Server Help

Trash Talk - WEP Key cracker (Windows)
BDwinsAlt - Sat Feb 03, 2007 2:57 pm
Post subject: WEP Key cracker (Windows)
I've been looking around and I've found a lot of cool WEP tools. I was wondering if there were any tools for WINDOWS that would allow me to crack the key to a wireless network. My connection is secured, it requires a 10 digit key to logon. I was wonderingn if there is a program that tries a bunch of keys until it cracks it.

Example:
0000000000
0000000001
0000000002

Then keep trying until it guesses the correct key, or something similar.

I've seen some tools for linux, but I don't want to boot linux each time I go wardriving.

Currently the tools I have are:
1. Cain
2. Wireshark
3. NetStumbler
4. SoftPerfect Network Protocol Analyzer
5. LanSearch Pro
6. Networx
7. Brutus

That's all I have right now. I need something to simply crack the WEP allowing me to gain access to use their wireless connection.

Again, I enter a 10 digit number to logon to mine, I need something to crack someone else's key so if I'm not at home I can easily get online.

Thanks.
Mine GO BOOM - Sat Feb 03, 2007 3:04 pm
Post subject: Re: WEP Key cracker (Windows)
BDwinsAlt wrote:
I need something to crack someone else's key so if I'm not at home I can easily get online.

You do understand that you are asking us to assist you in doing something that is illegal in the United States, correct?
BDwinsAlt - Sat Feb 03, 2007 3:22 pm
Post subject:
Oh it's illegal. Well um I guess not then. Just thought it would be cool. icon_confused.gif
Bak - Sat Feb 03, 2007 4:45 pm
Post subject:
the cracking programs for WEP don't try all possible keys, they listen to traffic and use weaknesses in the WEP algorithm to find the key... You could probably boot up knoppix if you don't want to install linux, I think it can come with such a program.

There are 10^16 possible keys = 1099511627776 different combinations. Checking one per second you'd need over 34,000 years to try them all.
CypherJF - Sat Feb 03, 2007 6:03 pm
Post subject:
Why would you need a WEP cracker anyway?
D1st0rt - Sun Feb 04, 2007 3:33 am
Post subject:
So private wireless routers don't stop him from wardriving
Cerium - Sun Feb 04, 2007 3:41 am
Post subject:
Ahh... the joys of being a minor...

BD, how the hell did you NOT think it was illegal? Seriously.
Mine GO BOOM - Sun Feb 04, 2007 5:44 am
Post subject:
D1st0rt wrote:
So private wireless routers don't stop him from wardriving

Wardriving is finding, detecting, and usually recording wireless devices. There is nothing illegal or wrong about that. Using someone else's devices without their permission, especially if they try to lock you out in the first pace, is illegal. Unless their SSID is "FreeInternet" you should not log into their wireless network without asking the owner for permission.

The reason no one has done this for Windows is because there is no demand for it. If a company sold the software for this, they would be sued.
D1st0rt - Sun Feb 04, 2007 12:58 pm
Post subject:
My bad, I was under the impression it was going around finding and then USING them.
Smong - Tue Feb 06, 2007 5:34 am
Post subject:
Doesn't it take something like 2 weeks to recover a key, and that's with a high traffic network too.
Anonymous - Thu Feb 08, 2007 8:04 am
Post subject:
Using a WPA instead of WEP helps some people out due to the lack of security... but usually what some people will do if they are smart is they will have it set so it's SSID burst is turned off and MAC filtered so you the only computers who will 'see' the router will be those that are added to the list. Otherwise it's invisible to most computers.
Mine GO BOOM - Thu Feb 08, 2007 1:57 pm
Post subject:
Anonymous wrote:
it's SSID burst is turned off and MAC filtered

Both of which are completely useless. The quickest article I could find on this is The six dumbest ways to secure a wireless network, but that is a ZDNet article, which are not very reliable when it comes to tech news. But, his talk about SSID/MAC are correct, they take very little time to break, as both are sent in the clear over even an encrypted connection.
George Ou wrote:
MAC filtering: This is like handing a security guard a pad of paper with a list of names. Then when someone comes up to the door and wants entry, the security guard looks at the person’s name tag and compares it to his list of names and determines whether to open the door or not. Do you see a problem here? All someone needs to do is watch an authorized person go in and forge a name tag with that person’s name. The comparison to a wireless LAN here is that the name tag is the MAC address. The MAC address is just a 12 digit long HEX number that can be viewed in clear text with a sniffer. A sniffer to a hacker is like a hammer to a carpenter except the sniffer is free. Once the MAC address is seen in the clear, it takes about 10 seconds to cut-paste a legitimate MAC address in to the wireless Ethernet adapter settings and the whole scheme is defeated. MAC filtering is absolutely worthless since it is one of the easiest schemes to attack. The shocking thing is that so many large organizations still waste the time to implement these things. The bottom line is, MAC filtering takes the most effort to manage with zero ROI (return on investment) in terms of security gain.

SSID hiding: There is no such thing as "SSID hiding". You’re only hiding SSID beaconing on the Access Point. There are 4 other mechanisms that also broadcast the SSID over the 2.4 or 5 GHz spectrum. The 4 mechanisms are; probe requests, probe responses, association requests, and re-association requests. Essentially, youre talking about hiding 1 of 5 SSID broadcast mechanisms. Nothing is hidden and all youve achieved is cause problems for Wi-Fi roaming when a client jumps from AP to AP. Hidden SSIDs also makes wireless LANs less user friendly. You dont need to take my word for it. Just ask Robert Moskowitz who is the Senior Technical Director of ICSA Labs in his white paper Debunking the myth of SSID hiding.

Either use WPA/WPA2, use WEP and assume that someone can break it and use firewalls/passwords everywhere on your network, or don't enable any encryption and firewall everything except a VPN connection to be able to do anything.
Animate Dreams - Fri Feb 09, 2007 11:45 am
Post subject:
About the Mac address thing... it takes 10 seconds to allow a new MAC address in the network settings? Is the time spent cracking the admin password to modify network settings included in that 10 seconds? ...And if you can modify network settings anyway, why do you need to bother spoofing your Mac address in the first place? There's got to be something I'm missing....
Bak - Fri Feb 09, 2007 12:40 pm
Post subject:
he means change your own MAC address to one that was allowed in, not change the list of ones that are allowed in.
All times are -5 GMT
View topic
Powered by phpBB 2.0 .0.11 © 2001 phpBB Group