Gaining Access
โWired Equivalent Privacy
โOld encryption.
โUses an algorithm called RC4.
โStill used in some networks.
โCan be cracked easily.
WEP Cracking
WEP
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
Guidelines and tips
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
Community
Ask the community
Ask the community for help and clear up your study doubts
University Rankings
Discover the best universities in your country according to Docsity users
Free resources
Our save-the-student-ebooks!
Download our free guides on studying techniques, anxiety management strategies, and thesis advice from Docsity tutors
Gaining access hacking, Essays (university) of Cybercrime, Cybersecurity and Data Privacy
...dkajdahsdjasdjaisdbajsdbajsdbjashbdjbasjxhajshbcjhascjba
Typology: Essays (university)
2020/2021
1 / 30
This page cannot be seen from the preview
Don't miss anything!
Related documents
Partial preview of the text
Download Gaining access hacking and more Essays (university) Cybercrime, Cybersecurity and Data Privacy in PDF only on Docsity!
Gaining Access
โ Wired Equivalent Privacy โ Old encryption. โ Uses an algorithm called RC4. โ Still used in some networks. โ Can be cracked easily.
WEP Cracking
WEP
Access Point
internet
Client
Data to send to the router
โ Client encrypts data using a key. โ Encrypted packet sent in the air. โ Router decrypts packet using the key.
internet
Client
Access Point
โ Client encrypts data using a key. โ Encrypted packet sent in the air. โ Router decrypts packet using the key.
internet
Client
Access Point
โ Client encrypts data using a key. โ Encrypted packet sent in the air. โ Router decrypts packet using the key.
Access Point
internet
Client
โ Each packet is encrypted using a unique key stream. โ Random initialization vector (IV) is used to generate the keys streams. โ The initialization vector is only 24 bits! โ IV + Key (password) = Key stream.
Data to send to the router
internet
Client
ASDKASDIASDJA
Access Point
โ Each packet is encrypted using a unique key stream. โ Random initialization vector (IV) is used to generate the keys streams. โ The initialization vector is only 24 bits! โ IV + Key (password) = Key stream.
Keystream + "Data to send to the routerโ = ASDKASDIASDJA
internet
Client
Data to send to the router
Access Point
โ Client encrypts data using a key. โ Encrypted packet sent in the air. โ Router decrypts packet using the key.
โ IV is too small (only 24 bits). โ IV is sent in plain text.
Result:
โ IVโs will repeat on busy networks. โ This makes WEP vulnerable to statistical attacks. โ Repeated IVs can be used to determine the key stream; โ And break the encryption
WEP
Conclusion:
To crack WEP we need to:
- Capture a large number of packets/IVs. โ using airodump-ng
- Analyse the captured IVs and crack the key. โ using aircrack-ng
WEP
Problem:
โ If network is not busy. โ It would take some time to capture enough IVs.
Solution:
โ Force the AP to generate new IVs.
WEP
โ Wait for an ARP packet. โ Capture it, and replay it (retransmit it). โ This causes the AP to produce another packet with a new IV. โ Keep doing this till we have enough IVs to crack the key.
ARP Request Replay
WEP
WPA / WPA2 Cracking
WPA/WPA
โ Both can be cracked using the same methods โ Made to address the issues in WEP. โ Much more secure. โ Each packet is encrypted using a unique temporary key.
โ Packets contain no useful information.
WPA / WPA2 Cracking
WPA/WPA
โ Fixed all weaknesses in WEP. โ Packets contain no useful data. โ Only packets that can aid with the cracking process are the handshake packets. โ These are 4 packets sent when a client connects to the network.
WPA / WPA2 Cracking
โ The handshake does not contain data the helps recover the key. โ It contains data that can be used to check weather a key is valid or not.
Handshake