WEP Cracking In Windows XP

WEP Cracking In Windows XP

Postby c0br4 » Sat Aug 28, 2004 12:01 pm

I have a compaq nx5000 laptop, but I have not managed to et any WEP cracking tools at all that will run in windows, I have tried using P.H.L.A.K. but it will not support my wireless built into this laptop, and I cannot put LINUX on my laptop as I need windows XP for work and it would be a bit awkward having windows xp and linux on one 40gb hard drive, I need something to hack a WEP key that will run in windows XP,


Any help would be appreciated,

c0br4
c0br4
Mini Stumbler
 
Posts: 1
Joined: Sat Aug 28, 2004 11:53 am

Postby King_Ice_Flash » Sat Aug 28, 2004 12:56 pm

c0br4 wrote:I have a compaq nx5000 laptop, but I have not managed to et any WEP cracking tools at all that will run in windows, I have tried using P.H.L.A.K. but it will not support my wireless built into this laptop, and I cannot put LINUX on my laptop as I need windows XP for work and it would be a bit awkward having windows xp and linux on one 40gb hard drive, I need something to hack a WEP key that will run in windows XP,


Any help would be appreciated,

c0br4

S.O.L.
I have Fedora core 1, XP, and 98 on my laptop that has a 20GB HD. There are no wep cracking tools for xp.
"Yeah," said a voice from under the table, "you go to pieces so fast people get hit by the shrapnel."
User avatar
King_Ice_Flash
 
Posts: 2658
Joined: Tue May 20, 2003 11:00 am
Location: WI

Postby agentgrn » Sun Aug 29, 2004 2:57 am

Getting an el-cheapo laptop off eBay is your only real solution. XP doesn't have a lot of good toys since just about none of the drivers support monitor mode.
-A.G.-
agentgrn
 
Posts: 517
Joined: Sun May 26, 2002 6:44 am
Location: Worcester, MA

Postby devine » Sun Aug 29, 2004 6:04 am

agentgrn wrote:Getting an el-cheapo laptop off eBay is your only real solution. XP doesn't have a lot of good toys since just about none of the drivers support monitor mode.


Well, I just found out the Agere 7.82.0.550 driver supports my Prism2 card, and AiroPeek will happily use it to capture packets :cool:

For some reason this only works with XP, under Windows 2000 AiroPeek fails to capture any packet.
devine
 
Posts: 389
Joined: Thu Jul 29, 2004 10:09 am
Location: Paris

weplab for windows

Postby topolb » Mon Aug 30, 2004 1:44 am

King_Ice_Flash wrote:S.O.L.
I have Fedora core 1, XP, and 98 on my laptop that has a 20GB HD. There are no wep cracking tools for xp.


Actually weplab 0.1.0 is available for Windows at http://www.sourceforge.net/projects/weplab

Problem, is that capture does not work under Windows. People have reported to use Airopeek to capture packets, convert the file into pcap format with ethereal and then crack the WEP key with weplab.
topolb
Mini Stumbler
 
Posts: 67
Joined: Tue Jun 08, 2004 2:51 am

Postby Evil_Genius » Mon Aug 30, 2004 3:58 am

I don't understand the mods' policy on this forum---they move my post to the "newbie bin" simply for calling another users' comments "flippant", BUT they allow you to discuss WEP cracking (which is against their board policy!) without the slightest criticism!?
Evil_Genius
 

Postby King_Ice_Flash » Mon Aug 30, 2004 4:01 am

Evil_Genius wrote:I don't understand the mods' policy on this forum---they move my post to the "newbie bin" simply for calling another users' comments "flippant", BUT they allow you to discuss WEP cracking (which is against their board policy!) without the slightest criticism!?

No, Wep cracking is a security risk which we are discussing. We are not telling you to go crack someone else's WIFI. Many of our forum members are hackers, this does not mean that they do illegal activities.
"Yeah," said a voice from under the table, "you go to pieces so fast people get hit by the shrapnel."
User avatar
King_Ice_Flash
 
Posts: 2658
Joined: Tue May 20, 2003 11:00 am
Location: WI

Postby Chris » Mon Aug 30, 2004 4:11 am

King_Ice_Flash wrote:No, Wep cracking is a security risk which we are discussing. We are not telling you to go crack someone else's WIFI. Many of our forum members are hackers, this does not mean that they do illegal activities.



Not to mention the fact that cracking WEP is basically a waste of time. Cracking a decently generated WEP key (in other words so that WEPAttack or other dictionary based crackers won't work) takes so long as to be counter productive. Ask around. Other than folks that have cracked their own WEP key there are very few people that have successfully cracked a WEP key. It just takes too long and there are other, easier ways to attack a network. We have discussed this repeatedly on this forum so I am not going to rehash it all here, but when you are doing a full penetration test (read: not just the WLAN) it makes more sense to attack something other than the WLAN first. You will find a much higher, quicker success.
perl -e 'print pack(c5, (41*2), sqrt(7056), (unpack(c,H)-2), oct(115), 10)'
User avatar
Chris
 
Posts: 1141
Joined: Mon Jul 15, 2002 4:00 am

Postby King_Ice_Flash » Mon Aug 30, 2004 4:14 am

Chris wrote:Not to mention the fact that cracking WEP is basically a waste of time. Cracking a decently generated WEP key (in other words so that WEPAttack or other dictionary based crackers won't work) takes so long as to be counter productive. Ask around. Other than folks that have cracked their own WEP key there are very few people that have successfully cracked a WEP key. It just takes too long and there are other, easier ways to attack a network. We have discussed this repeatedly on this forum so I am not going to rehash it all here, but when you are doing a full penetration test (read: not just the WLAN) it makes more sense to attack something other than the WLAN first. You will find a much higher, quicker success.

Should I mention you are one of the hackers?
"Yeah," said a voice from under the table, "you go to pieces so fast people get hit by the shrapnel."
User avatar
King_Ice_Flash
 
Posts: 2658
Joined: Tue May 20, 2003 11:00 am
Location: WI

Postby topolb » Mon Aug 30, 2004 4:43 am

Chris wrote:Not to mention the fact that cracking WEP is basically a waste of time. Cracking a decently generated WEP key (in other words so that WEPAttack or other dictionary based crackers won't work) takes so long as to be counter productive. Ask around. Other than folks that have cracked their own WEP key there are very few people that have successfully cracked a WEP key. It just takes too long and there are other, easier ways to attack a network. We have discussed this repeatedly on this forum so I am not going to rehash it all here, but when you are doing a full penetration test (read: not just the WLAN) it makes more sense to attack something other than the WLAN first. You will find a much higher, quicker success.


Will all respect. You seem to have no idea of what you are talking about.

It is possible to crack a 64 or 128 bit key in less than 30 seconds with enough packets. It is also possible to use statistical methods to crack the key even with patched firmware cards. And it is also possible to generate traffic on the wlan (without knowing the key) to gather enough packets to launch a sucesfull statistical based attack and recover the key.

And, many enterprises have their wlan directly connected to the lan, thus if you manage to crack the wep, you have bypassed their perimetral security (firewall). Sometimes (depending on the mode on which the AP is set) it is possible to launch an arp-poisson based sniffing from the wlan to get the traffic on the internal LAN, making password sniffing, connection hijacking, identify spoofing, and of course accessing many servers and services that can only be accessed from inside.

If you still think that there are only few people who have cracked WEP encryption, you should seek for the right tools to do it.

And finally, talking about security is legal. We are not talking about entering other's network, but talking about the security of the WEP encryption algorithm for wireless networks. But... perhaps, as Matrix said,... "en la ignorancia se encuentra la felicidad"...

Regards,
topolb
Mini Stumbler
 
Posts: 67
Joined: Tue Jun 08, 2004 2:51 am

Postby King_Ice_Flash » Mon Aug 30, 2004 4:52 am

topolb wrote:Will all respect. You seem to have no idea of what you are talking about.

It is possible to crack a 64 or 128 bit key in less than 30 seconds with enough packets. It is also possible to use statistical methods to crack the key even with patched firmware cards. And it is also possible to generate traffic on the wlan (without knowing the key) to gather enough packets to launch a sucesfull statistical based attack and recover the key.

And, many enterprises have their wlan directly connected to the lan, thus if you manage to crack the wep, you have bypassed their perimetral security (firewall). Sometimes (depending on the mode on which the AP is set) it is possible to launch an arp-poisson based sniffing from the wlan to get the traffic on the internal LAN, making password sniffing, connection hijacking, identify spoofing, and of course accessing many servers and services that can only be accessed from inside.

If you still think that there are only few people who have cracked WEP encryption, you should seek for the right tools to do it.

And finally, talking about security is legal. We are not talking about entering other's network, but talking about the security of the WEP encryption algorithm for wireless networks. But... perhaps, as Matrix said,... "en la ignorancia se encuentra la felicidad"...

Regards,

Since we already derailed this thread, can you merge the pcap files from airopeek in ethereal? I don't get enough data in the short time they give you.
"Yeah," said a voice from under the table, "you go to pieces so fast people get hit by the shrapnel."
User avatar
King_Ice_Flash
 
Posts: 2658
Joined: Tue May 20, 2003 11:00 am
Location: WI

Postby Chris » Mon Aug 30, 2004 5:02 am

topolb wrote:Will all respect. You seem to have no idea of what you are talking about.

It is possible to crack a 64 or 128 bit key in less than 30 seconds with enough packets. It is also possible to use statistical methods to crack the key even with patched firmware cards. And it is also possible to generate traffic on the wlan (without knowing the key) to gather enough packets to launch a sucesfull statistical based attack and recover the key.

And, many enterprises have their wlan directly connected to the lan, thus if you manage to crack the wep, you have bypassed their perimetral security (firewall). Sometimes (depending on the mode on which the AP is set) it is possible to launch an arp-poisson based sniffing from the wlan to get the traffic on the internal LAN, making password sniffing, connection hijacking, identify spoofing, and of course accessing many servers and services that can only be accessed from inside.

If you still think that there are only few people who have cracked WEP encryption, you should seek for the right tools to do it.

And finally, talking about security is legal. We are not talking about entering other's network, but talking about the security of the WEP encryption algorithm for wireless networks. But... perhaps, as Matrix said,... "en la ignorancia se encuentra la felicidad"...

Regards,



Yep, you are right. I have absolutely no idea what I am talking about. I have never done any work with WEP cracking and am just talking out my ass. Thanks for pointing that out.
perl -e 'print pack(c5, (41*2), sqrt(7056), (unpack(c,H)-2), oct(115), 10)'
User avatar
Chris
 
Posts: 1141
Joined: Mon Jul 15, 2002 4:00 am

Postby topolb » Mon Aug 30, 2004 5:06 am

King_Ice_Flash wrote:Since we already derailed this thread, can you merge the pcap files from airopeek in ethereal? I don't get enough data in the short time they give you.


Sorry I have never used airopeek. It must be somewhere a tool that merges serveral pcap files. I do not remember if ethereal can do it.
How much packets (data packets) do you have?
topolb
Mini Stumbler
 
Posts: 67
Joined: Tue Jun 08, 2004 2:51 am

Postby sylvain » Mon Aug 30, 2004 5:07 am

Chris wrote:Yep, you are right. I have absolutely no idea what I am talking about. I have never done any work with WEP cracking and am just talking out my ass. Thanks for pointing that out.


you should try the new tools : aicrack and weplab, especially with packets reinjection...maybe once you've managed to crack your key easily you won't be so aggresive...and realize that it is not hard to crack WEP keys..
for example it took me 15 minutes to crack the WEP keys (128 bits, changed every 30 minutes and generated to be "good" wep keys...)used in my firm...
sylvain
 
Posts: 175
Joined: Mon Jun 21, 2004 5:57 am
Location: Paris, France

Postby topolb » Mon Aug 30, 2004 5:12 am

Chris wrote:Yep, you are right. I have absolutely no idea what I am talking about. I have never done any work with WEP cracking and am just talking out my ass. Thanks for pointing that out.


Hey Chris. Don't be bothered!

Tell me why do you say that it is difficult to crack wep encryption. Do you know any firmware that avoid all statistical attacks?

Perhaps you meant WPA2 (AES) instead of WEP (rc4). Otherwise I cannot find any sense to your comment that cracking wep is nearly impossible.
topolb
Mini Stumbler
 
Posts: 67
Joined: Tue Jun 08, 2004 2:51 am

Next

Return to Windows

Who is online

Users browsing this forum: No registered users and 2 guests

cron