Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Wireless Pen Test

From: Cedric Blancher <blancher () cartel-securite fr>
Date: Fri, 28 Nov 2008 09:07:13 -0800
Le vendredi 28 novembre 2008 à 07:50 -0800, Rui Pereira (WCG) a écrit :

Aircrack-ng is an 802.11 WEP and WPA-PSK keys cracking program. WPA and WPA2
with PSK's can be cracked the way you describe. BUT if you are using WPA
Enterprize type implementation (with an authentication server like RADIUS),
there are no PSK's to crack so your method will not work.


True.
Maybe this talk I gave recently at BA-Con can help clarify a bit:

http://sid.rstack.org/pres/0810_BACon_WPA2_en.pdf



Even the recent attack on WPA with TKIP will not work against wireless
networks configured this way.


Wrong.
This attacks targets encryption protocol (TKIP) and works whatever
authentication method you are using.


-- 
http://sid.rstack.org/
PGP KeyID: 157E98EE FingerPrint: FA62226DA9E72FA8AECAA240008B480E157E98EE

Hi! I'm your friendly neighbourhood signature virus.
Copy me to your signature file and help me spread!


------------------------------------------------------------------------
This list is sponsored by: Cenzic

Security Trends Report from Cenzic
Stay Ahead of the Hacker Curve!
Get the latest Q2 2008 Trends Report now

www.cenzic.com/landing/trends-report
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: