Network encryption cracking: Difference between revisions

Browse history interactively

← Previous edit

Content deleted Content added

VisualWikitext

Revision as of 03:38, 15 November 2008 edit Chris the speller (talk \| contribs) Autopatrolled, Extended confirmed users, Pending changes reviewers 894,410 edits m sp ← Previous edit		Latest revision as of 22:14, 24 September 2024 edit undo Kvng (talk \| contribs) Extended confirmed users, New page reviewers 116,075 edits destub
(19 intermediate revisions by 15 users not shown)
Line 1: {{Short description\|Method for breaching computer network security}} ~~{{Cleanup\|date=October 2008}}~~ {{~~Refimprove~~More citations needed\|date=October 2008}} {{essay\|date=August 2018}} '''Network encryption cracking''' is the breaching of network encryptions (ege.g., WEP, WPA, ...), usually ~~trough~~through the use of a special [[Wireless security\|encryption cracking software]]. It may be done through a range of attacks (active and passive) including injecting traffic, decrypting traffic, and [[Dictionary attack\|dictionary-based attacks]]. ==Methods== Line 9 ⟶ 10: * Injecting traffic based on known plaintext (active attack) * Gathering traffic and performing brute force/dictionary based attacks * Decrypting traffic using statistical analysis (passive attack) ===Injecting traffic=== Injecting traffic means inserting forged encrypted messages into the network. It may be done if either the key is known (to generate new messages), ~~but also~~or if the key is not known and only aan encrypted message and plaintext message is gathered, ~~trough~~through comparison of the two. Programs able to do the latter are [[Aireplay]] and [[WepWedgie]]. ===Decrypting=== Decryption often requires 2 tools; 1 for gathering packets and another for analysing the packet and determining the key. Gathering packets may be done through tools such as [[WireShark]], [[or Prismdump]] and cracking may be done through tools such as [[WEPCrack]], [[AirSnort]], [[AirCrack]], and [[WEPLab]]. When gathering packets, often a great amount of them are required to perform cracking. Depending on the attack used, 5-16 million frames may be required. The attack command itself, however, is surprisingly simple. Line 22 ⟶ 23: Commands to be inputted into WEPCrack are: <syntaxhighlight lang="console"> $ perl \progra~1\wepcrack\pcap-getIV.pl </syntaxhighlight> This command generates a log-file (ivfile.log) from a captured packet obtained by WireShark or prismdump A packet with at least 5 million frames is required. <syntaxhighlight lang="console"> $ perl \progra~1\wepcrack\wepcrack\.pl ivfile.log </syntaxhighlight> This command asks WEPCrack to determine the key from the log file.<ref>{{Cite book \|last1=Beaver \|first1=Kevin \|title=Hacking Wireless Networks ~~for~~For Dummies \|last2=Davis \|first2=Peter \|publisher=[[For Dummies]] \|year=2005 \|isbn=978-0764597305 \|edition=1st}}</ref> ====AirCrack==== Line 36 ⟶ 41: ====AirSnort==== AirSnort is a software program that passively collects traffic on an [[IEEE 802.11b]] network that was released in August 2001.<ref>{{Cite magazine \|last=Delio \|first=Michelle \|title=Wireless Networks in Big Trouble \|language=en-US \|magazine=[[Wired (magazine)\|Wired]] \|url=https://www.wired.com/2001/08/wireless-networks-in-big-trouble/ \|access-date=2023-01-16 \|issn=1059-1028}}</ref> After enough packets have been collected, the program can then compute the key for the wireless network. As the software makes use of brute-force attack however, cracking the encryption can take between a few hours to several days, based on the activity on the network.<ref>{{Cite web \|title=AirSnort pokes holes in AirPort network security \|url=https://www.macworld.com/article/162585/airsnort.html \|access-date=2023-01-16 \|website=Macworld \|language=en}}</ref> AirSnort is an even simpler program, as it is completely interface-based. As the attack is only a simple brute-force attack however, cracking the encryption can take a while (from several days to a few weeks). Especially if traffic is low (only 4 users or so on network, the cracking will take at least 2 weeks). ~~==Comparison of tools==~~ A comparison of the tools noted above may be found at [http://www.securityfocus.com/infocus/1814 Security Focus].▼ ==References== {{reflist}} ==External links== ▲* A comparison of the tools ~~noted~~listed above may be found at [https://web.archive.org/web/20060408114100/http://www.securityfocus.com/infocus/1814 Security Focus]. [[Category:Computer network security]]