Penetration Testing mailing list archives
Re: Cracking WEP and WPA keys
From: "marko ruotsalainen" <chrome () liquidinfo net>
Date: Wed, 14 Dec 2005 09:15:04 +0200 (EET)
The Fluhrer-Mantin-Shamir method is not efficient in all cases.
As Access Points have been fixed to some extent to not leak weak IV's, this attack is not very effective. Unless the AP hasn't been updated since the FMS attack, you are wasting your time. (I know, generalization) A guy called KoreK figured out a statistical attack against WEP that requires gathering about 100k packets for 64-bit and 300k packets for 128-bit WEP and this attack has been incorporated into weplab and aircrack tools. If the network is a low-traffic network, you could try to speed things up by replaying valid traffic into the network. You could for example identify WEP-encrypted ARP packet by it's size, and then repeat this into the network while capturing generated sent/received data on another machine/nic. And about the effectiveness of cracking WPA-PSK with a dictionary attack, I think this is as easy or as hard as the passphrase used. If you use a normal 8-character word as your passphrase, and you have a good dictionary starting from 8 characters... If you use a 63 character passphrase instead, things get just a bit harder.. ;) -m- -- http://www.liquidinfo.net ------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
Current thread:
- Cracking WEP and WPA keys Robin Wood (Dec 13)
- Re: Cracking WEP and WPA keys Dave Bush (Dec 13)
- Re: Cracking WEP and WPA keys Seth Fogie (Dec 13)
- Re: Cracking WEP and WPA keys Erin Carroll (Dec 13)
- Re: Cracking WEP and WPA keys Robin Wood (Dec 14)
- Re: Cracking WEP and WPA keys Robin Wood (Dec 14)
- Re: Cracking WEP and WPA keys Dave Bush (Dec 13)
- Re: Cracking WEP and WPA keys Seth Fogie (Dec 13)
- Re: Cracking WEP and WPA keys Joachim Schipper (Dec 13)
- Re: Cracking WEP and WPA keys Robin Wood (Dec 13)
- Re: Cracking WEP and WPA keys Michael Sierchio (Dec 13)
- Re: Cracking WEP and WPA keys marko ruotsalainen (Dec 14)
- <Possible follow-ups>
- RE: Cracking WEP and WPA keys Shenk, Jerry A (Dec 13)
- Re: Cracking WEP and WPA keys Alvin Oga (Dec 13)
- Re: Cracking WEP and WPA keys Seth Fogie (Dec 13)
- RE: Cracking WEP and WPA keys cerealkilla (Dec 15)
- RE: Cracking WEP and WPA keys Sahir Hidayatullah (Dec 16)
- RE: Cracking WEP and WPA keys Josh Perrymon (Dec 13)
- Re: Cracking WEP and WPA keys pagvac (Dec 14)
- Radio Signal Pent test (RFID) Louie (Dec 14)
- Re: Radio Signal Pent test (RFID) Toufeeq Hussain (Dec 27)
- Re: Cracking WEP and WPA keys David M. Zendzian (Dec 14)
- Radio Signal Pent test (RFID) Louie (Dec 14)
(Thread continues...)
- Re: Cracking WEP and WPA keys Dave Bush (Dec 13)