1 / 34

WPA, what else?

WPA, what else?. Thomas d’Otreppe de Bouvette Aircrack-ng. UNAM, Mexico City November 27-28, 2008. Agenda. WEP WPA – How does it work? WPA – Practice Location, location, location Cracking the key Bruteforce WPA - Tools Airbase-ng Tkiptun-ng Airolib-ng Practical stuff. 2. WEP.

scarla
Télécharger la présentation

WPA, what else?

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. WPA, what else? Thomas d’Otreppe de Bouvette Aircrack-ng UNAM, Mexico City November 27-28, 2008

  2. Agenda • WEP • WPA – How does it work? • WPA – Practice • Location, location, location • Cracking the key • Bruteforce • WPA - Tools • Airbase-ng • Tkiptun-ng • Airolib-ng • Practical stuff 2

  3. WEP • It was fun • A few new attacks were created • Caffe Latte • Cfrag • PTW2: Now needs less packets needed by PTW to crack a key • WEP Cloaking™ is now dead too 3

  4. WEP • WPA – How does it work? • WPA – Practice • Location, location, location • Cracking the key • Bruteforce • WPA - Tools • Airbase-ng • Tkiptun-ng • Airolib-ng • Practical stuff 4

  5. WPA • More and more networks use WPA • WPA is a hot topic these days: • CUDA • New attack and tool: tkiptun-ng 5

  6. WPA • 802.11i group launched when flaws were found in WEP • 2 link-layer protocols: • TKIP (WPA1): Draft 3 of 802.11i group (backward compatible with legacy hardware). • CCMP (WPA2): final 802.11i standard • 2 authentication methods: • Personal: PSK • Enterprise: MGT 6

  7. WPA-PSK – How does it work? 7

  8. WPA-PSK – 4 way handshake 9

  9. WPA-PSK – PTK Construction

  10. WPA-PSK – PMK Construction

  11. WEP • WPA – How does it work? • WPA – Practice • Location, location, location • Cracking the key • Bruteforce • WPA - Tools • Airbase-ng • Tkiptun-ng • Airolib-ng • Practical stuff 16

  12. WPA – Location • Need all packets from the 4 way handshake => hear AP and Client • In fact, aircrack-ng can work with less than 4 packets • If too far, won’t get everything

  13. WPA – Location (2)

  14. WPA – Location (3)

  15. WPA – Cracking the key • Processing Unit • CPU • GPU (CUDA and AMD Stream) • Method: • Wordlist • Bruteforce • « Rainbow » tables

  16. WPA - CUDA • Cracking with your nVidia • Much faster than with a CPU (10-100x): • Intel P4 3.2Ghz: ~150 keys/sec • AMD Turion 64 X2 TL-60 (2Ghz): ~230 keys/sec • Nvidia 280GTX: ~11000 keys/sec • A few tools exists • Commercial • Open source: pyrit • Planned in aircrack-ng (AMD Stream too) 21

  17. WPA - Pyrit cracking speed 22

  18. WPA - Bruteforce • Let’s calculate how much time it will take to crack a simple passphrase with alphanumerical values (upper and lower case). • Smallest WPA passphrase: 8 characters (max 63). 23

  19. WPA - Bruteforce (2) • 8 characters passphrase • 62 possibilities per character: [A-Z][a-z][0-9] • Using a 280GTX (11000keys/sec) • 62^8 = 218 340 105 584 896 possible keys • 218340105584896/11000k/s= 19 849 100 508 sec • 19849100508 sec = 5 513 639 hours • 5513639 hours = 229 735 days • 229735 days = 630 years 24

  20. 630 years for a 8 char WPA key • A bit too long for a simple passphrase. • For a 12 characters passphrase, bruteforce will take 9 309 091 680 years. • Dictionnary attack and John The ripper are still the best solution. 25

  21. WEP • WPA – How does it work? • WPA – Practice • Location, location, location • Cracking the key • Bruteforce • WPA - Tools • Airbase-ng • Tkiptun-ng • Airolib-ng • Practical stuff 26

  22. Airbase-ng “Airbase-ng is multi-purpose tool aimed at attacking clients as opposed to the Access Point (AP) itself.” Features: • Soft AP/Ad hoc • Karma • Encrypt/Decrypt packets • Capture WPA handshake from a client. • Filtering to avoid disturbing nearby networks 27

  23. Airbase-ng (2) • Turn any monitor-mode capable card into an AP • Default mode: Karma • Karmetasploit = airbase-ng + metasploit 28

  24. Fun with airbase-ng • Karma • airbase-ng rausb0 • Soft AP: • airbase-ng –y –e myAP –c 6 rausb0 • ifconfig at0 up 192.168.0.254 • ping/ssh/… it from the client • Script to manipulate packets: • airbase-ng –Y both rausb0 • ./test/replay.py at1 29

  25. Fun with airbase-ng (2) • WPA Handshake capture: airbase-ng -z 2 -W 1 –y -c 6 -e home rausb0 • Location problem solved ;), you just need the client:

  26. Tkiptun-ng • Exaggerated in the news, only a few frames can be sent • Work in Progress: • Basic documentation written • Not fully working yet 31

  27. Tkiptun-ng (2) • WPA TKIP + QoS (802.11e) • Decrypt packets from the AP • Modified chopchop • Breaks the MIC key • Save plaintext + keystream 32

  28. Airolib-ng • Create pre-computed WPA hash tables to be used with aircrack-ng • Uses a sqlite database • Import/Export: • Import passphrases/essid lists • Cowpatty tables (genpmk) • Pyrit can exports its hash tables to airolib-ng format • Speed (once precomputed): • EEE 701 (900Mhz, SD Card): ~9700keys/sec • AMD Turion 64 X2 TL-60 (2Ghz, HDD 7200rpm): ~55500 keys/sec (~30000 keys/sec virtualized).

  29. Conclusion • Questions? • Practical stuff • WPA Cracking • Fun: Aigraph-ng

More Related