Sunday, August 6th, 2006Sunday, August 6th, 2006

How To Crack 128-bit Wireless Networks In 60 Seconds

by Shawn @ 1:32 am · filed under Tech Stuff

Just for fun (since I'm a dork), I was looking for a wireless stumbler for Macintosh that supported a GPS unit because I thought it would be interesting to map how many wireless networks there are in my neighborhood (I usually can see 15-30 unique wireless networks from any given point). In my search, I ran across one called kismac that does exactly what I wanted (it even generates the maps for you, so I didn't need to code something to plot the GPS coordinates on a map):

click image for larger view)

I download it and start playing around with it. It turns out it also has security testing functions within it (although I would guess that most of the people using the cracking functions are just trying to gain access to "secured" networks... which is beside the point I suppose).

Anyway, so I start monkeying around with those functions to see if I could learn something about WEP encryption on my own 2 wireless networks (I have a Linksys WRT54G and an Apple Airport Express which I use for beaming iTunes music to the living room stereo), both are currently secured with 128-bit wireless security and I did not change anything in them for the purpose of this video. My "word list" is just the standard dictionary word list that comes with most any UNIX distribution (like Mac OS X) and resides in /usr/share/dict/.

So here's the scary part, from the time it started scanning for wireless networks to the time I was able to crack both wireless network keys (which is all you need to gain access to the wireless network), it took right around 60 seconds. Check out this video...

Okay, so what just happened here? I just cracked my two 128-bit wireless networks in roughly 60 seconds from start to finish.

Even as a relatively knowledgeable tech guy, this seems like utter insanity to me. Okay, obviously I didn't have some crazy, ultra-secure password for my networks, but I would guess 90% of all the wireless network passwords out there are based on simple (easy to remember) word(s). After doing some reading, an "ultra-secure" password/MD5 seed would be relatively useless anyway... all it would do is force the attacker to spend 10 minutes on it instead of 10 seconds (see this FAQ and this FAQ), all of which is easily done from the kismac Network menu. It doesn't even matter if you setup your wireless network to be public or not, because kismac can see it even if the base station isn't showing the SSID publicly.

I'm going to poke around and see how secure RADIUS authentication is for a wireless network, but even if RADIUS is more secure, what normal person is going to have the technical knowledge and an extra few thousand dollars to setup and run a RADIUS server for their wireless network? I'm not even sure if I want to run a wireless network anymore to be honest... or maybe shut them down except for the times I'm actually using them (talk about annoying though).

UpdateNot sure why the content was deemed "inappropriate" for YouTube, but YouTube took my video down. {shrug} Moved it to Google Video.

Permalink

150 Responses to “How To Crack 128-bit Wireless Networks In 60 Seconds”

Cap Says:
August 7th, 2006 at 7:09 am

I wonder how fast it’ll brute force its way through WPA keys? I dont know much about wireless security, but I thought WEP’s many flaws were the reason the industry replaced it.

Jose Ordinas Says:
August 7th, 2006 at 3:10 pm

Check out the Security Now! podcasts. WEP encryption is trivially broken because of a poor underlying design. You need to switch to WPA encryption.

I am certain that your WRT54G router is capable of WPA encryption - although I am not sure if the Airport is.

Charlie Says:
August 7th, 2006 at 3:11 pm

So the point is that even with a higher strength password, say a combo of letters/numbers, this would only take a few minutes more? Crikey!

So here is the defense against all those MPAA lawsuits? “My wireless network was hacked… here’s how easy it is?”

Wow.
Thanks for making it simple.

Charlie
www.Seven87.com

chaaban Says:
August 7th, 2006 at 3:15 pm

hehe time to change my pass

Dustin Says:
August 7th, 2006 at 3:16 pm

If you use WPA you should be safe. It doesnt matter if you have SSID turned on or off because as you said, there are programs to sniff that information. About the only thing you can do is use WPA and generate a strong passphrase from somewhere like here. https://www.grc.com/passwords.htm

Nicholas VonKrut Says:
August 7th, 2006 at 3:16 pm

Most APs have a mac address lockdown. It only allows the specified mac addresses on the wireless network, full stop.

I think that solves all these problems.

Seungjin Says:
August 7th, 2006 at 3:17 pm

what wireless network card do you have?
cuz I know cards like broadcom’s can’t be used for cracking.

John Laur Says:
August 7th, 2006 at 3:20 pm

Few thousand dollars? Are you freaking insane?

I run DD-WRT and FreeRadius on a Linksys WRT54g at my house. I have WPA using a preshared key and then 802.1x auth via RADIUS for authentication. The sum total I spent on the hardware is $60

The weakness you are experiencing is not in WEP per se but in the algorithms used to generate the hex key from other (easy to remember, easy to crack) sources such as dictionary words. Furthermore, even on non dictionary words, some of these algorithms have serious flaws that greatly reduce the amount of keyspace you need to search to find a 128 (really 104) bit key.

If you want a secure password, get 104 bits of sufficiently random data, convert it to hex and use that. Rotate it every few weeks or so. Even if you use WEP for this, you only really expose yourself to certain weak frame vulnerabilities that are largely sewn up by most NIC and AP wireless drivers these days, and they can’t easily be exploited without listening to a great deal of wireless traffic.

A more fun solution? Wireless VLAN’s! Run one VLAN as a public honeypot with open access to nothing. Run the second VLAN using a different SSID with broadcast disabled, its own keys and 802.1x

Jack Says:
August 7th, 2006 at 3:24 pm

This is revealing, but also odd that WEP security is being discussed at all. WPA has replaced it as the defacto standard in security nowadays and it’s quite solid/secure.

Keith Says:
August 7th, 2006 at 3:25 pm

It is actually very easy to crack into 128-bit networks, but nice post all the same…

Joe Says:
August 7th, 2006 at 3:30 pm

what kind of wireless card were you using?

Keith Says:
August 7th, 2006 at 3:32 pm

Is it really true that you are able to crack 256-bit WEP encryption on a wireless network just by reading off the packets over the signal? Perhaps, instead of using WPA or WEP, it might as well restricted to just MAC address authentication instead.

Wild Red Says:
August 7th, 2006 at 3:32 pm

So the question I have to ask is was your password a dictionary password? It seems from the video that you used a dictionary file/list of common words.

CatLover Says:
August 7th, 2006 at 3:33 pm

If it’s just *your* network, it’s easy to lock it down securely. Just do what I do…allow only your computers’ MAC addresses. No other security is necessary. If you’re still paranoid or live in an urban setting, you can leave encryption running, but remember it does slow the data a bit.

Ricky Says:
August 7th, 2006 at 3:34 pm

the ease of that is pretty scary, but even so I bet most people would find this too difficult. Better hope you’re the only savvy person within the radius of your network!

Brian Says:
August 7th, 2006 at 3:41 pm

Which GPS unit have you been using? I am a kisMAC user, and I have been scoping out a portable unit I can take out on the MTB, as well as being osx/kisMAC compatible.

Thanks!

Shawn Says:
August 7th, 2006 at 3:42 pm

It was an Airport card in a Macintosh. As far as WEP vs. WPA… I know that now, but 2 days ago I didn’t. I’m pretty technical, but security/hardware isn’t my deal, so I never looked too much into it before. I just saw “128-bit encryption keys” in the setup and thought that it would be good to go.

twit soldier Says:
August 7th, 2006 at 3:42 pm

Anyone who knows anything about security can tell you wep is handing out your password, it broadcasts your password acrossthe network so anyone can crack it, wpa on the other hand if you have a truely random password with the maximum allowed charachters is unbreakable. I suggest you listen to Security Now podcast starting with episode one. http://www.grc.com/securitynow.htm

twit soldier Says:
August 7th, 2006 at 3:46 pm

Also please not that your mac address is being broadcast as well so even if you restrict mac addresses they can esily be spoofed even with the software that comes with your adaptor so all one has to do is find out what valid mac addresses are on the network and just start using one.

Savage Says:
August 7th, 2006 at 3:50 pm

MAC filtering offers no security whatsoever.

MAC addresses are actually not encrypted when sent over the air,
since they are the only reliable way of identifying a peer. Getting them
from network traffic is trivial and only needs a couple of frames.
MAC addresses are also trivial to spoof. On Linux it is just a configuration
file to tweak. On my WRT54G it is a configuration option.

Now if you want to run a nice DOS attack, you listen for MAC addresses
connecting to an access point and send End-Of-Traffic frames with a spoofed
MAC address several times per second. This effectively shuts down all Wifi
traffic for good on the access point.

allaun Says:
August 7th, 2006 at 3:51 pm

Its not that hard to put radius security on your linksys, DD-wrt is one example.

Tommy Says:
August 7th, 2006 at 3:57 pm

MAC filtering is close to useless as a serious security feature. It’s pretty easy to just sniff the net, grab an authenticated MAC and use it.

Andrew Says:
August 7th, 2006 at 3:59 pm

Just a question- what wireless card are you using?

Andrew Says:
August 7th, 2006 at 3:59 pm

Whoops… I didn’t see your response in the comments.

Brian Moore Says:
August 7th, 2006 at 4:14 pm

I would also like to know what GPS device you use and how you connect it to your mac.

phil Says:
August 7th, 2006 at 4:19 pm

to all those people out there who think that MAC address restrictions will protect your network … think again. a MAC address can be sniffed off the airwaves in seconds and many wireless network cards allow you to change their MAC’s. it really is one of the most useless forms of wireless security, and will only stop the most basic of ‘hackers’.

lagshot Says:
August 7th, 2006 at 4:23 pm

“Most APs have a mac address lockdown. It only allows the specified mac addresses on the wireless network, full stop.

I think that solves all these problems.
“

Unfortunately this is not the case, as your MAC address is unencrypted in the header of packets and can easily be sniffed and clone’d.

Humble idiot Says:
August 7th, 2006 at 4:27 pm

Disturbing! Some of us (TIVO users for example) don’t have the WPA option.

Jon Biddell Says:
August 7th, 2006 at 4:38 pm

WEP is generally used by home users who, through no fault of their own, don’t know any better, or who have been advised to use it by lame-ass ISP’s.

Most of them wouldn’t know how tro secure an access point if their life depended upon it.

A friend did some war-driving here in Australia - from his home to my office via the middle of Sydney - plotted over 800 wireless access points, with over 50% completely unbsecured, and of those that were secured almost 80% used WEP - and that included some of the largest businesses in the CBD. He knew this, of course, because they were all broadcasting their SSID, usually with a business name !!

You would be stunned to see how many had the default username/password combination for admin still installed - tempting as it was to change this and shut their router down as an object lesson in security, he had a better idea… He contacted several businesses and informed them of their leaks, and now has a reasonably well-paying sideline in securing wireless networks for home and small business users…

There is a lining in every silver cloud…

BennyTB9 Says:
August 7th, 2006 at 4:39 pm

Thanks Twit
As I was reading I was wondering if anyone else knew that even MAC address filtering is not fool proof.

Jon Biddell Says:
August 7th, 2006 at 4:39 pm

BTW, MAC address locking is nice, but anyone with a basic knowledge of networking and a good sniffer could spoof your MAC address in probably less time than it takes to read this.

cYrus Says:
August 7th, 2006 at 4:44 pm

# Nicholas VonKrut Says:
August 7th, 2006 at 3:16 pm

Most APs have a mac address lockdown. It only allows the specified mac addresses on the wireless network, full stop.

I think that solves all these problems.

all i can say is yea good luck with that theory… not heard of mac spoofing?

takes seconds to find stations assosiated with a ssid - mac address and all

cam Says:
August 7th, 2006 at 4:54 pm

This is old news. WEP has been cracked for a while now. Don’t use it.

xdevnull Says:
August 7th, 2006 at 5:00 pm

As above - a mac address is actually easier to hack than - much easier - than WEP - which at least takes a little effort. If you’re not using WPA - with a good, long passphrase, you might as well be open. The mac address would simply keep the average passerby from using your wireless without any overhead, but is in no way “secure” and in no way encrypted.

andrew Says:
August 7th, 2006 at 5:07 pm

you know what… MAC address filtering is not secure
(sorry, I couldn’t resist)

Anon Says:
August 7th, 2006 at 5:07 pm

A brute force attack on WEP works best if you collect 250k initialization vectors (IVs) for a 40bit key, 1000k IVs for a 104 bit key. A dictionary attack takes only a few packets but to defeat that all you need to do is make up fake words with special characters. Example: Go/\way!

WPA doesn’t have the same failings as WEP but is is also vulnerable to a dictionary attack if you can capture the 4-way handshake. An easy way to do that would be to disassociate someone who is on and watch them reconnect. WPA also uses the SSID of the access point in it’s encryption.

MAC filtering works fine till someone spoofs a valid MAC address.

JP Says:
August 7th, 2006 at 5:32 pm

“BTW, MAC address locking is nice, but anyone with a basic knowledge of networking and a good sniffer could spoof your MAC address in probably less time than it takes to read this.”

I think the real question is whether or not you have something worth stealing. If you are in a place that has a high density of wireless signals, going with more security than none is probably going to make 99% of the people around you just connect to a less secure network. Just hope you don’t have any enemies…

“I’m not even sure if I want to run a wireless network anymore to be honest… or maybe shut them down except for the times I’m actually using them (talk about annoying though).”

Maybe its a better idea to put something over your antenna(s) that will block the signal from any significant broadcast when you aren’t using them?

Brummy Says:
August 7th, 2006 at 5:43 pm

Mac spoofing is almost quicker than cracking 128web please dont rest easy with that as an alternative there is no reason to not be running wpa as of right now there isnt a good quick way to crack it..

Brummy

Andrew M Says:
August 7th, 2006 at 5:54 pm

The MAC address isssue is well documented.
As is the WEP issue.
WPA is more secure but serious crackers can find a way through that too.
Take solace in the fact that people looking for an unsecured wireless network will generally settle for the first one they can crack, so if you use both MAC addresing and WPA the likelyhood is they will crack you naber who uses neither.

gezick Says:
August 7th, 2006 at 6:01 pm

wpa and wpa2 are also easily brute forced. (look at h1kari’s recently published work)

but guess what else, locks can be picked, safes can be cracked. there are not completely safe options, just deterrents.

wep is good enough, so is wpa, so is wpa2, so is mac address filtering. they all keep the causal user off your network.

if you want security and privacy, don’t rely on the data link layer to provide it. the application layer is far more useful. check out tor.eff.org

and don’t be so paranoid, probably no one cares what you’ve got on your network anyhow

TAZ Says:
August 7th, 2006 at 6:04 pm

Just a suggestion, setup a vpn. For those a little more tech savvy and want a little bit of fun buy a firwall such as a pix. I bougt mine for $400 on ebay and all my wireless traffic is tunnelled out my hardwired network. Much higher encryption and much more secure - but much more complicated then WEP or WPA. There was a really good article too on digg where you deploy a squid proxy in your wireless zone where it will invert all the graphics on the web and will really screw people up who hack into your network. Pretty funny / fun stuff. WEP is out now as Cam said above. WPA is supposed to be better but a simple google search will show you people have already worked around this as well.

Fred Says:
August 7th, 2006 at 6:32 pm

So are there any similar programs for windows? kismet is on linux and I’ve heard that, that is the best program for this kinda stuff.

Hu Says:
August 7th, 2006 at 6:40 pm

I use MAC addresses whitelisting, the reason I think it would work is because lame kiddy hackers won’t think of it, they might brute force for days and never cop on, its a nice on top of wep etc.

rusty Says:
August 7th, 2006 at 6:49 pm

nice!! anyone know of a comparable program for windows (aka, lets you access a wordlist directly from it)?

Jack Says:
August 7th, 2006 at 7:11 pm

I agree with cYrus… it is very simple to spoof a mac address and very easy to find what mac address you need to spoof.. I have a laptop with built in wireless that has the ability to spoof mac addresses built into the driver..

Bugs Says:
August 7th, 2006 at 7:12 pm

MAC addresses can be set on the property page of the network adapter (under Windoze) and “nbtstat -a” or “arp -a” to recover another machines MAC.

foobar Says:
August 7th, 2006 at 7:14 pm

Welcome to 1999. Why are you still running WEP? Why not use WPA? Or WPA2?

Pegasus Says:
August 7th, 2006 at 7:14 pm

who cares you put the web key in your word list big deal

quiksilr Says:
August 7th, 2006 at 7:27 pm

As many of you have stated Mac Filtering is completely useless, spoofing a Mac Address takes seconds. Allowing you access to the network.

WEP is useless. As stated, using either a weak dictionary word or a fully randomized passphrase only slightly increases the amount of time required to crack it by a slight margin.

WPA1 and WPA2 are becoming easily crackable as well. Check out CoWPAtty. They recently came up with a huge 47 GB precompiled hash table at DefCon 14 that will crack many WPA2 passwords in minutes.

For those stating that Broadcom cards can not be used to crack WEP you are partially correct. The current Broadcom Airport Extreme cards can not enter promiscuous mode but the latest version of Kismac can put the AirPort Extreme into passive mode (except for MacBookPro and newest Mac Minis)

If this doesn’t work for your Airport Extreme you can also use the DLink DWL-122 usb wireless adapter for cracking WEP keys. I have purchased and returned a ton of external adapters until finding this one that works. Be careful not to purchase the DWL-122g, I don’t think that that is supported.

Happy Hacking

Digged Stories » Blog Archive » How To Crack 128-bit Wireless Networks In 60 Seconds [inc Video] Says:
August 7th, 2006 at 7:42 pm

[…] read more | digg story […]

mat Says:
August 7th, 2006 at 8:01 pm

Cracking 128 WEP does not depend on brut force; it basically reads the packs generated by the users on the network and build the pass phrase from those….so even using a random pass will not help you. The whole thing is flawed. So do not use WEP

Scott S Says:
August 7th, 2006 at 8:05 pm

MAC addres filtering is the easier part. All it takes is 1 ARP packet from your computer.

Meromotopia » Blog Archive » How To Crack 128-bit Wireless Networks In 60 Seconds [inc Video] Says:
August 7th, 2006 at 8:06 pm

[…] read more | digg story […]

jason Says:
August 7th, 2006 at 8:22 pm

i thought airport cards couldn’t be put in this mode?

I have an airport express card inside my macbook - can I put the card in passive mode?

-Jason

Nicholas Says:
August 7th, 2006 at 8:51 pm

Aside from everyone saying WEP is now replaced by WPA, which it is and should be in any wireless network, alot of people are commenting saying that mac address filtering will protect you. IT WON’T.

Firstly, spoofing a MAC address is a trivial matter, secondly, more of a security stand point, just because you’ve blocked that computer’s MAC address, does not stop it from sniffing ALL of your wireless network traffic, they could get all sorts of information, and coupled with MAC spoofing and well crafted MITM attacks, could be in and out with you passwords and creditcard numbers without you ever realising they were there.

Just don’t rely on MAC filters, use them, but don’t rely on them as your only means of network security.

neredowell Says:
August 7th, 2006 at 8:56 pm

So I go to Google. Type a couple of search terms and, Google being Google, I get the standare 1.2 million results. One of them being this page.

128 bit encryption cracked that fast, hmm. Should be interesting I think. Let’s check this out.

Well, sorry to burst a bubble but nothing I’ve read here concerns cracking 128 bit encryption. I’m not saying it can’t be done. I’m saying it’s not what was done. What was accomplished here was a simple brute force password hack

A password hack is one of the most basic routines there is in the security field, even with the standard three strikes lockout, so this is assuradly a lesson in why it is necessary to use strong passwords

Once you claim root any commands you give will be obeyed but to crack 128 without claiming root you must to be able to read network traffic “in the clear”.

If you can accomplish that in 60 seconds the NSA has a job for you.

Better luck next time
NereDoWell

BeeRich Says:
August 7th, 2006 at 9:15 pm

PowerBook users have real problems with WPA. I’ve not been able to fix mine since I bought it. I have a DLink router that has been re-installed many times. WPA would be nice, but it goes deaf about every 5 minutes.

Any ideas?

pankaj Says:
August 7th, 2006 at 10:17 pm

let me add few words to it

Cracking WEP is not a new thing, because of weakness in its design. few reasons why wep is weak are:

1. Same key is used forever (until one fine day you decide to change it!), there is no concept of rekeying.

2. Also remember that 128bit key is not exactly 128 (128 is just a marketing number!), it is actually 104 bits (which is the lenght of your password). Remaining 24 bits are called Initialization vector (IV), this IV is incremented for every packet and this IV is combined with your password to make it 128bit (and IV is visible to anybody with a sniffer, coz it is sent with the packet without any encryption). Certain combinations of password and IV generate something called WEAK keys, which help in cracking keys (search “FMS attack” on google for more details).

3. Most important point: password that you enter, is finally used for encryption. which means that if you crack key from one packet, whole network is yours .. wow!.

Solution of all these problems is WPA/WPA2, which addresses all these problems by:

1. lenght of IV increased to 48bits.
2. Built in mechanism for rekying.
3. New key is generated for every packet: so if you are able to crack key for one packet. There is nothing useful u can do.

4. Password that u enter is not used for encryption, it is used (with lot of other info.) to generate per packet keys as mentioned in #3.

I am sure cracking WPA is not simple as WEP, so for few years we can live in peace with WPA/WPA2.

hope this info helps!

jimbo92107 Says:
August 7th, 2006 at 11:42 pm

MAC address filtering is kind of like painting the word “FENCE” on your doorstep.

WEP 64- or 128-bit encryption is like locking your screen door with a bathroom key. WEP 256 is like locking your front door with an easily pickable deadbolt.

WPA is like actually having a fairly secure door. The strongest WPA makes your door more secure than your walls.

Oh, and remember to write your password on a post-it and keep it in your desk drawer!

http://skit.id.au » How To Crack 128-bit Wireless Networks In 60 Seconds Says:
August 8th, 2006 at 12:21 am

[…] How To Crack 128-bit Wireless Networks In 60 Seconds. [inc Video] This is why I’m always wary of using wireless networks. They are too easy to crack and gain access too. But just remember to implement as many security measures as possible to delay the hacker, and change them periodically.read more | digg story These icons link to social bookmarking sites where readers can share and discover new web pages. […]

Matthew Says:
August 8th, 2006 at 12:23 am

Looks like Shawn has had surgery to alter what he looks like…

http://www.techeblog.com/index.php/tech-gadget/how-to-crack-128-bit-wireless-networks-in-60-seconds#more-3646

Tarragon Says:
August 8th, 2006 at 12:44 am

Um, sorry to break it to you guys, but the “vulnerability” here affects WPA, and probably more WPA than WEP. This a brute force passphrase hacking, not some kind of wire sniffing trick (which is what WEP is vulnerable to, and takes a fair bit longer than 60 seconds).

Keep in mind that WPA is really just WEP with rotating keys, and little else.

WPA will NOT make you more secure. You need to use a secure passphrase otherwise you are vulnerable to somebody guessing your passphrase. That’s not rocket science. It’s got nothing to do with the relative security merits of WEP or WPA or WPA2. Use a crap passphrase, you’ll be easy to hack.

It’d be like the CIA using “secret” for their password on their mainframe. It doesn’t matter how bloody physically secure the mainframe is, or how well it encrypts it’s data, when the password is the weak link.

In fact, last time I checked (which was a while ago) you can’t even _use_ a passphrase with WEP - it expects a hex string.

So, please, people, stop thinking that WPA is the holy grail of security. It isn’t, by a long shot. A WPA network secured with a passphrase of “bob” may as well not be secured at all.

And of course, MAC filtering is basically useless, except as part of security in depth. It’s worth enabling, but don’t rely on it to protect you because a dedicated attacker will get through it easily.

Again? » Blog Archive » How To Crack 128-bit Wireless Networks In 60 Seconds [inc Video] Says:
August 8th, 2006 at 1:47 am

[…] 128 bit WEP encryption secure? Think again! KisMAC + standard dictionary cracks two keys in under 60 seconds. “I’m not even sure if I want to run a wireless network anymore to be honest…”read more | digg story […]

我不喜欢-Blog » How to: Crack 128-bit Wireless Networks in 60 Seconds Says:
August 8th, 2006 at 1:58 am

[…] Shawn Hogan managed to crack “two 128-bit wireless networks in roughly 60 seconds from start to finish” using kismac. Video after the jump. The Wi-Fi weakness isn’t just restricted to Macs - it’s also a problem for Windows, and wherever multiple parties (WiFi hardware manufacturer, OS developer) are writing portions of the drivers that aren’t properly tested with each other […]

Sangaho Says:
August 8th, 2006 at 2:16 am

Shawn, in your video, you are using a standard dictionary to crack your password. Nice. If you want to have a secure network, then you use all of the 256 bits (or 64 ASCII characters) of the passphrase to encrypt it (who sais you need to be able to remember it, just create a completely random key and write it down).
That means, there are 2^256 possible combinations of ones and zeros your password can contain, which means there are 1157920890000000000000000000000000000000000000000000000000000000000000000000000 possibilities to go through. Having in mind that an up-to-date processor with 3 Gigahertz can do 3 000 000 000 operations per second, you can imagine how many.. uh… decades it would take to successfully crack that passphrase.
After all, you usually try other methods to gain access to the network than cracking the passphrase anyway, but that’s a different story.

UberTechnica » Blog Archive » Dude Cracks A Wireless Network In 60 Seconds Says:
August 8th, 2006 at 3:25 am

[…] read more […]

Jeremy Says:
August 8th, 2006 at 4:30 am

In response to you not using a wireless network anymore, you should just use Mac address authentication or blocking. Just have your computers in the Mac address area of the router. One top just use WPA or even WPA 2.0, WEP is out of date and just makes people who aren’t technically inclined to not connect.

pankaj Says:
August 8th, 2006 at 8:01 am

me add few words to it

Cracking WEP is not a new thing, because of weakness in its design. few reasons why wep is weak are:

1. Same key is used forever (until one fine day you decide to change it!), there is no concept of rekeying.

3. Most important point: password that you enter, is finally used for encryption. which means that if you crack key from one packet, whole network is yours .. wow!.

Solution of all these problems is WPA/WPA2, which addresses all these problems by:

1. lenght of IV increased to 48bits.
2. Built in mechanism for rekying.
3. New key is generated for every packet: so if you are able to crack key for one packet. There is nothing useful u can do.

4. Password that u enter is not used for encryption, it is used (with lot of other info.) to generate per packet keys as mentioned in #3.

I am sure cracking WPA is not simple as WEP, so for few years we can live in peace with WPA/WPA2.

hope this info helps!

okpj Says:
August 8th, 2006 at 9:44 am

any way we could see the video? it was taken down for violation of youtube’s terms.

Ninja Strike Force » Blog Archive » Sup Ninjas Says:
August 8th, 2006 at 11:11 am

[…] And speaking of privacy, check out this video of KisMAC cracking 128bit WEP passwords in less than 60 seconds. Mommy, it hurts when I pee. […]

SecureMyWiFi Says:
August 8th, 2006 at 11:15 am

Use SecureMyWiFi from WiTopia (www.witopia.net). It gives you the same wireless security big companies and government use (WPA-Enterprise) for 9.99 a year. None of that other stuff works. WPA-personal/psk is considered “okay” but is still weaker than WPA-Enterprise and must be managed.

Your AP must be able to support the enhanced security, but most all newer (last 3 years) do such as most Linksys, D-Link, and Apple…as well as many others.

It also supports 802.1x and 802.11i as well as what manufacturers may call WPA-RADIUS (Linksys) or WPA-EAP (D-Link)

Bottom line is when you use the service..you needn’t worry about any of that crap.

Fitzy Says:
August 8th, 2006 at 2:06 pm

Check out this howto for building a Radius Server to use with your wireless network. It uses WPA-Enterprise which rotates the key every couple of minutes. About as secure as you can reasonably be at the moment!
http://www.urbanwireless.co.nz/?page_id=22

Max’s Blog » Blog Archive » Digged Says:
August 8th, 2006 at 3:05 pm

[…] http://www.shawnhogan.com/2006/08/how-to-crack-128-bit-wireless-networks.html […]

Brian Says:
August 8th, 2006 at 3:11 pm

Ok all here is the true design of secure wireless networks.

WPA2 - uses AES encryption still weak but no as weak as WEP or WPA
WEP & WPA both use the weak RC4 encryption technique

get an access point that uses WPA2 and set that up. disable SSID or not doesnt matter.

Setup a linux box with 2 network cards in it. Install FreeRADIUS and OpenVPN. Setup OpenVPN with an AH(Authentication Header(protocol 51)) using SHA1 and ESP (Encapsulated Security Protocol(protocol 50))
using 3DES encryption and a key lifetime of 60 Minutes. Have OpenVPN connect to FreeRADIUS for authentication. Install OpenVPN on the client and setup to tunnel everything. connect one network card to your internal network and connect the other cable to the Access Point(should be X-over Cable). Use OpenVPN to close the bridge between the internal and external networks.

if someone cracks your WPA2 encryption so what. They wont crack an IPSec tunnel with a key lifetime of 60 minutes.

Dont trust others with your security trust only yourself.
because remember I dont have to be the most secure! Only more secure then you.

Notícias aleatórias II | Batutinhas Nerd Blog Says:
August 8th, 2006 at 3:45 pm

[…] How to crack a 128-bit wireless network in 30 seconds - /* sem comentários */ […]

David Magda Says:
August 8th, 2006 at 5:01 pm

If you want secure passwords use diceware to create them:

http://en.wikipedia.org/wiki/Diceware

You should use at least five dicewords for PSK:

http://en.wikipedia.org/wiki/Wi-Fi_Protected_Access#Security_in_pre-shared_key_mode

Maximum security is achieved in WPA-PSK using eight dicewords.

fake Says:
August 8th, 2006 at 7:23 pm

wpa and wep are worthless.

High T3ch Magazine Says:
August 8th, 2006 at 8:15 pm

[…] Official Link […]

Let’s Talk Tech ™ » Blog Archive » Why you shouldn’t use dictionary-based passwords for WEP keys. Says:
August 8th, 2006 at 10:17 pm

[…] WEP keys have recently been proven vulnerable to simple dictionary-based attacks by Shawn Hogan. Not that this is breaking news or anything, WEP keys have been vulnerable to WEP sniffing attacks for quite a while, but this new attack can allow an attacker to crack a dictionary-based WEP key in about 60 seconds, depending on the word. […]

Schizophreud Says:
August 8th, 2006 at 11:41 pm

Best ways to secure your wireless networks:

Live in the middle of nowhere.

Turn it off.

Aside from that the jump from WEP to WPA will slow people down but a persistent intruder will get in regardless.

marcom22 Says:
August 9th, 2006 at 12:40 am

Hi
This is not a good article on How to crack a protected WLAN.
I implemented with Server 2003 an IAS-Radius server with 802.1x AP capable and I logged all the connections through a Syslog server and the Event Viewer of Windows-IAS, nothing and anyone enter into my lan or AP from 6 months.

A good Article is those: http://www.tomshw.it/network.php?guide=20050518
Excuse for my poor English.

davon-lodb Says:
August 9th, 2006 at 9:52 am

yo that is sick……….i dont know much but i’m learning more every day.so that what up u just show me something……………..

thanks

Jacobo Castillo » Blog Archive » Como craquear, crack, hackear redes inalambricas de 128bits en 60 segundos Says:
August 9th, 2006 at 7:05 pm

[…] http://www.shawnhogan.com/2006/08/how-to-crack-128-bit-wireless-networks.html […]

Hacksafe IT Security Blog - penetration testing and vulnerability assessment, exploits, tools, news and analysis. | Blog Archive | How to crack a 128-bit wireless network in 60 seconds Says:
August 9th, 2006 at 7:14 pm

[…] VIDEO […]

Elios Says:
August 9th, 2006 at 9:04 pm

as said WPA2 + AES backed up with a RADIUS server and a strong random 63 chara passkey no one is getting in

Ned K Says:
August 9th, 2006 at 11:55 pm

The best way to secure your network is to have it hardwired, not wireless.

While any ding-dong with a laptop and wi-fi card can, given the desire and enough time, crack your wireless network from down the street, it’s a whole ‘nother matter for them to physically splice into your CAT5-e cables without committing felony burglary and risking getting caught.

So, unless you’re a genius inventor with a way of turning water into gasoline, or a political thought-criminal of the Bush Regime, you’re not going to have to worry about someone breaking into your house to place a covert node into your wired network. :p

Wired home networks are virtually immune to interference, covert tapping, or the other hassles associated with wi-fi.

Old school still rules! Wireless is for the lazy bastards who can’t be bothered with a little work with cables and crimpers.

Elron Says:
August 10th, 2006 at 12:33 am

A friend of mine with a network said this:

Two things that will stop this.

Don’t use WEP unless you are ASKING for your network to be cracked.
Don’t broadcast your SSID. That’s like saying “He’s the portcullus … try and break in”.

If you have WPA encrypytion and don’t broadcast your SSID, your saying “These’s a secret door somewhere in this dungeon …. try and find it. Oh, and by the way … the lock on that secret changes itself every 10 seconds”.

Comments?

Easily Amused » Wireless Networks and WEP insecurity Says:
August 10th, 2006 at 10:20 am

[…] Check out How to Crack 128-bit Wireless Networks in 60 Seconds. […]

Grrrr Says:
August 10th, 2006 at 3:16 pm

Its probably cheaper to put your wireless router on a switched power outlet….

I agree. You can’t keep a determined, resourceful hacker from piggybacking your wireless and you have no idea why they might be doing that…..

AC Says:
August 10th, 2006 at 10:20 pm

Ok.. so i saw this video and was like.. cooll.. i wanna try this.. so I followed the exact directions and used my macbook (need the r159 version) to give it a shot.. somehow kismac won’t let me do bruteforce or wordlist because ” I don’t have enough packets collected” or something like that. I have 1543 packets right now.. you only had a tenth of that… soo.. i have no idea how you got it to work at all..

Shawn Says:
August 10th, 2006 at 10:48 pm

I dunno to be honest, maybe it’s because mine’s an old Titanium laptop with an old 802.11b Airport or something… {shrug}

Brian Says:
August 11th, 2006 at 1:22 pm

Now that everyone has chipped their two cents on wireless security, could you tell me which GPS unit have you been using? I am a kisMAC user, and I have been scoping out a portable unit I can take out on my mountain bike, as well as being osx/kisMAC compatible.

Thanks!

anasazi Says:
August 12th, 2006 at 7:16 am

the new macbooks with the airport extreme wireless devices are not supported by kismac. they will scan for networks in active mode, but nothing more.

Terinea Tech Tips » Best Popurls.com Articles - 7th August 2006 Says:
August 12th, 2006 at 9:46 am

[…] How To Crack 128-bit Wireless Networks In 60 Seconds […]

rahul Says:
August 13th, 2006 at 10:58 am

hey i have many secured wireless networks near my place but i could not ge access to it what i shold do to use those secured wireless networks.

rahul Says:
August 13th, 2006 at 12:07 pm

I AM NOT A APLLE/ MAC USER I HAVE WINDOWS XP AND I AM NOT IN ABLE TO CONNECT TO THE SECURED WIFI CONNECTON NEAR MY PLACE WHAT I MUST DO , CAN YOU PLEASE HELP ME OUT T SOLVE THIS PROBLEM I HAVE ALREADY DOWNLOADED THIS KISMAC BUT I THINK IT IS FOR MAC/APPLE AND NNOT WORKING WITH MY WINDOWS SO CAN YOU SUGGEST ANY THING FOR MY COMPUTER

Julie Says:
August 13th, 2006 at 9:02 pm

you are cute…smile

How safe is your WiFi? at Ochblog Says:
August 14th, 2006 at 12:12 pm

[…] http://www.shawnhogan.com/2006/08/how-to-crack-128-bit-wireless-networks.html Posted in Uncategorized. […]

Dan Says:
August 14th, 2006 at 12:30 pm

I’m not sure what GPS unit he used, but I’ve successfully used a Garmin eTrex Vista with my iBook and Kismac. I have a Keyspan serial-USB converter and after installing the Keyspan drivers it shows right up.

forgetmenot-not Says:
August 15th, 2006 at 12:19 pm

I looked at cracking WEP a while back and it really takes Linux with two network cards. That means that “normal” people won’t be cracking your network–only those who are more tech savvy or they wouldn’t know Linux. That means if they WANT to crack into your security they WILL, no matter what.

But why waste time on your little home network that has letters to grandma? The serious crackers go after the companies where they can actually use the information they retrieve. And if they wanted to retrieve info from home networks, why not pick one of the millions of unsecured home networks out there you can find in any neighborhood?

That means you really only have to be concerned about the person who has a little bit of knowledge and wants to experiment. To keep those people out of your network, the above mentioned ideas will keep all the Windows and Macintosh users out–Hide the SSID, WPA, MAC Address Filtering, etc. These are available on most routers as standard options for the “normal” person and don’t take a lot of money and resources to set up.

Of course, if you’re stupid enough to use a simple password, then basic Macintosh programs like the one in the video will get through. You deserve whatever happens after that!

How To Crack 128-bit Wireless Networks In 60 Seconds at VishalArya Says:
August 18th, 2006 at 9:36 pm

[…] Source : http://www.shawnhogan.com by Shawn @ 1:32 am · filed under Tech Stuff […]

fueg0 Says:
August 24th, 2006 at 6:25 pm

Hi! I’m using MAC OS X Tiger 10.4.7 and D-Link DWL-122 with the driver 1.4.7 and Kismac is very slow in gathering packets. I was trying to crack my home network - WEP enabled and 802.11b
I disabled the firewall and such thing but Kismac is very very slow and sometimes crashes. Why is that?

Do I need to use the Airport too so I can gather more packets?
Please reply to my email or something like that.

Many thanks. /ibook g4 1ghz - tiger 10.4.7

Haber - Yaşam » 60 saniye de 128-bit wireless ağ nasıl kırılır? Says:
August 28th, 2006 at 1:38 pm

[…] Bu sitede bunun nasıl yapılabileceği video kaydıyla ve açıklayıcı bir anlatımla gösteriliyor.Videoyu buradanda izleyebilirsiniz. […]

Can Says:
August 29th, 2006 at 4:02 am

WEP has been cracked for a while now.

http://www.paketim.com/

EveryDigg » Blog Archive » How To Crack 128-bit Wireless Networks In 60 Seconds [inc Video] Says:
August 30th, 2006 at 7:09 am

[…] 128 bit WEP encryption secure? Think again! KisMAC + standard dictionary cracks two keys in under 60 seconds. "I’m not even sure if I want to run a wireless network anymore to be honest…"read more | digg story […]

Security » How To Crack 128-bit Wireless Networks In 60 Seconds [inc Video] Says:
September 1st, 2006 at 7:13 am

Blog ve Wolkanca.Com | 60 saniye de 128-bit wireless ağ nasıl kırılır? Says:
September 1st, 2006 at 4:51 pm

[…] bilgisayar Hack * Devamı ve detaylı anlatımı burada. Video indir bilgisayar, Hack […]

polymerx Says:
September 9th, 2006 at 9:04 am

How to get the ip address if the AP have disable the DHCP?

stanley Says:
September 13th, 2006 at 4:54 pm

Where can i download this file

Ginja Matt Says:
September 17th, 2006 at 4:07 am

So, i’m not the only one who is having problems with kismac on their reasonably new Macbooks. Has anyone out there managed to sort the problem or is there an update on the way? Or is it simply just a hardware problem that can’t be resolved? I’m new to the sexy world of Mac so any help would be appreciated.

tufui hfvjuy Says:
September 20th, 2006 at 11:57 am

i dont suppose kis(mac) will work on a pc will it?

tuco Says:
September 23rd, 2006 at 6:04 pm

For the hardy, get yourself a Soekris box (http://www.soekris.com/) and build your own router or wireless AP/router ( get compatible minipci wireless card at http://www.netgate.com). You can put a laptop hard drive in them but a compact flash installed with ram file system is better for running 24/7/375 but more challenging. Install OpenBSD and write your firewall rules to use authpf for authentication on the gateway.

Now, someone has to authenticate with ssh to your router or wifi AP before they can go anywhere. There are howto’s on the net. You can even direct non- authenticated users to a web server that comes with the default OpenBSD installation with a page telling them whatever you want.

Now you don’t have to worry about someone cracking your WEP. You can even have an open access point but put the wireless interface on a subnet isolated from your regular network. I just finished mine and it rocks!

Stevie Wonder Says:
October 11th, 2006 at 2:16 am

for all you n00bs have look at an ASCII to hex table and look at all the characters that arent in a dictionary

as a hint try

http://en.wikipedia.org/wiki/ASCII#ASCII_control_characters

these make really good characters to put into a hexidecimal version of your wep key

cos its impossible to type them into a form and thereby pretty hard to get them into a dictionary attack

try craking the following wep for example

7F:1C:00:08:11

I doubt that will take 60 seconds more like 24 hours on a brute force attack on a hard hitting dual processor machine

wep is aight if your choose your cipher well, even a blind man can see that

Psycode Says:
October 18th, 2006 at 6:42 am

Some people still seem to be missing the point that real “attacks” don’t count on dictionary files. It doesn’t matter if you use non printing chars in a situation where the key is still being sent over a public authentication system(airwaves) the key is not guessed, it is extracted from large volumes of reconnection attempts (or other network traffic) from clients (or spoofed to look like from valid clients) on the network. It is not heuristic or even statistical it is definite, it just takes time.
Thats my understanding anyway…

1221 Says:
October 25th, 2006 at 12:14 am

How To Crack RASPPPOE !?!?!?!?!?!

Mexico501 » Blog Archive » How To Crack 128-bit Wireless Networks In 60 Seconds [inc Video] Says:
October 25th, 2006 at 1:16 pm

[…] Page Summary: I just cracked my two 128-bit wireless networks in roughly 60 seconds from start to finish. Even as a relatively knowledgeable tech guy, this seems like utter insanity to me. It only allows the specified mac addresses on the wireless network, full stop. This effectively shuts down all Wifitraffic for good on the access point.read more | digg story […]

Terry Says:
November 13th, 2006 at 2:09 pm

I would like to know if you have a version of kismac for windows or somethig like it for xp?

IEEE:T Says:
November 21st, 2006 at 5:22 pm

what`s up

I have Wireless internet !

I am with some software get some Mac Address,
but How to running three Mac Address on one machine or more ? if you can make this tell me .

00:0F:00:A1:00:F0 –\
00:AA:00:1A:00:00 ——– > running one PC
00:AE:00:00:00:00 –/

Vlad Says:
November 29th, 2006 at 12:29 pm

that software run’s on mac’s only. how about windows? what software should i use?

WONToN Says:
December 8th, 2006 at 4:13 pm

above i believe i saw someone requesting the names of some windows cracking utilities, so i thought i’d make a list of the ones i have used:
cain&abel, lophtcrack,airsnort,aircrack,ettercap,ethereal
packet cap utils like ethereal aren’t crackers, but can be used
with crackers like cian, or lopht
note: cain has the option of using rainbow tables(precalc’d hashes) which are the 0wnage, period

i in no way promote the usage of windows, or mac, switch to slackware, unbuntu, gentoo, or somthin’

Frankie Says:
December 9th, 2006 at 10:56 pm

Quit whining about WEP. Everyone knows that it is weak.

Funny thing about WPA and MAC address protection on your networks. Unfortunately, it isn’t very secure. If you are using either Auditor or Backtrack, slackware based distributions of linux, you are capable of breaking into both. Anything can be broken, regardless of how strong we believe the encryption is, some just require more technical know-how.

However, your average home user shouldn’t worry about this kind of stuff. So what if your neighbor decides they want free Internet… rotating your WEP / WPA keys is a good idea anyway, just like any other password. Many people believe that MAC address selection is a safe-way to eliminate any hacker from entering your network. Unfortunately, the above mentioned distributions of linux are capable of detecting, deauthorizing, and spoofing known MAC addresses on the network.

Besides, if your goal is to break into Wifi on the road, understand that it is a crime to break in. “War Driving” as illegal as it may seem is not because it only identifies the networks, rather than trying to break in and authenticate yourself. If you have any cellphone company, consider saving yourself the time from actually learning how to operate your computer and get an EDGE enabled wireless card and have broadband speed Internet wherever you go, without the risk of breaking the law, or the effort.

To test the validity of this article, I attempted to break into my own network. To simulate a home environment, I turned off all but one of my computers on wireless and in about 10 minutes it is possible… remember this article assumes massive network traffic is continuous, which we know not to be the case in any wireless network that is not heavily populated. By using an active attack, (packet reinjection) after a suitable packet is found, it is possible to break a 128 bit WPA key in about 10 minutes, which utilized a “strong” password generator.

Face the facts, if you are worried about network security, unplug your computer.

Carsten Says:
December 10th, 2006 at 12:31 pm

@Frankie: Get real, breaking into Wi-Fi security has nothing to do with your linux distro. You can do this on all kind of linux flavors (Mac as well, as this post proves), and there exists plenty of different software and wifi chipsets to use. I tend to use the aircrack-ng suite, I’ve yet to see a 128 bit wep password I cannot break.

WPA is still considered pretty secure, but it is not uncrackable, instead of launching a full frontal attack on the crypto it is possible to de-authenticate users and record their authentication attempts and break it from there.

But of course it is illegal to break into other peoples Wi-Fi networks, that is why you should only try this on YOUR own net.

specter Says:
December 16th, 2006 at 4:11 pm

if you need wireless communication and want it to be secure i have an alternative. it is untested but! it should be easier to access than wired! harder to set up than wired! less secure than wired! require billions of times more maintenance than wired! cost thousands if not more dollars than wired! be much much slower than wired. corrupt far more data than wired!

USE A LASER BEAM!

Ghana Real Estate Says:
December 23rd, 2006 at 1:12 pm

Very Revealing.We are planing to implement a hotspot in our estate.what equipments do you recommend.Thanks.

ash Says:
January 11th, 2007 at 9:46 am

how do i start this kisMAC? where do i type the command? what EXACTLY do i type? ihave xp will it work? someone please give me a step by step instruction, very deatailed! PLEASE!!!!!i need to crack my neigbours WEP cus got no internet connection at my own house

Mavrik_stoner Says:
January 21st, 2007 at 3:39 am

ash thats kinda messed up asking the exact thing that everyone is tryin to protect against here.

Kbozid Says:
January 24th, 2007 at 6:48 am

is there any Version which can work under windows

Justin Says:
January 25th, 2007 at 10:50 pm

What exactly could you do to a computer once you crack the WEP?

Please e-mail me back
justinjames9000@hotmail.com

Would you be interested in helping me increase my security? I run a online game, And im searching around for someone to manage security

kingofthemountains@juno.com Says:
February 1st, 2007 at 12:10 pm

can please tell me the name of a program that is like the kismac by compatable with windows please please please please please please please please please !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

or email the name of the program to
kingofthemountians@juno.com

Please help me!!!!!!!!!

yk299 Says:
February 5th, 2007 at 6:32 am

MAC ADDRESS CLONING CAN EASILY GET AROUND A MAC FILTER THEREFORE IT CANNOT BE USED TO MAKE YOUR WIRELESS NETWORK ANY MORE SECURE.

Whitewolfwiggles Says:
February 8th, 2007 at 1:47 pm

Well what an interesting read this has been - Has made me look at wireless a little differently - However as I only read half the post dont know if anyone has suggested this for security… Firewall your wireless leave it as open as you like and handle the access past that point the only downside is somone could use you as a relay - Maybe you could use low lvl security for a deterant but ultimately dont rely on the AP for your security rely on a good firewall (free one like Pfsense on an old box - or even somthing with an imbedded firewall with captive portal abilities or https security access.. ) anyway thats my 2and a half cents worth look forward to seeing more posts.

Cheers

Mina Says:
February 10th, 2007 at 4:00 am

hey,
im having only windows XP and i wana crack a WPA network plz i need a reply…..

Dr Williams Says:
February 15th, 2007 at 5:36 am

Pls how do I crack a 128 wireless bit near my neighbourhood. I need a reply and my email address is as above

Jeremy Says:
February 22nd, 2007 at 12:12 am

Boy, there are a lot of stupids. Use XP/Ubuntu myself–the Windows user posts kill me (except for the obviously fake one or two =)

Couple things to get off my chest:

1. Whitewolfwiggles smokes Grade A crack cocaine.
2. Asking for help to crack is retarded and reminds of the Chiclet kids in Mexico. “Chiclet??” At least the kids are taking initiative!
3. The dungeon / trapdoor analogy was bizarre and I bet he plays D&D, WoW or both.
4. GPS question guy: knock it off and browse already!
5. My head is spinning as I’m reminded about how much money can be made by legitimate security engineers.
6. Is Shawn a shape-shifter or what?
7. Posting your email (and JUNO or Hotmail for crying out loud) address is brilliant, but asking for the “file” to be emailed to you is, eh, um… brillianter.

SHAMELESS PLUG: If you’re in Southern/Central California and require network auditing or infrastructure services, hit up my reputable limited-liability company at www.infynite.com! We’re located just north of Santa Barbara in Lompoc.

rajat Says:
February 26th, 2007 at 2:29 am

hey,
Pls how do I crack a 128 wireless bit near my neighbourhood

West Says:
February 28th, 2007 at 8:14 am

Hi guys
i am 17 years old and i do not know a lot about this w-lan shit
if anyone knows a link for cracking wep wit win xp
Pleaseee i need it
i have no intenet anymore because my grades at school are bad and i am a CSS ans WOW freak
Please i have to know how to crack my neighboors WEP
I have`nt played for 2 monthssss
And know they are selling WOW BC
and I have i Nightelf lvl 60 ………
PLEASSEEEEEEE

Suckerskiller Says:
March 1st, 2007 at 10:22 pm

nah nah nah…
attack a wireless wep - wpa is a kiddy thing… lets attack the router password of a wrt v23 sp2 box…

lets see whos the first wich write here the steps of a correct pass search!!!

Bruce Wong Says:
March 2nd, 2007 at 8:53 am

how to crack and hack WEP keys? can anyone teach me to do? or send a email to me…
im newbiez in computer security… i wanna learn more..

Cool Dude Says:
March 5th, 2007 at 1:07 pm

How do i crack neighbour’s wirless network. It is secured network. Any help?

Dipto Says:
March 17th, 2007 at 11:28 am

Iam using an hacked wirless network right now…hehe

Kial Says:
April 1st, 2007 at 8:03 am

Hello everybody! I was looking on internet for some information and programs in how to chack neighbours wireless. I found this web and I download the program Kismac 21a and kismac73p but I have a pc with XP, will this programs work in my computer? Is this safe, can someone help me in finding the right program? Thanks!

hackerpro Says:
April 4th, 2007 at 9:28 am

come on you noobs i have been cracking 128 and 256 for agesnow and wpa and the aes system for god sake are you guys and girls so lame as to think yoursafe ? bluetooth is another one to crack a peace of cake.

you bunch of retards if its broadcast it can be cracked and i will put money on any thing over 512 and beyond will only take me 1 hour tops. go on prove me wrong and i show you the doors. stuff the back door just go in the front door.

” it = idiot guys who bullshit for not knowing the facts
” itc = morons with a limited amount of knoledge and dont know the truth. as they are too scared to try it.

the safe way is a cable in one end out the other simple. no joints etc. ” pass the cup and sting ” computers dont trust technology ”

afidegnon Says:
April 4th, 2007 at 11:57 am

hi guys,

In our office, i have Motorolla Canopy Wireless, directly connected to our switch. the first time our ISP teledataict.com brought it, I can open it without a passowrd. but now, they changed the wireless device. with the same canopy wireless, I currently need to open ports so I can increase the download speed on emule.

My boss does not know much about networking, when I called our isp, he seriously rejected it, now, I still need to open the ports to allow me to download the files. on emule if some one can assist me please. the ISP has changed the password. I need your assistance on opening the router, I try brute forcing it but no result.

I thanks you all in advance you can contact me on afidegnum [at] yahoo.com

I have

dno Says:
April 15th, 2007 at 9:49 pm

For all of those asking about Windows, the OS doesn’t allow full monitor mode of the network card so this won’t work. There’s some custom drivers (commercial) that will allow auditing under Windows, but otherwise you’ll need to use a different OS (especially Linux-based).

Liquidmatrix Security Digest » Don’t quit your day job… Says:
April 20th, 2007 at 7:43 am

[…] Through a series of questions that would make Peter Falk proud, I determined that what had in fact occurred was not that the intrepid engineer had broken 128-bit SSLv3, but rather, had shown them the video of the 128-bit WEP key crack. […]

Simon Says:
April 29th, 2007 at 3:36 pm

If your password is like 10 - 20 characters long
with a combination of letters and number
and no dictionary words or names
you’ll be ok

Please help me secure my network - MacNN Forums Says:
April 30th, 2007 at 11:35 pm

[…] Last week I treated myself to a new macbook & blew the change I had on a Digital camera to keep it compnay. I’ve hada wireless router for a few years (linksys WAG354G) and never used it till now. It turns out it only offers 128bit WPA encryprion which can apparently be cracked in 69 seconds (see link) How To Crack 128-bit Wireless Networks In 60 Seconds I can’t really afford a new router just yet & even if I could I wouldn’t know which to get. I’m going to have to wait at least a month till I can upgrade. In the mean time I’m loving being able to surf the web on my macbook from anywhere in the house. I have wep on and have set the router to only allow the MAC address from teh macbook. I’m using complex passwords containing numbers, punctuation, upper & lowercase letters. Any ideas on what else I might be able to do to secure my network? Suggestions most welcome. […]

Miguel Says:
May 8th, 2007 at 10:38 am

i just installed KisMac on my Mac OS X 10.4.9 and every time i doubleclick on the application it loads, then quits unexpectedly……. any reason why it does this???? im a newby so dont really know a lot

Azmi Says:
May 9th, 2007 at 6:25 am

Hi, this is the file name : KisMAC.dmg how do i install it on my Win xp ?

Mavrik_stoner Says:
April 8th, 2008 at 5:15 pm

I just happened back across this site and see that not much has changed in the power of the morons. I myself am a noob and i still don’t wine this much!!! Just look the stuff up, its not that hard. Google.com-great place to start. By the way look before you download the f****** file. Wrong OS. And really getting a job to pay for Internet isn’t that hard. LOL pick up a shovel or rake.

Shawn Hogan Fan Club

Sunday, August 6th, 2006Sunday, August 6th, 2006

How To Crack 128-bit Wireless Networks In 60 Seconds

150 Responses to “How To Crack 128-bit Wireless Networks In 60 Seconds”

Leave a Reply

AuthorAuthor

SearchSearch

ArchivesArchives

CategoriesCategories