• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.
  • The forums have been upgraded with support for dark mode. By default it will follow the setting on your system/browser. You may override it by scrolling to the end of the page and clicking the gears icon.

WEP Encryption Completely Broken

Jimmy 2004

Jimmy 2004

New Member
Joined
Jan 15, 2005
Messages
5,458 (0.73/day)
Location
England
System Specs
System Name Jimmy 2004's PC
Processor S754 AMD Athlon64 3200+ @ 2640MHz
Motherboard ASUS K8N
Cooling AC Freezer 64 Pro + Zalman VF1000 + 5x120mm Antec TriCool Case Fans
Memory 1GB Kingston PC3200 (2x512MB)
Video Card(s) Saphire 256MB X800 GTO @ 450MHz/560MHz (Core/Memory)
Storage 500GB Western Digital SATA II + 80GB Maxtor DiamondMax SATA
Display(s) Digimate 17" TFT (1280x1024)
Case Antec P182
Audio Device(s) Audigy 4 + Creative Inspire T7900 7.1 Speakers
Power Supply Corsair HX520W
Software Windows XP Home
WEP (Wired Equivalent Privacy), the technology used to secure many wireless networks around the world, has been demonstrated to be extremely insecure in new research by a team of cryptographic researchers at the University of Darmstadt in Germany. Using information collected by previous studies that demonstrated correlations in the encryption used by WEP, the team found that they could recover a 104-bit WEP key 50% of the time using just 40,000 captured packets, increasing to a 95% success rate with 85,000 packets. To put it into perspective, 40,000 packets can be captured in under a minute, and a 1.7GHz Pentium M can them work out the WEP key in about three seconds. WEP has been known to have security flaws since 2001, but this latest research demonstrates how weak the technology has become in recent years - if your hardware supports WPA or WPA2 it is highly recommended that you shift to that if you are worried about keeping hackers out of your wireless network.

Source:University of Darmstadt via The Inquirer

View at TechPowerUp Main Site
 
This is why i like wires over wireless.
 
i could use whatever tools they cracked the wireless with... got a lot of people i know who dont beleive me that its crackable, and need someone to do it in front of them before they'll go wired :(
 
Mussels said:
i could use whatever tools they cracked the wireless with... got a lot of people i know who dont beleive me that its crackable, and need someone to do it in front of them before they'll go wired :(
Click to expand...

I use WPA2 AES/PSK on my wireless network (with a secure key - over 20 characters, a mix of numbers, letters and symbols) as well as MAC address filtering (yes, I know that can easily be bypassed but it's an extra layer of protection) so my wireless is as secure as I can make it myself. I'm sure someone out there could hack it, but it would probably need more effort than its worth. I have nothing special to hide, and there are about three WEP wireless networks I can pickup as well as one totally un-secured one - which my adaptor connects to when I update the drivers :laugh:

I used WEP until a few months back, and the only reason I didn't use WPA then is because I was bridging two wireless routers. I would hide my SSID but some laptops that use the LAN can't connect then...
 
Using MAC address filtering (through my wireless routers firewall) is the best way that I use to keep people off my wirless LAN, along with hiding my SSID.
 
yeh hiding you ssid is what most people dont do!!! if people cant see your network then is doesnt matter if they know your password
 
regan1985 said:
yeh hiding you ssid is what most people dont do!!! if people cant see your network then is doesnt matter if they know your password
Click to expand...

But you've got to remember that certain hacks will let people see it (after all, your network adaptor must know it's there to connect) and Mac addresses can be cloned very easily.
 
Well, I guess you must be unlucky to have your network hacked, as most every day hackers aren't that sophisticated. As long as you've taken as much precautions as possible, then you should be right.
 
a) MAC Filter is useless, I would just throw your client of the WLAN and connect with mine with a spoofed MAC address

b) Hiding SSID is useless. Do you really think antennas then don't capture packets flying around? They do, I don't even have to send a packet, I just passivly sniff whatever comes in my way. Disabling SSID broadcasting only disables the response if a client asks around "hey, any APs there?". So anyone who wants to WILL SEE your WLAN, will take no time at all.

b1) Disablind SSID broadcasting is annoying. If people who do not know much about WLANs will see *nothing* and this just use whatever channel they want. But what if one or even many other APs in the area (yeh, the APs of cool *secure* people) use the same channel? It may or most certanly will interfere with your WLAN if they are close enough.


oh and c)
Anyone who can read can crack WEP, honestly... It IS that easy.



regan1985 said:
yeh hiding you ssid is what most people dont do!!! if people cant see your network then is doesnt matter if they know your password
Click to expand...

I almost fell off my chair when I read that, lol
 
i use 64-bit wep encryption but its ok since no one in my town barely even knows how to turn a computer on.
 
one of my friends runs without any encryption at all... then again, she has a 200m long driveway, and its about 800m to the nearest neighbour :P damned country folk.
 
I keep my wireless off, unless a friend brings over a lappy. My rigs are wired.
 
kakazza said:
a) MAC Filter is useless, I would just throw your client of the WLAN and connect with mine with a spoofed MAC address

b) Hiding SSID is useless. Do you really think antennas then don't capture packets flying around? They do, I don't even have to send a packet, I just passivly sniff whatever comes in my way. Disabling SSID broadcasting only disables the response if a client asks around "hey, any APs there?". So anyone who wants to WILL SEE your WLAN, will take no time at all.

b1) Disablind SSID broadcasting is annoying. If people who do not know much about WLANs will see *nothing* and this just use whatever channel they want. But what if one or even many other APs in the area (yeh, the APs of cool *secure* people) use the same channel? It may or most certanly will interfere with your WLAN if they are close enough.


oh and c)
Anyone who can read can crack WEP, honestly... It IS that easy.





I almost fell off my chair when I read that, lol
Click to expand...

Well, not everyone is a brainwave like yourself mate. Most people can barely use MS word effectively.
 
Zalmann said:
Well, not everyone is a brainwave like yourself mate. Most people can barely use MS word effectively.
Click to expand...
Yeh and those people aren't going to be responsible for protecting anything valuable.
 
Oh crap, hide the illegal downloads!!! ::ROFL::
 
And security flaws is exactly why I don't use encryption.












I know, I'm stupid. And proud to be.
 
i have googles arround to see if there is a program arround that you can just download and then use to try and brake into peoples networks but i havent found one yet, the only other way i can see if to do a lot of reading which is a lot of work to see if i can brake in2 my own network lol
 
regan1985 said:
i have googles arround to see if there is a program arround that you can just download and then use to try and brake into peoples networks but i havent found one yet, the only other way i can see if to do a lot of reading which is a lot of work to see if i can brake in2 my own network lol
Click to expand...
Are you kidding, airsnort has been around since the early days of wireless. Hello wardriving/chalking?
 
those are linux based, and linux has a horrible support for wifi. From airsnort's site, only a selected few cards work (monitoring mode). Also the cards they stated are no longer made. In addition, that project hasnt been updated for about 2 years, tough luck getting your card to work with it. and in more addition, these program are "B" only, so force your router to "g" only and your are ok...

look for knoppix-std v0.1, http://s-t-d.org/...this is the only few that can do the job.

Mac filter are not crap, unless you dont know which address are programed in to the router, how in hell are you gonna spoof?

Also, have anybody sniff packets out? Its not a 1-2 min thing...it can take couple hours to days...and the get a clean crack, a good whole week or so.

If you can read, you can wep crack eh? Why dont you type a nice doc on how to do so. For crack wep has been such an old thing, i have yet see a proper setup that can do the job without a hitch. Plus some peeps can have 4 wep keys that rotate? start capturing packets, than swtich...all that you caped is waste.
 
Last edited:
Airsnort is definitely available for windows, if you can't find anything on Google, I can't help you.
 
LoL, I have this router and these switches and . . . uh some thing called a RJ45 crimper ;p

I do enjoy the networks everywhere I go that do give my laptop access.
I was surprised about a month ago I downloaded a trial for a mac sniffer. It gave me every mac, ip, and comp name on the network. And when done gave me the pleasant option of setting my mac to what I wanted. All for FREE
 
ktr said:
those are linux based, and linux has a horrible support for wifi. From airsnort's site, only a selected few cards work (monitoring mode). Also the cards they stated are no longer made. In addition, that project hasnt been updated for about 2 years, tough luck getting your card to work with it. and in more addition, these program are "B" only, so force your router to "g" only and your are ok...

look for knoppix-std v0.1, http://s-t-d.org/...this is the only few that can do the job.

Mac filter are not crap, unless you dont know which address are programed in to the router, how in hell are you gonna spoof?

Also, have anybody sniff packets out? Its not a 1-2 min thing...it can take couple hours to days...and the get a clean crack, a good whole week or so.

If you can read, you can wep crack eh? Why dont you type a nice doc on how to do so. For crack wep has been such an old thing, i have yet see a proper setup that can do the job without a hitch. Plus some peeps can have 4 wep keys that rotate? start capturing packets, than swtich...all that you caped is waste.
Click to expand...


a) Linux has good wifi support, my 20$ usb wifi can inject and monitor at the same time.

b) Yes, macspoofing requires a client which is connected to the AP so you can use that MAC address. Either wait until it disconnects, or just throw it of the network and connect yourself ;)

c) Lets see,... passivly capturing takes long yes, thus we activly *capture* by creating the needed traffic. And with that new attack you need even less IVs, not 500.000-1.000.000 but less than <100.000.
I saw WEP being broken in less than 2 Minutes with that new attack :)

d) Uh, google, that's what I did.
 
ktr said:
those are linux based, and linux has a horrible support for wifi. From airsnort's site, only a selected few cards work (monitoring mode). Also the cards they stated are no longer made. In addition, that project hasnt been updated for about 2 years, tough luck getting your card to work with it. and in more addition, these program are "B" only, so force your router to "g" only and your are ok...

look for knoppix-std v0.1, http://s-t-d.org/...this is the only few that can do the job.

Mac filter are not crap, unless you dont know which address are programed in to the router, how in hell are you gonna spoof?

Also, have anybody sniff packets out? Its not a 1-2 min thing...it can take couple hours to days...and the get a clean crack, a good whole week or so.

If you can read, you can wep crack eh? Why dont you type a nice doc on how to do so. For crack wep has been such an old thing, i have yet see a proper setup that can do the job without a hitch. Plus some peeps can have 4 wep keys that rotate? start capturing packets, than swtich...all that you caped is waste.
Click to expand...

AIrcrack/snort has indeed been updated recently... oh, and for windows too - i just hacked my own wireless network with a pentium 3 laptop, running windowsXP wiht my 55Mb Netgear PCMCIA wireless card. Just wanted to see how easy it was.

The programs are NOT 802.11b only - i have NO idea where you got that from.

Look up air crack, it comes with all the other programs needed, and everything works fine under windows assuming you can get the right drivers for your card.
 
im no expert but im pretty sure WEP has been known to be insecure for a couple of years now.

and for the record hiding your SSID wont really protect you. as long as you are broadcasting some sort of signal someone somewhere can access it with the right tools. now granted the easiest way to avoid having your internets stolen is to hide SSID and to have a complicated access code which changes every month and to use WPA. although that isnt completely secure either. the point is to make it as hard as possible so the potontial hacker will try an easier target. even for an experienced hacker it will take several hours to capture enough packets from your signal to put together some sort of key and then several days to actually crack that information into an access code.

some i stuff i use with freebsd are aircrack-2.41, bsd-airtools-0.3, kismet-2007, and wistumbler2
 
Last edited:
You must log in or register to reply here.
Back
Top