Scribd
Upload
60 views9 pages

How To Hack A Wi-Fi by Krishna Srinivas (FileCR)

Uploaded by

petr.riha
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
60 views9 pages

How To Hack A Wi-Fi by Krishna Srinivas (FileCR)

Uploaded by

petr.riha
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 9

KRISHNA SRINIVAS

How to Hack a Wi-Fi network

First published by Aishwarya Srinivas 2020


Copyright © 2020 by Krishna Srinivas

All rights reserved. No part of this publication may be reproduced, stored or


transmitted in any form or by any means, electronic, mechanical,
photocopying, recording,

scanning, or otherwise without written permission from the publisher. It is


illegal to copy this book, post it to a website, or distribute it by any other
means without permission.

First edition
This book was professionally typeset on Reedsy. Find out more at reedsy.com

How to Hack a Wi-Fi network

What is a wireless network?


A

wireless network is a network that uses radio waves to link computers and
other devices together. The implementation is done at the Layer 1 (physical
layer)

of the OSI model.


How to access a wireless network?

You will need a wireless network enabled device such as a laptop, tablet,
smartphones, etc. You will also need to be within the transmission radius of a
wireless network access point. Most devices (if the wireless network option is
turned on) will provide you with a list of available networks. If the network is
not password protected, then you just have to click on connect. If it is
password protected, then you will need the password to gain access.

Wireless Network Authencaon

Sincethenetworkiseasilyaccessibletoeveryonewithawireless network enabled


device, most networks are password protected. Let’s look at some of the most
commonly used authentication techniques.

WEP

WEP is the acronym for Wired Equivalent Privacy. It was developed for
IEEE 802.11 WLAN standards. Its goal was to provide the privacy equivalent
to that provided by wired networks. WEP works by encrypting the data been
transmitted over the network to keep it safe from eavesdropping.
WEP Authentication
Open System Authentication (OSA) – this methods grants
accesstostationauthenticationrequestedbasedontheconfigured access policy.
Shared Key Authentication (SKA) – This method sends to an encrypted
challenge to the station requesting access. The station encrypts the challenge
with its key then responds. If the encrypted challenge matches the AP value,
then access is granted.
WEP Weakness
WEP has significant design flaws and vulnerabilities.

• The integrity of the packets is checked using Cyclic Redundancy Check


(CRC32). CRC32 integrity check can be compromised by capturing at least
two packets. The bits in the encrypted stream and the checksum can be
modified by the attacker so that the packet is accepted by the authentication
system. This leads to unauthorized access to the network.
• WEP uses the RC4 encryption algorithm to create stream ciphers. The
stream cipher input is made up of an initial value (IV) and a secret key. The
length of the initial value (IV) is 24 bits long while the secret key can either
be 40 bits or 104 bits long. The total length of both the initial value and secret
can either be 64 bits or 128 bits long.The lower possible value of the secret
key makes it easy to crack it.
• Weak Initial values combinations do not encrypt sufficiently. This makes
them vulnerable to attacks.
• WEP is based on passwords; this makes it vulnerable to dictionary attacks.
• Keys management is poorly implemented. Changing keys especially on
large networks is challenging. WEP does not provide a centralized key
management system.
• The Initial values can be reused

Because of these security flaws, WEP has been deprecated in favor of WPA
WPA

WPAistheacronymforWi-Fi ProtectedAccess . It is a security protocol


developed by the Wi-Fi Alliance in response to the weaknesses found in
WEP. It is used to encrypt data on 802.11 WLANs. It uses higher Initial
Values 48 bits instead of the 24 bits that WEP uses. It uses temporal keys to
encrypt packets.
WPA Weaknesses

• The collision avoidance implementation can be broken


• It is vulnerable to denial of service attacks
• Pre-shares keys use passphrases. Weak passphrases are

vulnerable to dictionary attacks.


How to Crack Wireless Networks
WEP cracking

Cracking is the process of exploiting security weaknesses in wireless


networks and gaining unauthorized access. WEP cracking refers to exploits
on networks that use WEP to implement security controls. There are basically
two types of cracks namely;

• Passive cracking– this type of cracking has no effect on the network traffic
until the WEP security has been cracked. It is difficult to detect.
• Active cracking– this type of attack has an increased load effect on the
network traffic. It is easy to detect compared to passive cracking. It is more
effective compared to passive cracking.

WEP Cracking Tools

• Aircrack– network sniffer and WEP cracker. Can be downloaded from


http://www.aircrack-ng.org/
• WEPCrack– this is an open source program for breaking 802.11 WEP secret
keys. It is an implementation of the FMS attack.
http://wepcrack.sourceforge.net/
• Kismet- this can include detector wireless networks both visible and hidden,
sniffer packets and detect intrusions. https://www.kismetwireless.net/
• WebDecrypt– this tool uses active dictionary attacks to crack the WEP
keys. It has its own key generator and implements packet filters.
http://wepdecrypt.sourceforge. net/

WPA Cracking

WPA uses a 256 pre-shared key or passphrase for authentications.


Shortpassphrasesarevulnerabletodictionaryattacksand otherattacksthat canbe
used tocrackpasswords. The following tools can be used to crack WPA keys.

• CowPatty– this tool is used to crack pre-shared keys (PSK) using brute
force attack. http://wirelessdefence. org/Contents/coWPAttyMain.htm
• Cain & Abel– this tool can be used to decode capture files from other
sniffing programs such as Wireshark. The capture files may contain WEP or
WPA-PSK encoded frames. http://www.softpedia.com/get/Security/
Decrypting-Decoding/Cain-and-Abel.shtml

General Aack types

• Sniffing– this involves intercepting packets as they are transmitted over a


network. The captured data can then be decoded using tools such as Cain &
Abel.
• Man in the Middle (MITM) Attack– this involves eavesdropping on a
network and capturing sensitive information.
• Denial of Service Attack– the main intent of this attack is to deny legitimate
users network resources. FataJack can be used to perform this type of attack.
More on this in article

Cracking Wireless network WEP/WPA keys

It is possible to crack the WEP/WPA keys used to gain access to a wireless


network. Doing so requires software and hardware resources, and patience.
The success of such attacks can also depend on how active and inactive the
users of the target network are.

We will provide you with basic information that can help you get started.
Backtrack is a Linux-based security operating system. It is developed on top
of Ubuntu. Backtrack comes with a number of security tools. Backtrack can
be used to gather information, assess vulnerabilities and perform exploits
among other things.

Some of the popular tools that backtrack has includes;

• Metasploit
• Wireshark
• Aircrack-ng
• NMap
• Ophcrack

Cracking wireless network keys requires patience and resources mentioned


above. At a minimum, you will need the following tools

A wireless network adapter with the capability to inject packets (Hardware)

• Kali Operating System. You can download it from here


https://www.kali.org/downloads/
• Be within the target network’s radius. If the users of the target network are
actively using and connecting to it, then your chances of cracking it will be
significantly improved.
• Sufficient knowledge of Linux based operating systems and working
knowledge of Aircrack and its various scripts.
• Patience, cracking the keys may take a bit of sometime depending on a
number of factors some of which may be beyond your control. Factors
beyond your control include users of the target network using it actively as
you sniff data packets.

How to Secure wireless networks


In minimizing wireless network attacks; an organization can adopt the
following policies

• Changing default passwords that come with the hardware


• Enabling the authentication mechanism
• Access to the network can be restricted by allowing only registered MAC
addresses.

• Use of strong WEP and WPA-PSK keys, a combination of symbols, number


and characters reduce the chance of the keys been cracking using dictionary
and brute force attacks.
• Firewall Software can also help reduce unauthorized access.

Hacking Acvity: Crack Wireless Password

In this practical scenario, we are going to use Cain and Abel to decode the
stored wireless network passwords in Windows. We will also provide useful
information that can be used to crack the WEP and WPA keys of wireless
networks.

Decoding Wireless network passwords stored in Windows

• Download Cain & Abel from the link provided above.


• Open Cain and Abel

• Ensure that the Decoders tab is selected then click on

Wireless Passwords from the navigation menu on the lefthand side


• Click on the button with a plus sign
• Assuming you have connected to a secured wireless network before, you
will get results similar to the ones shown below

• The decoder will show you the encryption type, SSID and the password that
was used.
Summary

• Wireless network transmission waves can be seen by outsiders, this


possesses many security risks.
• WEP is the acronym for Wired Equivalent Privacy. It has security flaws
which make it easier to break compared to other security implementations.
• WPA is the acronym for Wi-Fi Protected Access. It has security compared
to WEP
• Intrusion Detection Systems can help detect unauthorized access
• A good security policy can help protect a network.

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy