Finding my WPA key...

[Black Panther]

Yesterday while messing around one of the pc's it asked me for the WPA key. Obviously I didn't remember it at all, but restoring the registry from a backup enabled the pc to be online again.

Now this is embarrassing, I tried to log into my routers page to get the key... and my username and/or password were 'wrong'. I had them written down (had changed them from the default admin and 1234) but apparently either I had changed them again and forgot to note them down or something else is wrong?

I googled and downloaded WirelessKeyView in the hope of retrieving it, but it didn't work, just showed a blank page i.e.

Some wireless card vendors use 3-party software to connect and manage the wireless connections, instead of using the build-in wireless support that comes with Windows XP/Vista. In these cases, the wireless keys are stored in other locations, and WirelessKeyView cannot retrieve them.

Suggestions as to what I can do short of pressing router's reset button?

 

[streetfighter 2]

If you are using 3rd party wireless configuration software then what is it? Did you try googling for info on key retrieval using that particular 3rd party software?

I always use the Window's built-in wireless connection manager because of issues like this.

 

[Black Panther]

If you are using 3rd party wireless configuration software then what is it? Did you try googling for info on key retrieval using that particular 3rd party software?

I always use the Window's built-in wireless connection manager because of issues like this.

That's the issue, I am not using any third party software - so I guess this is just something WirelessKeyView doesn't work with.

 

[digibucc]

and even though you changed them, you tried the default anyway right?

 

[Black Panther]

Yup I did

 

[lilhasselhoffer]

Reset time

Sorry - stupid comment

 

[streetfighter 2]

You know you can use WirelessKeyView on any computer that's ever been connected to your wireless with the current key.

I can't imagine you only have one computer that's ever used the wireless.

Also, am I the only one that thinks the whole scenario sounds fishy? Sounds to me like your wireless was hacked.

 

[zehpavora]

Well, if you really can't reset, there's always hacking. I don't know about WPA protocols, but there are tons of hacking tools to WPE, for example. There is also a Linux Distro specially for internet hacking (although they consider it "security-check") called Backtrack. Even though I suggested it, I don`t think this goes against the rules since you'll be doing to yourself. I AM NOT suggesting you to hack other people NOR recommending it.

 

[Bo$$]

WPA will take weeks to crack if, it is not a dictionary word (if it is 6 characters long).

 

[zehpavora]

Are you sure? I am not a hacker myself, but I've read that you could crack WPA in some hours.

What you should really do is push that reset button, it's a pain to put everything back together but is far easier than trying to figure out the password.

 

[Bo$$]

it depends on how much power you have to crack the password, with Backtrack and a pair of nvidia cars it will be less

 

[Black Panther]

You know you can use WirelessKeyView on any computer that's ever been connected to your wireless with the current key.

I know now you mention it, but I hadn't thought about it before. I tried it on my own desktop since I have a fresh install of only 4 months there... All the others are much older.

Also I remember whenever I connected any pc (or even my own cellphone for that matter) I always got asked for the username and password, never for the WPA key

 

[slyfox2151]

Are you sure? I am not a hacker myself, but I've read that you could crack WPA in some hours.

What you should really do is push that reset button, it's a pain to put everything back together but is far easier than trying to figure out the password.

no.... its more like months to years to decades depending on how long the password is.

WEP can be cracked in under 5 mins.... but hes not using wep... hes using WPA.




WPA with any half decent password is not really crackable with stardard hardware.... or even low grade specialist hardware.

 

[digibucc]

well the wpa key is the password. wep is the weird numbers bit.

i thought so sly, but wasn't positive.

 

[zehpavora]

With such new information, I think your router is not configured to use WPA, but another authenticating method which I not familiar with. Maybe if you use the username and password you use for your cellphone, you may be able to access your router.

slyfox2151, I was not aware of that. I know WPA is far more secure that WEP just didn't know how harder it was to crack it. And yes, I knew he had WPA not WEP. I was suggesting based on my not-so-applicable knowledge.

 

[slyfox2151]

well the wpa key is the password. wep is the weird numbers bit.

i thought so sly, but wasn't positive.

i have done quite a bit of wireless cracking ^^..... with my current 63 random charactor password... it would take Thousands of years to even come close to brute forcing it.


if its not a dictionary word, you basicaly have NO CHANCE to crack a strong WPA password by brute force if its longer then 8 random charactors.






i think the security that asks for a user name + password to connect is a radius server..... witch i doubt is what the OP is using.......
to check what security is it, download this http://www.metageek.net/products/inssider/
run it and look for your SSID in the list, (under the privacy colum.)




but really, your best option at this point is to RESET the router and setup the wireless again with a new password using WPA2 + AES. anything over 8 charators not in the dictionary or common words ect will not be crackable, its also VERY UNLIKELY anyone will even try to crack a WPA router.... let alone yours.

change your SSID to something unique as well, no one can use a rainbow table to try and speed up a possible attack.

NOTE: the following attack chart does not include chars such as Numbers:0123456789 or punctuation:!@#$%^&*(,.<> adding those to a password would make it exponentially harder to crack.
when cracking WPA using brute force... you would be lucky to hit 1500 passwords per second on a dual core @ 4ghz.... and upto 10 000 with a GTX260.

sorry, slightly off topic.

 

[streetfighter 2]

@slyfox2151
Great post. To think I've been using NetStumbler like a sucker.

I have a ridiculously over-engineered wireless with three access points (two of which are MIMO) all running WPA-AES. My [PSK] password, which I just checked, is 20 characters long and includes numbers. I'd love to use WPA2, but some of my older wireless devices do not support it.

What gets confusing though is the terminology. I wrote this post in an effort to clear up the confusion. I've started getting in the habit of writing out wireless security structures in the following manner (to preserve my sanity ):
Certificate->Protocol-Encryption (ie. WPA2->CCMP-AES)

For instance in my network, WPA-AES (as labeled by the router settings) is actually WPA->TKIP-AES. If I had used what my router refers to as "WPA-TKIP" it would actually be WPA->TKIP-RC4.

When I was looking at some screens of inSSIDer I noticed they used the following: RSNA-CCMP. I googled around and discovered that RSNA=802.11i=WPA2. Therefore an RSNA-CCMP would be written in the aforementioned form as WPA2->CCMP-AES (because AES is default for CCMP).

Anyway, this is probably a fork of the thread, but it's definitely TPU quality material, or at least I think it is.

EDIT: If I remember correctly, attempting to brute force wireless keys on standard routers can crash or temporarily disable the router.

 

[slyfox2151]

@slyfox2151


EDIT: If I remember correctly, attempting to brute force wireless keys on standard routers can crash or temporarily disable the router.

only when trying to crack WEP with packet injection..... if you tried to send to many requests you would effectivly flood the bandwidth of the router.




the most common way to crack WPA/WPA2 is to capture the 4 way handshake when a device connects to the router. the attacker would capture this "4way handshake" and save it as a file on a storage device, he would then try to crack the encryption using any number of ways. brute force / word.... this attack has no effect on a router as the attack is just listening to the wireless traffic.

 

[Deleted member 3]

Reset the router? I see no reason not to.

 

[slyfox2151]

Reset the router? I see no reason not to.

perhaps he did.... and now his internets is not working /evil laugh!

 

[streetfighter 2]

only when trying to crack WEP with packet injection..... if you tried to send to many requests you would effectivly flood the bandwidth of the router.

I think you're right about packet injection, but WEP is not the only protocol susceptible to that. The Japanese variant of the Beck-Tews attack on WPA-TKIP also involves sending captured/modified packets to the router and can cause the router to crash/malfunction.

the most common way to crack WPA/WPA2 is to capture the 4 way handshake when a device connects to the router. the attacker would capture this "4way handshake" and save it as a file on a storage device, he would then try to crack the encryption using any number of ways. brute force / word.... this attack has no effect on a router as the attack is just listening to the wireless traffic.

I guess you gathered that I don't do a lot of wireless hacking.

This makes perfect sense though. I'll keep it in mind in case I decide to try my hand at cracking WPA/WPA2.

 

[cheesy999]

perhaps he did.... and now his internets is not working /evil laugh!

could be a lot harder then resetting just one router if their are repeaters and resetting the router would mean she'd have to enter all the passwords all over again

Are you sure your not trying to do what someone i know did and connect to a router with a similar name?

 

[slyfox2151]

hence why you should run AES not TKIP , also with that attack you listed, the security is not broken, it only allows small packets to be injected.... chances are no one is going to use that attack on a home / small buisness connection


when i was cracking my wifi connection with WPA, it took 4 hours to brute force a 6 digit password with only the numbers 012345678 and i specified the password length.









(all this talk of wireless security makes me want to have another go with my new 6core and gtx560 to see how much both the hardware and software has improved)

 

[95Viper]

Suggestions as to what I can do short of pressing router's reset button?

Yep, WirelessKeyview is sorta useless with routers. It is mainly to be used to retrieve the wireless devices login password(key).

My router screwed up, too.
I could login on the wireless and get access to the net and stuff, but the adminstrative logon would not work.
I was just on the verge of reseting it to factory defaults...
But, I decided to turn it off, left it off for a little while, then turned it on and tried the same password it said was wrong before and, this time it took it.
Don't know what the problem was. Guess the table was glitched somehow.
I know for a fact, it had not been hacked and the ISP had not had access(I locked their backdoor).

Yep, your user login to the wireless router should be the Username and the Key. It should be stored on the remote wireless devices login file, encrypted.
However, that is not the same as the router adminstrative login password, that is usually different, unless, you set it the same.
EDIT: The router login is stored on the router and not in a file on the computer; unless, you have a password cache or a saving app turned on in the OS/software.

If all else fails, you might have to do a factory reset.

Goodluck!

 

[streetfighter 2]

hence why you should run AES not TKIP

This is what I was objecting to in my earlier post. Correct me if I'm wrong but AES and TKIP are not mutually exclusive. For instance, I am currently using WPA with AES, which I believe still utilizes TKIP.

If I'm correct the use of "TKIP" or "AES" as the single defining characteristic of a wireless network is a misnomer. Hence my neologism, Certificate->Protocol-Encryption.