Skip to main content

Posts

Showing posts from May 28, 2008

Cracking WPA-PSK secured Wireless Networks

WiFi Hacking part - WPA-PSK cracking. The text about cracking WPA coding is an alternative to the classic process (dictionary atack - cracking WPA key with Aircrack-ng and wordlist). I have used Cowpatty, John the Ripper and genPMK. Additionaly to the pentest you can get hash at Lostboxen (6GB) or at Shmoo (35GB) and wordlist for generating your own control sums.. After dowloading and decompressing the hashe (having a weaker processor might take a while :) are available by random browser of system files. You can use the way to the file in the folder where it is saved or it can be copied to the place where you are going to test it. When using this technique PSK crack is not a dictionary atack but a comparison of control sums. I am mentioning the dictionary it self because of two reasons. The possibility of a dictionary atack exists all the time and somebody still enjoys the classic way :) The other more interesting possibility is to generate your own hashe by the tool genPMK. After the

Destruction Mode with Charon 2 GUI

Last year we told about not so well know tool called MDK, as part of the "Cracking WEP key - Acces Point with pree-shared key (PSK" concept. Alot of time has passed by since then and now we have well workiong stable version even with GUI extension Charon. It was not much of a deal in Fall 2007, but the situation has changed. The autor has also decidedd to eneble the Destruction Mode in the menu. The extension is written in Java and is very stable. If you have not encountered the MDK tool before, it is a proof-of-concept tool from the authors of the PTW implementation in aircrack-ng (Darmstadt Lab). It tses 8 concepts of attacking wireless networks. b - Beacon Flood Mode sends beacon frames and confuses the client by creating fake APs. This is able to make AP scanning applications and devices unusable a - Authentication DoS mode sends auth frames to all APs in range. This results in freezinig or restarting devices p - Basic probing a ESSID Bruteforce mode sends probe requests