. 802.11b Wireless Security presentation posted
|
|
|
|
. h1kari to present at san diego regional infowatch
|
|
David Hulton () will be presenting at the San Diego Regional Infowatch (SDRIW) this month on Wireless Security. His talk will provide a basic overview of common attacks and defenses as well as specifics involved in exploiting, cracking, and defending wireless networks using bsd-airtools. He will also explain how the various wep-based crypto attacks work and how the improvements outlined in "Practical Exploitation of RC4 Weaknesses in WEP Environments" can make wep cracking more realistic. SDRIW will be held on Monday, March 18th.
 San Diego Regional Infowatch
bsd-airtools projects
|
|
. bsd-airtools v0.2 released
|
|
bsd-airtools v0.2 has finally been released. it includes support for most of the new wep cracking optimizations as outlined in "Practical Exploitation of RC4 Weaknesses in WEP Environments" and some improvements to dstumbler that allow for partial detection of 40-bit encryption with weped networks by analyzing the keyid field of wep encrypted packets. Take a look, check it out, let me know if there's any problems.
bsd-airtools projects
|
|
. Practical Exploitation of RC4 Weaknesses in WEP Environments
|
|
This document will give a brief background on 802.11b based WEP weaknesses and outline a few additional flaws in rc4 that stem off of the concepts outlined in "Weaknesses in the Key Scheduling Algorithm of RC4" (FMS) and "Using the Fluhrer, Mantin, and Shamir Attack to Break WEP" (SIR) and describes specific methods that will allow you to optimize key recovery. This document is provided as a conceptual supplement to dweputils, a wep auditing toolset, which is part of the bsd-airtools package provided by Dachb0den Labs. The basic goal of the article is to provide technical details on how to effectively implement the FMS attack so that it works efficiently with both a small amount of iv collection time as well as cracking and processing time and to provide details on how other pseudo random generation algorithm (prga) output bytes reveal key information.
Practical Exploitation of RC4 Weaknesses in WEP Environments
bsd-airtools projects
|
|
. dweputils v0.1 released
|
|
I'm happy to announce that airsnort has finally been removed from the cvs tree.. Instead, we now have dweputils, a multi-purpose wep cracking suite that I've put together over the past week.. dweputils consists of 3 main tools: dwepcrack, dwepdump, and dwepkeygen. dwepdump can be used for collection of packets for both brute forcing as well as the weak ksa attack, dwepkeygen can generate secure 40-bit wep keys that aren't vulnerable to the 2^21 attack, and dwepcrack is an all-purpose cracker that supports brute forcing (for cracking the entire keyspace as well as the 2^21 crack that Tim Newsham uses in wep_tools) as well as the weak ksa attack and cracking using a wordfile. In addition, dwepcrack has smp (multi-processing) support for all of it's cracking features. If you try it out, please post comments to the bat mailing list.
bsd-airtools projects
bsd-airtools mailing list
|
|
|
|
|
