The Trouble with WEP

1
The Trouble with WEP

• Or, cracking WiFi networksfor fun profit (not
  really)
• Jim Owens

2
Overview

• Background and a little history
• How WEP works
• WEPs major weaknesses
• A short course in wardriving
• Using kismet to scout out the wireless landscape
• Zeroing in with the aircrack-ng suite
• airodump, to capture traffic
• aireplay, to replay weakly encrypted packets
• aircrack, to find the key using statistical
  methods

3
Background history

• Wireless Equivalent Privacy
• Adopted in 1999 as part of 802.11 standard
• Later swallowed whole by 802.11b standard
• Initially, used only 40-bit encryption keys, due
  to technology export restrictions
• Later, expanded to 104-bit keys when export
  restrictions were eased
• Used 6 times as often as WPA/WPA2 despite known
  fatal weakness (85 / 14 / 1)
• Based on a 2006 survey in Seattle area

4
How WEP works

1. Plain text gets CRC-32 checksum appended
2. 24-bit initialization vector pre-pended to key as
   a seed for RC4 key scheduling algorithm
3. RC4s pseudo-random generation algorithm outputs
   keystream
4. Keystream XORed with plain text
5. IV in plain text pre-pended to message
6. On receipt, keystream regenerated and XORed with
   cipher text to produce plain text

5
WEPs major weaknesses

• IV space too small (224)
• On a busy network, IVs must repeat in lt 5 hours
• 50 probability that IV repeats in 5,000 packets
• RC4 algorithm produces weak IVs that can be
  correctly guessed 5 or 13 of the time
• No key management typically just one key
• IP traffic contains much known plaintext data
• Open to injected traffic that is rebroadcast

6
Wardriving Kismet

• Network detector, sniffer, IDS
• Works on 802.11b, 802.11a, 802.11g networks
• Uses passive monitoring, so hard to detect
• Logs sniffed packets in formats compatible with
  Wireshark/Tcpdump, Airsnort
• Channel surfs automatically
• Optionally, supports GPS for network location

7
Kismet Install configure

• Binary packages available for most systems
• Requires WiFi adaptor that supports monitor mode
  as capture source
• Logs traffic in popular formats
• Specify source in /etc/kismet/kismet.conf, as
  driver,device,source_name
• sourceipw2200,eth1,Stella
• Wireshark, Airsnort, etc.

8
Stella, the WiFi attack animal!
9
Wardriving Recon phase

• Use Kismet to survey WiFi landscape and to choose
  a target network
• Record necessary data for Aircrack attack
• Channel number?
• SSID?
• Access point MAC address?

10
Wardriving Kismet
11
Wardriving Attack phase

• Aircrack-ng Software for network detection,
  sniffing, WEP cracking, and analysis
• Works on 802.11b, 802.11a, 802.11g
• Uses passive monitoring packet injection
• Main tools
• aircrack-ng Cracking
• airdecap Packet decryption
• airmon Monitor mode switching
• aireplay Packet injection (Linux only)
• airodump Exports traffic to .cap files

12
Wardriving Aircrack procedure

• Bring up adapter on targets channel in monitor
  mode
• ifconfig wlan0 up iwconfig wlan0 mode
  Monitor channel 9
• Capture packets to file on channel, IVs only
  airodump wlan0 ./berlin_dump 9 1

13
Wardriving Airodump
14
Wardriving Aircrack procedure

• Find weakly-encrypted packets to replay in
  interactive mode
• aireplay -2 -b 00146C40BAA6 \
• -x 512 wlan0
• Finally, crack WEP key with captured IVs
  aircrack -n 64 berlin-dump.ivs

15
Wardriving Aireplay
16
Wardriving Aircrack
17
Summary

• WEP has numerous serious flaws
• WEP's flaws are thoroughly documented
• WEP is readily exploitable in a short time, by
  unskilled attackers, using readily available
  tools
• Strong protection is readily available
• Bottom line
• Don't use WEP, period!

18
Questions?
That's all, folks!!!