ~~dictonary~~[[Dictionary attack\|dictionary-based attacks]]. ==Methods== Line 6 ⟶ 10: * Injecting traffic based on known plaintext (active attack) * Gathering traffic and performing brute force/dictionary based attacks * Decrypting traffic using statistical analysis (passive attack) ===Injecting traffic=== Injecting traffic means inserting forged encrypted messages into the network. It may be done if either the key is known (to generate new messages), ~~but also~~or if the key is not known and only aan encrypted message and plaintext message is gathered, ~~trough~~through ~~comparisation~~comparison of the two. Programs able to do the latter are [[Aireplay]] and [[WepWedgie]]. ===Decrypting=== Decryption often requires 2 tools; 1 for gathering packets and another for analysing the packet and determining the key. Gathering packets may be done ~~trough~~through tools such as [[WireShark]], [[or Prismdump~~]], ...~~ and cracking may be done ~~trough~~through tools such as [[WEPCrack]], [[AirSnort]], [[AirCrack]], [[and WEPLab~~]], ..~~. When gathering packets, often a great amount of them are required to perform cracking. Depending on the attack used, 5-16 million frames may be required. The attack- command itself, however, is surprisingly simple. ~~Some examples:~~ ====WEPCrack==== Commands to be inputted into WEPCrack are: <nowiki>perl \progra~1\wepcrack\pcap-getIV.pl <br />▼ <syntaxhighlight lang="console"> This command generates a log-file (ivfile.log) from a captured packet obtained by WireShark or prismdump A packet with atleast 5 million frames is required. <br />▼ $ perl \progra~1\wepcrack\~~wepcrack\~~pcap-getIV.pl ~~ivfile.log <br />~~ </syntaxhighlight> ~~This command asks WEPCrack to determine the key from the log-file~~ ~~</nowiki>~~ ▲This command generates a log-file (ivfile.log) from a captured packet obtained by WireShark or prismdump A packet with ~~atleast~~at least 5 million frames is required. ~~<br />~~ <syntaxhighlight lang="console"> ▲~~<nowiki>~~$ perl \progra~1\wepcrack\~~pcap-getIV~~wepcrack\.pl ~~<br />~~ivfile.log </syntaxhighlight> This command asks WEPCrack to determine the key from the log file.<ref>{{Cite book \|last1=Beaver \|first1=Kevin \|title=Hacking Wireless Networks For Dummies \|last2=Davis \|first2=Peter \|publisher=[[For Dummies]] \|year=2005 \|isbn=978-0764597305 \|edition=1st}}</ref> ====AirCrack==== Aircrack is another program that's even simpler to use, as no command need to be entered; instead the user is asked to type in some parameters and click some buttons. First airodump is started to gather the packets; herefore channel and MAC-filter are asked, yet the user does not need to know them per se (instead 0 and p may be inputted respectively). Then, ~~airacrk~~AirCrack is started, the file just created by airodump is accessed, a 0 needs to be entered and the program determines the key. ====AirSnort==== AirSnort is a software program that passively collects traffic on an [[IEEE 802.11b]] network that was released in August 2001.<ref>{{Cite magazine \|last=Delio \|first=Michelle \|title=Wireless Networks in Big Trouble \|language=en-US \|magazine=[[Wired (magazine)\|Wired]] \|url=https://www.wired.com/2001/08/wireless-networks-in-big-trouble/ \|access-date=2023-01-16 \|issn=1059-1028}}</ref> After enough packets have been collected, the program can then compute the key for the wireless network. As the software makes use of brute-force attack however, cracking the encryption can take between a few hours to several days, based on the activity on the network.<ref>{{Cite web \|title=AirSnort pokes holes in AirPort network security \|url=https://www.macworld.com/article/162585/airsnort.html \|access-date=2023-01-16 \|website=Macworld \|language=en}}</ref> AirSnort is an even simpler program, as it is completely interface-based. As the attack is only a simple brute-force attack however, cracking the encryption can take a while (from several days to a few weeks). Especially if traffic is low (only 4 users or so on network, the cracking will take atleast 2 weeks). ~~==Comparisation of tools==~~ A comparisation of the tools noted above may be found at [http://www.securityfocus.com/infocus/1814 Security Focus].▼ ==References== {{reflist}} ==External links== ▲* A ~~comparisation~~comparison of the tools ~~noted~~listed above may be found at [https://web.archive.org/web/20060408114100/http://www.securityfocus.com/infocus/1814 Security Focus]. [[Category:Computer network security]]