+ Reply to Thread
Page 2 of 2 First 12
Results 26 to 33 of 33
  1. Certification Invigilator Forum Admin JDMurray's Avatar
    Join Date
    Jul 2003
    Location
    Surf City USA
    Posts
    10,616
    Blog Entries
    50

    Certifications
    GSEC, EnCE, CISSP, SSCP, CEH (ANSI), CASP, CCNA, CCENT, CWSP, CWNA, CWTS, Security+, Server+, Network+, A+, DHTI+, PDI+, MSIT InfoSec
    #26
    Quote Originally Posted by Sie
    Also thanks for pointing out that error.
    It infact isnt a brute force, it purely is a dictionary/password list based attack. Its a looooooooong night
    No worries. Studying for the CISSP has got me nit-picking over the slightest details. I'll laugh out loud if I get a question on my exam about password cracking using brute force and lookup tables.
    Moderator of the InfoSec, CWNP, IT Jobs, Virtualization, Java, and Microsoft Developers forums at www.techexams.net
    --
    Blog: www.techexams.net/blogs/jdmurray
    LinkedIn: www.linkedin.com/in/jamesdmurray
    Twitter: www.twitter.com/jdmurray
    Reply With Quote Quote  

  2. SS -->
  3. Mobo Wizard ULWiz's Avatar
    Join Date
    Feb 2008
    Location
    Florence NJ
    Posts
    723
    #27

    Default Finally cracked a WEP and WPA Key WIreless Network

    Well just wanted to make another post on my experience with this.

    So at this point from what i understand I cant crack a WPA key unless that exact phrase is in my password lst file. This is stirctly for WPA keys though.

    Got to my friends house last night who currently only has a WEP key. Asked him if he would let me try and get in.

    Started a capture on his router and 30 minutes later i stopped the capture on him.
    Ran a aircrack command on the file i captured with his BSSID.

    Within a few seconds i had a key. Added that key to my wireless card and was able to connect to his network. Overall this process took me 35 minutes to get on.

    Really cant believe this was so simple and can definately understand why they had to move to WPA keys and a more secure standard.
    Reply With Quote Quote  

  4. Mobo Wizard ULWiz's Avatar
    Join Date
    Feb 2008
    Location
    Florence NJ
    Posts
    723
    #28
    So over this weekend I was at a few at my friends houses and they let me attempt to get their access key on both WPA and a WEP setup.

    For the attempt on the WEP i capture him just checking out random youtube vids. Captured for 30 minutes and quit. At that point the capture file was around 30mb. Ran the aircrack against his bssid and had a key within 15 seconds. Took that key and attempted to get on.
    Not sure how many IV's you actually need to capture for a WEP crack attempt.



    For the WPA attempt on my other friendsn network of course needs to go against my personal password list. So far i am still not sure how big my file is. The last one broke on the 612,906 word in my file so i would assume i am close to around 800k in possibilities. Captured on him for a while again. Got a fake WPA handshake and stopped the capture on him as well. Ran aircrack again against my password list and did not have a key before i left his house. When we got to the diner 30 minutes later it has his passphrase. Called him this morning to confirm the key and it was correct.

    So WEP can always be cracked as long as enough is captured in the air. A WPA key is almost luck depending on how many possible password you have in that file. Running complex password with symbols and lower case and upper case letter is definately a key for keeping things safe.


    Anyways just wanted to share my learning experience on this
    Reply With Quote Quote  

  5. Senior Member
    Join Date
    Mar 2007
    Posts
    12,308
    #29
    You can actually have it crack WEP in real time, so you don't have to wait for it to capture a certain amount, stop, and then try to crack it with what you have. A network with decent traffic should only take about 5-10 minutes.

    It's pretty funny that you got into his WPA as well though. So was it just a dictionary word/phrase, or was it semi-random characters? What was the length?

    I got mine from here: https://www.grc.com/passwords.htm If you're ever in MN, you're welcome to stop by and give it a try

    Do you have any idea how long it took me to enter that into my Wii with that stupid remote?
    Reply With Quote Quote  

  6. Senior Member mamono's Avatar
    Join Date
    May 2007
    Location
    Cerritos, CA
    Posts
    778

    Certifications
    A+, Net+, Security+, Server+, i-Net+, CCNA Security, CCENT, MCITP:EST, MCDST, MCTS:Vista, HDI/CSR, HDI/SCA, HDI/DST, Apple, Dell
    #30
    Quote Originally Posted by dynamik
    I got mine from here: https://www.grc.com/passwords.htm If you're ever in MN, you're welcome to stop by and give it a try
    I use the same source for my WPA passphrase and for all the WPA passphrases for any wifi networks that I setup. PITA when the passphrase gets lost, IMHO. Try writing that on a post-it to put on the router. Thank goodness for write protected USB thumb drives!


    Quote Originally Posted by dynamik
    Do you have any idea how long it took me to enter that into my Wii with that stupid remote?
    Not just the Wii, but also the Nintendo DS and PSP!
    Reply With Quote Quote  

  7. Mobo Wizard ULWiz's Avatar
    Join Date
    Feb 2008
    Location
    Florence NJ
    Posts
    723
    #31
    dynamik that is what i have been wondering myself. How many people actually use a standard word for a password. My one friend was lonestar while the other was studio54. Both where in the file i put together.

    It was definately a interesting experience and i did learn a little from it.
    Reply With Quote Quote  

  8. Mobo Wizard ULWiz's Avatar
    Join Date
    Feb 2008
    Location
    Florence NJ
    Posts
    723
    #32
    dynamik:

    That is a nutsy password and would never ever ever be cracked from a password list.

    If only more people knew its shocking how many people use a WEP key or have it open.
    There are plenty people that use a WPA key as well but definately does not come anywhere close to the number of OPN or WEP keys
    Reply With Quote Quote  

  9. Sie
    Sie is offline
    Running on caffine
    Join Date
    Dec 2005
    Location
    England, UK
    Posts
    1,207

    Certifications
    ADITP (Advanced Diploma for IT Practitioners) & MCSA (70-270, 70-290, 70-291, 70-299) | Currently working towards C|EH
    #33
    Glad you had fun

    Goes to show you should never pic dictionary words for passwords, especially not for your AP
    Reply With Quote Quote  

+ Reply to Thread
Page 2 of 2 First 12

Social Networking & Bookmarks