cracking security-enabled network keys

Get the latest on wired & wireless, talk network setups, get help with connectivity problems, web hosts, etc.
Post Reply
obidon
Hacker in Training
Posts: 95
Joined: Sun Feb 18, 2007 11:35 pm
Contact:

cracking security-enabled network keys

Post by obidon » Wed Jul 11, 2007 6:45 pm

I have XP SP2, and want to be able to connect to security-enabled networks. I am on a laptop and my wireless card is Atheros AR5005G Wireless Network Adapter. I've read some tutorials about cracking the WEP encryption keys, but they all seem to require installing software and don't seem too specific or seem to go off topic. Can someone help me by telling me what I need with the details of my condition that I'm in? A zip file to download with everything included would be preferred. Also I need to be able to connect to the networks tonight if at all, because its the last day that I have a LAN. Thanks and much appreciation.

User avatar
infinite_
Bat Country
Posts: 1353
Joined: Fri Jun 04, 2004 7:19 pm
Location: Australia

Post by infinite_ » Wed Jul 11, 2007 9:52 pm

It's hard to provide help if you don't say what your problem is or what's causing grief. There's an abundance of Windows WEP cracking guides on the net.

http://tazforum.thetazzone.com/viewtopic.php?t=6811
My effort to help you will never exceed your effort to explain the problem.

obidon
Hacker in Training
Posts: 95
Joined: Sun Feb 18, 2007 11:35 pm
Contact:

Post by obidon » Thu Jul 12, 2007 9:18 am

Well all the tutorials I've read seem to need to install lots of software, wireless drivers, etc. All I would like to download is just a zip file or something, without needing to install anything or get extra hardware.

Chocrates
Sargeant at Arms
Posts: 181
Joined: Sun Oct 08, 2006 2:22 am

Post by Chocrates » Thu Jul 12, 2007 6:25 pm

download back track 2 or nubuntu and find a guide on wep cracking
if they are using wpa as far as i know they are uncrackable at the moment
touch not the cat bot a glove

User avatar
Aniack
is a maniac!
Posts: 558
Joined: Tue Aug 26, 2003 4:31 pm
Location: ME
Contact:

Post by Aniack » Thu Jul 12, 2007 6:39 pm

Chocrates wrote:download back track 2 or nubuntu and find a guide on wep cracking
if they are using wpa as far as i know they are uncrackable at the moment
Actually you can bruteforce WPA. So obviously it isn't as quick and painless as modern WEP cracking but it can be done.
I got your number. I steal your thunder.
I got your mother's maiden name tattooed on my arm.

User avatar
IceDane
Because I Can
Posts: 2652
Joined: Wed May 12, 2004 9:25 am

Post by IceDane » Fri Jul 13, 2007 4:42 am

Aniack wrote:
Chocrates wrote:download back track 2 or nubuntu and find a guide on wep cracking
if they are using wpa as far as i know they are uncrackable at the moment
Actually you can bruteforce WPA. So obviously it isn't as quick and painless as modern WEP cracking but it can be done.
Of course you can, you can brute-force anything given the proper amount of time.

Just glancing at the wikipedia page, I've gathered(Perhaps incorrectly) that you can have either 128 bit keys or 256 bit key.

In either case, it's a huge number of possible keys you'd have to brute-force.

Just assuming you'd be able to brute-force 5 million passwords a second(Improbable, unless you're generating the keys and storing them on a hard-drive for faster brute-forcing) and just trying to brute-force the 128 bit key, going through all possibilities would take

68056473384187692692674921486354 seconds or
18904575940052136859076367079,543 hours or
787690664168839035794848628,31428 days or
2158056614161202837794105,830998 years.

Yer.

Please kick me in the teeth in a verbal fashion if my logic is off.

User avatar
Aniack
is a maniac!
Posts: 558
Joined: Tue Aug 26, 2003 4:31 pm
Location: ME
Contact:

Post by Aniack » Fri Jul 13, 2007 2:46 pm

IceDane wrote:Of course you can, you can brute-force anything given the proper amount of time.

Just glancing at the wikipedia page, I've gathered(Perhaps incorrectly) that you can have either 128 bit keys or 256 bit key.

In either case, it's a huge number of possible keys you'd have to brute-force.

Just assuming you'd be able to brute-force 5 million passwords a second(Improbable, unless you're generating the keys and storing them on a hard-drive for faster brute-forcing) and just trying to brute-force the 128 bit key, going through all possibilities would take

68056473384187692692674921486354 seconds or
18904575940052136859076367079,543 hours or
787690664168839035794848628,31428 days or
2158056614161202837794105,830998 years.

Yer.

Please kick me in the teeth in a verbal fashion if my logic is off.
Assuming they are not using personal mode (PSK mode) or are using strong passwords I see no flaw in your logic.

...Though using a program like cowpatty with a relatively large dictionary file (with 'words' that are a minimum eight characters in length) against a WAP with WPA protection in PSK mode it should take little more than a day or two to run through the list. Typically home users and small business will use PSK mode and home users are much more likely to use weak passwords.
I got your number. I steal your thunder.
I got your mother's maiden name tattooed on my arm.

fivefold
htd0rg lieutenant
Posts: 412
Joined: Thu Feb 23, 2006 5:02 pm
Location: YXJlbid0IHlvdSBjbGV2ZXIu

Post by fivefold » Sat Jul 14, 2007 1:21 am

Are we discounting the possibility of massive parallel computing via a battery of Field Programmable Gate Arrays? I'm new to the whole "wireless hacking" thing (I got into it for the instant gratification of it, I don't know about any of you), so please correct me if I'm wrong.
Buffalo buffalo Buffalo buffalo buffalo buffalo Buffalo buffalo.

obidon
Hacker in Training
Posts: 95
Joined: Sun Feb 18, 2007 11:35 pm
Contact:

Post by obidon » Sun Jul 15, 2007 2:32 pm

fivefold wrote: I'm new to the whole "wireless hacking" thing


Doesn't seem like it.
fivefold wrote:Are we discounting the possibility of massive parallel computing via a battery of Field Programmable Gate Arrays?

User avatar
Aniack
is a maniac!
Posts: 558
Joined: Tue Aug 26, 2003 4:31 pm
Location: ME
Contact:

Post by Aniack » Sun Jul 15, 2007 3:35 pm

fivefold wrote:Are we discounting the possibility of massive parallel computing via a battery of Field Programmable Gate Arrays? I'm new to the whole "wireless hacking" thing (I got into it for the instant gratification of it, I don't know about any of you), so please correct me if I'm wrong.
That's a novel idea but it comes down to a question of practicality. How many FPGAs would one need to put a serious dent in the amount of time to crack said key, how many FPGAs can be fitted on a board, how large will the board(s) be, how much will it cost to deploy said solution and how much power will the set up need to draw (I.E. will it draw more than a car battery can easily handle)? There's also the fact that a WAP can only handle so much throughput. I'm not too into EE, so I actually am curious.
I got your number. I steal your thunder.
I got your mother's maiden name tattooed on my arm.

fivefold
htd0rg lieutenant
Posts: 412
Joined: Thu Feb 23, 2006 5:02 pm
Location: YXJlbid0IHlvdSBjbGV2ZXIu

Post by fivefold » Sun Jul 15, 2007 8:41 pm

Aniack wrote:
fivefold wrote:Are we discounting the possibility of massive parallel computing via a battery of Field Programmable Gate Arrays? I'm new to the whole "wireless hacking" thing (I got into it for the instant gratification of it, I don't know about any of you), so please correct me if I'm wrong.
That's a novel idea but it comes down to a question of practicality. How many FPGAs would one need to put a serious dent in the amount of time to crack said key, how many FPGAs can be fitted on a board, how large will the board(s) be, how much will it cost to deploy said solution and how much power will the set up need to draw (I.E. will it draw more than a car battery can easily handle)? There's also the fact that a WAP can only handle so much throughput. I'm not too into EE, so I actually am curious.
As far as I know, an FPGA only consumes maybe slightly more power than a conventional ASIC, and are only slightly larger (so you could fit many onto a board). Also, since an FPGA's computational power is easily parallelized, it probably wouldn't take more than 20 FPGAs working together more than a half an hour to crack a civilian-strength encryption.

Of course, cost is an issue. Last I heard, a low-end FPGA costs about $100, and you would need several to achieve these kinds of results. I'm betting most hackers either couldn't afford that, or couldn't rationalize the cost, so yes cost is a major concern as to practicality.

I don't know much about cryptography, so I may be wrong here, but isn't there a way to sniff some of the encrypted wireless traffic and predict its content based on various metrics (such as packet size, computational time taken between packets, etc)? Then from that you could brute force the key? (I don't actually know, this is a question in reply to your throughput concern).
Buffalo buffalo Buffalo buffalo buffalo buffalo Buffalo buffalo.

healthyju
n00b
Posts: 1
Joined: Wed Apr 29, 2009 10:03 pm

Re: cracking security-enabled network keys

Post by healthyju » Thu Apr 30, 2009 10:57 am

that is true you have to have more than two days to run and if according to my experience only the home users are likely to use weak passwords

Juices Drinks

Post Reply