has been known to be broken for a very long time now and there are around half a dozen cryptographic attacks (FMS, Klien, PTW etc) which allow an attacker to crack a WEP network's key in under 5 minutes. Still, most home users and even some enterprises (retail chains using hand-held scanners) rely on WEP heavily for security. In most cases, the naive user is unaware of the insecurities in WEP and thus ends up having a false sense of security by using it.
In this video, Myownremote
(myownremote  googlemail  com) demos how to break a WEP network and own the WLAN Router. He first monitors the air using Airodump-ng to find a vulnerable wireless router using WEP and a connected Client. He then uses the Airreplay-ng utility to increase traffic between the wireless router and the Client. This provides him enough WEP encrypted packets to crack the key using Aircrack-ng. Once the key is cracked, he connects to the wireless network and obtains an IP address via DHCP. In almost all cases, the gateway IP address sent via DHCP is the router's IP address. Now Myownremote breaks into the router by using the default password for the router (you can find the default passwords on the router manufacturer's site).
It's important to note here that even though in this case the default password worked, most users, even if they change the password, choose short and predictable dictionary based passwords. In a majority of these cases, it would take nothing more than a couple of hours to break this password using a HTTP basic authentication brute force password cracker such as Hydra
! Also, the WEP key is cracked, the attacker can now decrypt the encrypted traffic and snoop at what the victim is doing!
This is a recommended watch for wireless hackers! Thanks go out to Myownremote for submitting this video to SecurityTube. You can visit this blog
for more interesting articles on security and hacking.
Tags: tools ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.