1. Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

WEP Encryption Completely Broken

Discussion in 'News' started by Jimmy 2004, Apr 4, 2007.

  1. Jimmy 2004

    Jimmy 2004 New Member

    Joined:
    Jan 15, 2005
    Messages:
    5,491 (1.53/day)
    Thanks Received:
    267
    Location:
    England
    WEP (Wired Equivalent Privacy), the technology used to secure many wireless networks around the world, has been demonstrated to be extremely insecure in new research by a team of cryptographic researchers at the University of Darmstadt in Germany. Using information collected by previous studies that demonstrated correlations in the encryption used by WEP, the team found that they could recover a 104-bit WEP key 50% of the time using just 40,000 captured packets, increasing to a 95% success rate with 85,000 packets. To put it into perspective, 40,000 packets can be captured in under a minute, and a 1.7GHz Pentium M can them work out the WEP key in about three seconds. WEP has been known to have security flaws since 2001, but this latest research demonstrates how weak the technology has become in recent years – if your hardware supports WPA or WPA2 it is highly recommended that you shift to that if you are worried about keeping hackers out of your wireless network.

    Source:University of Darmstadt via The Inquirer
     
  2. Bob The Fish New Member

    Joined:
    Apr 19, 2005
    Messages:
    121 (0.03/day)
    Thanks Received:
    0
    Location:
    Edmonton Alberta Canada
    This is why i like wires over wireless.
     
  3. Mussels

    Mussels Moderprator Staff Member

    Joined:
    Oct 6, 2004
    Messages:
    42,482 (11.48/day)
    Thanks Received:
    9,762
    i could use whatever tools they cracked the wireless with... got a lot of people i know who dont beleive me that its crackable, and need someone to do it in front of them before they'll go wired :(
     
  4. Jimmy 2004

    Jimmy 2004 New Member

    Joined:
    Jan 15, 2005
    Messages:
    5,491 (1.53/day)
    Thanks Received:
    267
    Location:
    England
    I use WPA2 AES/PSK on my wireless network (with a secure key - over 20 characters, a mix of numbers, letters and symbols) as well as MAC address filtering (yes, I know that can easily be bypassed but it's an extra layer of protection) so my wireless is as secure as I can make it myself. I'm sure someone out there could hack it, but it would probably need more effort than its worth. I have nothing special to hide, and there are about three WEP wireless networks I can pickup as well as one totally un-secured one - which my adaptor connects to when I update the drivers :laugh:

    I used WEP until a few months back, and the only reason I didn't use WPA then is because I was bridging two wireless routers. I would hide my SSID but some laptops that use the LAN can't connect then...
     
  5. Zalmann

    Zalmann New Member

    Joined:
    Feb 25, 2007
    Messages:
    910 (0.32/day)
    Thanks Received:
    3
    Location:
    Perth, Australia
    Using MAC address filtering (through my wireless routers firewall) is the best way that I use to keep people off my wirless LAN, along with hiding my SSID.
     
  6. regan1985 New Member

    Joined:
    Jun 7, 2006
    Messages:
    1,451 (0.47/day)
    Thanks Received:
    23
    Location:
    Coventry UNI England
    yeh hiding you ssid is what most people dont do!!! if people cant see your network then is doesnt matter if they know your password
     
  7. Jimmy 2004

    Jimmy 2004 New Member

    Joined:
    Jan 15, 2005
    Messages:
    5,491 (1.53/day)
    Thanks Received:
    267
    Location:
    England
    But you've got to remember that certain hacks will let people see it (after all, your network adaptor must know it's there to connect) and Mac addresses can be cloned very easily.
     
  8. Zalmann

    Zalmann New Member

    Joined:
    Feb 25, 2007
    Messages:
    910 (0.32/day)
    Thanks Received:
    3
    Location:
    Perth, Australia
    Well, I guess you must be unlucky to have your network hacked, as most every day hackers aren't that sophisticated. As long as you've taken as much precautions as possible, then you should be right.
     
  9. kakazza New Member

    Joined:
    Aug 25, 2006
    Messages:
    470 (0.16/day)
    Thanks Received:
    7
    a) MAC Filter is useless, I would just throw your client of the WLAN and connect with mine with a spoofed MAC address

    b) Hiding SSID is useless. Do you really think antennas then don't capture packets flying around? They do, I don't even have to send a packet, I just passivly sniff whatever comes in my way. Disabling SSID broadcasting only disables the response if a client asks around "hey, any APs there?". So anyone who wants to WILL SEE your WLAN, will take no time at all.

    b1) Disablind SSID broadcasting is annoying. If people who do not know much about WLANs will see *nothing* and this just use whatever channel they want. But what if one or even many other APs in the area (yeh, the APs of cool *secure* people) use the same channel? It may or most certanly will interfere with your WLAN if they are close enough.


    oh and c)
    Anyone who can read can crack WEP, honestly... It IS that easy.



    I almost fell off my chair when I read that, lol
     
  10. watts289

    Joined:
    Aug 19, 2006
    Messages:
    281 (0.09/day)
    Thanks Received:
    4
    Location:
    New Jersey, USA
    i use 64-bit wep encryption but its ok since no one in my town barely even knows how to turn a computer on.
     
  11. Mussels

    Mussels Moderprator Staff Member

    Joined:
    Oct 6, 2004
    Messages:
    42,482 (11.48/day)
    Thanks Received:
    9,762
    one of my friends runs without any encryption at all... then again, she has a 200m long driveway, and its about 800m to the nearest neighbour :p damned country folk.
     
  12. Wile E

    Wile E Power User

    Joined:
    Oct 1, 2006
    Messages:
    24,324 (8.18/day)
    Thanks Received:
    3,778
    I keep my wireless off, unless a friend brings over a lappy. My rigs are wired.
     
  13. Zalmann

    Zalmann New Member

    Joined:
    Feb 25, 2007
    Messages:
    910 (0.32/day)
    Thanks Received:
    3
    Location:
    Perth, Australia
    Well, not everyone is a brainwave like yourself mate. Most people can barely use MS word effectively.
     
  14. kakazza New Member

    Joined:
    Aug 25, 2006
    Messages:
    470 (0.16/day)
    Thanks Received:
    7
    Well, those people are HOPEFULLY not the ones securing WLANs
     
  15. overcast New Member

    Joined:
    Jan 11, 2006
    Messages:
    737 (0.23/day)
    Thanks Received:
    2
    Yeh and those people aren't going to be responsible for protecting anything valuable.
     
  16. WarEagleAU

    WarEagleAU Bird of Prey

    Joined:
    Jul 9, 2006
    Messages:
    10,804 (3.53/day)
    Thanks Received:
    547
    Location:
    Gurley, AL
    Oh crap, hide the illegal downloads!!! ::ROFL::
     
  17. Ben Clarke

    Ben Clarke

    Joined:
    Aug 10, 2006
    Messages:
    4,403 (1.46/day)
    Thanks Received:
    152
    Location:
    England
    And security flaws is exactly why I don't use encryption.












    I know, I'm stupid. And proud to be.
     
  18. regan1985 New Member

    Joined:
    Jun 7, 2006
    Messages:
    1,451 (0.47/day)
    Thanks Received:
    23
    Location:
    Coventry UNI England
    i have googles arround to see if there is a program arround that you can just download and then use to try and brake into peoples networks but i havent found one yet, the only other way i can see if to do a lot of reading which is a lot of work to see if i can brake in2 my own network lol
     
  19. overcast New Member

    Joined:
    Jan 11, 2006
    Messages:
    737 (0.23/day)
    Thanks Received:
    2
    Are you kidding, airsnort has been around since the early days of wireless. Hello wardriving/chalking?
     
  20. ktr

    ktr

    Joined:
    Apr 7, 2006
    Messages:
    7,407 (2.35/day)
    Thanks Received:
    687
    those are linux based, and linux has a horrible support for wifi. From airsnort's site, only a selected few cards work (monitoring mode). Also the cards they stated are no longer made. In addition, that project hasnt been updated for about 2 years, tough luck getting your card to work with it. and in more addition, these program are "B" only, so force your router to "g" only and your are ok...

    look for knoppix-std v0.1, http://s-t-d.org/...this is the only few that can do the job.

    Mac filter are not crap, unless you dont know which address are programed in to the router, how in hell are you gonna spoof?

    Also, have anybody sniff packets out? Its not a 1-2 min thing...it can take couple hours to days...and the get a clean crack, a good whole week or so.

    If you can read, you can wep crack eh? Why dont you type a nice doc on how to do so. For crack wep has been such an old thing, i have yet see a proper setup that can do the job without a hitch. Plus some peeps can have 4 wep keys that rotate? start capturing packets, than swtich...all that you caped is waste.
     
    Last edited: Apr 5, 2007
  21. overcast New Member

    Joined:
    Jan 11, 2006
    Messages:
    737 (0.23/day)
    Thanks Received:
    2
    Airsnort is definitely available for windows, if you can't find anything on Google, I can't help you.
     
  22. Darkrealms

    Joined:
    Feb 26, 2007
    Messages:
    852 (0.30/day)
    Thanks Received:
    23
    Location:
    USA
    LoL, I have this router and these switches and . . . uh some thing called a RJ45 crimper ;p

    I do enjoy the networks everywhere I go that do give my laptop access.
    I was surprised about a month ago I downloaded a trial for a mac sniffer. It gave me every mac, ip, and comp name on the network. And when done gave me the pleasant option of setting my mac to what I wanted. All for FREE
     
  23. kakazza New Member

    Joined:
    Aug 25, 2006
    Messages:
    470 (0.16/day)
    Thanks Received:
    7

    a) Linux has good wifi support, my 20$ usb wifi can inject and monitor at the same time.

    b) Yes, macspoofing requires a client which is connected to the AP so you can use that MAC address. Either wait until it disconnects, or just throw it of the network and connect yourself ;)

    c) Lets see,... passivly capturing takes long yes, thus we activly *capture* by creating the needed traffic. And with that new attack you need even less IVs, not 500.000-1.000.000 but less than <100.000.
    I saw WEP being broken in less than 2 Minutes with that new attack :)

    d) Uh, google, that's what I did.
     
  24. Mussels

    Mussels Moderprator Staff Member

    Joined:
    Oct 6, 2004
    Messages:
    42,482 (11.48/day)
    Thanks Received:
    9,762
    AIrcrack/snort has indeed been updated recently... oh, and for windows too - i just hacked my own wireless network with a pentium 3 laptop, running windowsXP wiht my 55Mb Netgear PCMCIA wireless card. Just wanted to see how easy it was.

    The programs are NOT 802.11b only - i have NO idea where you got that from.

    Look up air crack, it comes with all the other programs needed, and everything works fine under windows assuming you can get the right drivers for your card.
     
  25. Easy Rhino

    Easy Rhino Linux Advocate

    Joined:
    Nov 13, 2006
    Messages:
    13,498 (4.61/day)
    Thanks Received:
    3,326
    im no expert but im pretty sure WEP has been known to be insecure for a couple of years now.

    and for the record hiding your SSID wont really protect you. as long as you are broadcasting some sort of signal someone somewhere can access it with the right tools. now granted the easiest way to avoid having your internets stolen is to hide SSID and to have a complicated access code which changes every month and to use WPA. although that isnt completely secure either. the point is to make it as hard as possible so the potontial hacker will try an easier target. even for an experienced hacker it will take several hours to capture enough packets from your signal to put together some sort of key and then several days to actually crack that information into an access code.

    some i stuff i use with freebsd are aircrack-2.41, bsd-airtools-0.3, kismet-2007, and wistumbler2
     
    Last edited: Apr 9, 2007

Currently Active Users Viewing This Thread: 1 (0 members and 1 guest)

Share This Page