Help - Search - Members - Calendar
Full Version: Cracking Wep
OESF Forums > General Forums > General Support and Discussion > Software
PrOtOn
Any software that will crack WEP under 5500 collie?

And what is the use of kismet.dump file? All I see is "private".

Thanks in advance.
jfv
This is for purely educational purposes, right?

Search the forums for aircrack. It does work on a 5500 in principle but you'll need a very large swap file. You'll feed it kismet.dump and after a long time it will report the WEP key. That's in theory, because as far as I know nobody has managed to successfully crack a WEP key on a Zaurus.

Felipe
BarryW
Took me 8 hours on a P1. That was a 64bit wep key. It's never cracked my 128bit wep key. Don't know if the Z has enough horsepower to do it.
Stubear
It's not a matter or processing power - the Z has enough - its a matter of feeding aircrack enough weak IV for it to have something to work with, approx 1 million IVs for 128bit key I remember reading somewhere.

You'll need to get aireplay or another Z to help generate enough packets otherwise you'll be there for months wink.gif

Stu
undrwater
OK...
So I've got an AP in my lab...and I've forgotten the wep key. It's set at 128. I notice aircrack has a debug option that allows you to add the first (few?) wep hex #'s.

How long should this take? I've got a dual processor 600MHz pent on the job and it's been about a week (I've included the option for more processes).
BarryW
Just to let you know, sometimes it never cracks it. I used airsnort when I did my network. Was also running iTunes through my airport express for 8 hours. That's a lot of packets. Unless you are transfering dvd iso's or something like that you won't get that kind of thruput. Wep cracking is kind of cool to say that you did it, but not very practical. The easiest wasy to "fix" your access point is do a hard reset and start over. I also don't believe aircrack is multi-threaded so you have a 600mhz pentium running it. The other processor would let you do someting else without a big hit on proformance. You also need weak packets, some access points don't transmit them.
undrwater
QUOTE(BarryW @ Jul 16 2005, 12:15 PM)
  I also don't believe aircrack is multi-threaded so you have a 600mhz pentium running it.  The other processor would let you do someting else without a big hit on proformance.  You also need weak packets, some access points don't transmit them.
*

CODE
bash-2.05$ aircrack --help
aircrack: invalid option -- -

 aircrack 2.1 - (C) 2004 Christophe Devine

 usage: aircrack [options] <pcap file> <pcap file> ...

     -d <start> : debug - specify beginning of the key
     -f <fudge> : bruteforce fudge factor (default: 2)
     -m <maddr> : MAC address to filter usable packets
     -n <nbits> : WEP key length: 64 / 128 / 256 / 512
     -p <nfork> : SMP support: # of processes to start


I thought that -p option allowed for multi-processor...
BarryW
Cool! Didn't see that. My bad.
PrOtOn
So, Kismet won't do anything. And I need aircrack to get more packets and if luck, some weak packets.
Cool, I will try some hands on onto this "lab".
And yes, it's just to see if I can crack my own wep key. A lot of people cracks WEPs in my condo just to get free internet, when "good" people like me pay $45 monthly.

Thanks for the responses.
speculatrix
you can use wellenreiter as a packet capture too, if I recall correctly.
PrOtOn
Yeah, I have wellenreiter and Kismet. Both running like a charm.
It's weird that sometimes I try to connect to a network that wellenreiter found (keyless) and my Network Application can't connect to it.
BarryW
QUOTE(PrOtOn @ Jul 21 2005, 04:08 AM)
Yeah, I have wellenreiter and Kismet. Both running like a charm.
It's weird that sometimes I try to connect to a network that wellenreiter found (keyless) and my Network Application can't connect to it.
*



Man I hope you're not in the states... Anyway wep or wpa isn't the only security measure on wireless networks. They could also be using a captive portal network, or mac authintication.
PrOtOn
QUOTE(BarryW @ Jul 21 2005, 09:57 AM)
QUOTE(PrOtOn @ Jul 21 2005, 04:08 AM)
Yeah, I have wellenreiter and Kismet. Both running like a charm.
It's weird that sometimes I try to connect to a network that wellenreiter found (keyless) and my Network Application can't connect to it.
*



Man I hope you're not in the states... Anyway wep or wpa isn't the only security measure on wireless networks. They could also be using a captive portal network, or mac authintication.
*


Belive me, if my condo's neighboors knew about mac authentication, then they would for sure enable wep on ther home routers.
BarryW
Just for giggles...

Unlawful use of computer and other computer crimes.

(a) Offense defined.--A person commits the offense of unlawful use of a computer if he:

(1) accesses or exceeds authorization to access, alters, damages or destroys any computer, computer system, computer network, computer software, computer program, computer database, World Wide Web site or telecommunication device or any part thereof with the intent to interrupt the normal functioning of a person or to devise or execute any scheme or artifice to defraud or deceive or control property or services by means of false or fraudulent pretenses, representations or promises;

(2) intentionally and without authorization accesses or exceeds authorization to access, alters, interferes with the operation of, damages or destroys any computer, computer system, computer network, computer software, computer program, computer database, World Wide Web site or telecommunication device or any part thereof; or

(3) intentionally or knowingly and without authorization gives or publishes a password, identifying code, personal identification number or other confidential information about a computer, computer system, computer network, computer database, World Wide Web site or telecommunication device.

(B) Grading.--An offense under this section shall constitute a felony of the third degree.

(C ) Prosecution not prohibited.--Prosecution for an offense under this section shall not prohibit prosecution under any other section of this title.


So just be careful.
Gondola
My Z6k is the only wireless device I use at home, currently. If I want to protect my network, is there any way to upgrade the Z to use WPA, or stronger security measures?

I use a Linksys WRT54G as my router. I have two other routers, plus I can set up a Linux box if I need to segment my LAN for more security, but I want to be able to use VNC etc to/from my Z..

I'm not a security guru, so I feel a little exposed with my wireless on. I turned the signal strength down to 12.5% to lower the exposure, but I still don't feel 100% safe. (Satori firmware)
speculatrix
QUOTE(Gondola @ Jul 26 2005, 06:22 PM)
My Z6k is the only wireless device I use at home, currently.  If I want to protect my network, is there any way to upgrade the Z to use WPA, or stronger security measures?

I use a Linksys WRT54G as my router.  I have two other routers, plus I can set up a Linux box if I need to segment my LAN for more security, but I want to be able to use VNC etc to/from my Z..

I'm not a security guru, so I feel a little exposed with my wireless on.  I turned the signal strength down to 12.5% to lower the exposure, but I still don't feel 100% safe. (Satori firmware)
*


WPA supplicant exists for linux, there are a few posts here on OESF for it.

Alternatively, as a quick hack, put your access point on a separate LAN and use a VPN, or use SSH to tunnel everything.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Invision Power Board © 2001-2014 Invision Power Services, Inc.