Menu
homeErrors

Encryption wpa2 aes. How reliable is it? What is a WPA key or password

There are many dangerous risks associated with wireless protocols and encryption methods. Thus, a robust structure of various protocols is used to minimize them wireless security. These wireless security protocols provide prevention of unauthorized access to computers by encrypting transmitted data in wireless network.

Difference between WPA2, WPA, WEP Wi-Fi protocols

Most points wireless access have the option to enable one of three wireless encryption standards:

  1. WEP (Wired Equivalent Privacy)
  2. WPA2

WEP or Wired Equivalent Privacy

The first wireless security network was WEP or Wired Equivalent Privacy protocol. It started with 64-bit encryption (weak) and eventually went all the way to 256-bit encryption (strong). The most popular implementation in routers is still 128-bit encryption (in-between). This was considered as a possible solution until security researchers discovered several vulnerabilities in it, allowing hackers to crack the WEP key within minutes. He used CRC or Cyclic Redundancy Check.

WPA or Wi-Fi Protected Access

To overcome the shortcomings of WEP, WPA was developed as new standard security for wireless protocols. To ensure message integrity, he used integrity protocolTKIP or Temporal Key Integrity. This was different from WEP in some ways, which used CRC or Cyclic Redundancy Check. TKIP was thought to be much stronger than CRC. Its use ensured that each data packet was transmitted using a unique encryption key. The key combination increased the difficulty of decoding the keys and thereby reduced the number of intrusions from outside. However, like WEP, WPA also had a disadvantage. Thus, WPA was extended in WPA 2.

WPA2

WPA 2 is currently recognized as the most secure protocol. One of the most important changes visible between WPA and WPA2 is the mandatory use of algorithms AES (Advanced Encryption Standard) and introduction CCMP (Counter Cipher Mode with Blockchain Authentication Code Protocol) as a replacement for TKIP. CCM mode combines Confidentiality Mode (CTR) and Chain Code Authentication (CBC-MAC) for authentication. These modes have been widely studied and appear to have well-understood cryptographic properties that provide good security and performance in software or hardware to date.

Today many have Wi-Fi at home router. After all, wirelessly it is much easier to connect to the Internet a laptop, a tablet, and a smartphone, of which there are more than people in every family. And it (the router) is essentially the gateway to the information universe. Read the front door. And it depends on this door whether an uninvited guest will come to you without your permission. Therefore, it is very important to pay attention correct setting router so that your wireless network is not vulnerable.

I don’t think I need to remind you that hiding the access point’s SSID does not protect you. Restricting access by MAC address not effective. Therefore, only modern encryption methods and a complex password.

Why encrypt? Who needs me? I have nothing to hide

It’s not so scary if they steal the PIN code from your credit card and withdraw all the money from it. Moreover, if someone surfs the Internet at your expense, knowing the Wi-Fi password. And it’s not so scary if they publish your photos from corporate parties where you look unsightly. It’s much more offensive when attackers get into your computer and delete photos of how you picked up your son from the maternity hospital, how he took his first steps and went to first grade. Backups are a separate topic, of course they need to be done... But over time, your reputation can be restored, you can earn money, but the photographs that are dear to you are no longer there. I think everyone has something that they don't want to lose.
Your router is a border device between private and public, so make sure it is fully protected. Moreover, it is not so difficult.

Encryption technologies and algorithms

I'm leaving out the theory. It doesn’t matter how it works, the main thing is to know how to use it.
Wireless security technologies developed in the following chronological order: WEP, WPA, WPA2. Encryption methods RC4, TKIP, AES have also evolved.
The best in terms of security today is the WPA2-AES combination. This is exactly how you should try to configure Wi-Fi. It should look something like this:

WPA2 has been mandatory since March 16, 2006. But sometimes you can still find equipment that does not support it. In particular, if you have Windows XP installed on your computer without the 3rd service pack, then WPA2 will not work. Therefore, for reasons of compatibility, on routers you can find configuration options WPA2-PSK -> AES+TKIP and another menagerie.
But if your fleet of devices is modern, then it is better to use WPA2 (WPA2-PSK) -> AES, as the most secure option today.

What is the difference between WPA(WPA2) and WPA-PSK(WPA2-PSK)

The WPA standard provides the Extensible Authentication Protocol (EAP) as the basis for the user authentication mechanism. An indispensable condition for authentication is the user's presentation of a certificate (otherwise called a credential) confirming his right to access the network. To obtain this right, the user is verified against a special database of registered users. Without authentication, the user will be prohibited from using the network. The registered user base and verification system in large networks are usually located on a special server (most often RADIUS).
Simplified Pre-Shared Key mode (WPA-PSK, WPA2-PSK) allows you to use one password, which is stored directly in the router. On the one hand, everything is simplified, there is no need to create and maintain a user base, on the other hand, everyone logs in with the same password.
At home, it is more advisable to use WPA2-PSK, that is, the simplified mode of the WPA standard. Wi-Fi security does not suffer from this simplification.

Wi-Fi access password

Everything is simple here. The password for your wireless access point (router) must be more than 8 characters and contain letters in different case, numbers, and punctuation marks. And he should not be associated with you in any way. This means that dates of birth, your names, car numbers, phone numbers, etc. cannot be used as a password.
Since it is almost impossible to break WPA2-AES head-on (there were only a couple of cases simulated in laboratory conditions), the main methods of cracking WPA2 are a dictionary attack and brute force (sequential search of all password options). Therefore, the more complex the password, the less chance attackers have.

... in the USSR, automatic storage lockers became widespread at railway stations. The lock code was one letter and three numbers. However, few people know that the first version of storage lockers used 4 digits as a code combination. It would seem what's the difference? After all, the number of code combinations is the same - 10,000 (ten thousand). But as practice has shown (especially the Moscow Criminal Investigation Department), when a person was asked to use a combination of 4 digits as a password to a storage locker cell, a lot of people used their year of birth (so as not to forget). What the attackers used quite successfully. After all, the first two digits in the date of birth of the absolute majority of the country's population were known - 19. All that remains is to determine by eye the approximate age of the baggage check-in person, and any of us can do this with an accuracy of +/- 3 years, and the remainder we get (more precisely, the attackers) is less 10 combinations for selecting an access code to an automatic storage locker...

Most popular password

Human laziness and irresponsibility take their toll. Here is a list of the most popular passwords:

  1. 123456
  2. qwerty
  3. 111111
  4. 123123
  5. 1a2b3c
  6. Date of Birth
  7. Cell phone number

Security rules when creating a password

  1. To each his own. That is, the router password should not match any other password you have. From mail, for example. Make it a rule that all accounts have their own passwords and they are all different.
  2. Use strong passwords that cannot be guessed. For example: 2Rk7-kw8Q11vlOp0

The Wi-Fi password has one huge advantage. You don't need to remember it. You can write it on a piece of paper and stick it to the bottom of the router.

Guest Wi-Fi zone

If your router allows you to organize a guest area. Then be sure to do it. Naturally protecting it with WPA2 and a strong password. And now, when friends come to your home and ask for Internet access, you don’t have to tell them your main password. Moreover, the guest zone in routers is isolated from the main network. And any problems with your guests' devices will not affect your home network.

Prologue
Wi-Fi is now available in almost every apartment. Invisible threads of wireless channels entangled megacities and villages, houses and dachas, garages and offices. Despite the apparent security (“what, I set the password?!”), cunning workers dark side IT somehow bypasses all of your protections and brazenly breaks into your private wireless property, feeling right at home there. At the same time, for many ordinary users this technology remains a mystery, passed on from one generation of hackers to another. On the Internet, you can find dozens of fragmentary articles and hundreds of instructions on how to hack Wi-Fi; sufferers are invited to watch a training video with the selection of the password “qwerty123”, but I have not yet seen a full-fledged guide, as they say, “from and to” on this topic. Which is exactly what I decided to make up for.
Chapter 1. Look for who benefits
Let's figure out why respectable (and not so respectable) citizens are trying to hack their neighbor's Wi-Fi? So, there could be several reasons for this:

  1. Free internet. Yes, yes, thousands of schoolchildren, even in the era of Fido and modem connections fifteen years ago, unsuccessfully searched in search engines for that same magical “Internet cracker,” downloading tons of Trojans and other evil spirits to their personal computers. Free access to the Internet was the ultimate dream of an entire generation. Now the situation has changed significantly, cheap unlimited tariffs are available almost everywhere, but it won’t hurt anyone to have a spare channel in reserve around the clock in case your provider temporarily glues the fins together. In addition, there are often situations like “look, he has a wider channel than I will,” which also seems to hint at the usefulness of what is happening.
  2. Travelers (and sailors in particular). When Wi-Fi in a hotel costs 5 euros per hour, and communication with the Motherland is needed constantly and preferably in the room and for free, you feel the practical value of broken Wi-Fi more acutely than ever. I don’t think this needs any unnecessary comments.
  3. Sniffing the victim’s traffic and subsequent hacking of mail accounts, social networks, asec and other hooliganism. Having the Wi-Fi password in hand, we have the opportunity to decrypt all traffic transmitted over the air, including authentication sessions on different sites, cookies and much more tasty things.
  4. Industrial espionage. Currently, office Wi-Fi, quickly set up by a crooked administrator, is for a savvy person just the main entrance to the organization’s LAN, and there you can find oh so many interesting things, from basic sniffing of mail and asec to secret documents in shared folders and file dumps.
  5. Pentesting (from the English penetration testing - penetration testing). Pentesters are essentially the same hackers (and often that’s what they are), but they act on the orders and with the consent of the network owner. Their tasks include checking the network’s security and resistance to penetration from the outside (or disruption of its operation from within). Considering the cost of this type of service, it is unlikely that your neighbor will hire such a specialist (unless, of course, he is an oligarch), but among owners of large and medium-sized businesses who are concerned about the security of the IT structures of their enterprises, the demand for such services is very high.

Having taken a quick look at the entire list of reasons and weighed all the pros and cons, you can safely proceed... no, not to the practical part and not to water procedures, but first to theoretical preparation.
Chapter 2. WEP, WPA, HMAC, PBKDF2 and many other scary words
At the dawn of the development of wireless access, back in 1997, British scientists somehow did not bother too much with security issues, naively believing that 40-bit WEP encryption with a static key would be more than enough, LOL. But malicious hackers, together with talented mathematicians (our compatriot Andrei Pyshkin was also noted among them, which is nice) quickly figured out what was what, and networks protected even by a long WEP key of as much as 104 bits soon for some reason began to be equated with open ones . However, with the development of computer literacy among the common population, finding a WEP network has now become almost more difficult than an open one, so we will focus on the more common (i.e., ubiquitous) WPA/WPA2.
The main misconception of the working class is “I use WPA2, it can’t be hacked.” In life everything turns out to be completely different. The fact is that the authentication procedure (this scary word means checking that the client is “their own”) of a wireless network client in both WPA and WPA2 is divided into two large subtypes - simplified for personal use (WPA-PSK, PreShared Key, i.e. password authorization) and full-fledged for enterprise wireless networks (WPA-Enterprise, or WPA-EAP). The second option involves using special server authorization (most often this is RADIUS) and, to the credit of the developers, has no obvious security problems. The same cannot be said about the simplified “personal” version. After all, the password set by the user is usually permanent (remember the last time you changed the password on your Wi-Fi and is transmitted, albeit in a distorted form, over the air, which means it can be heard not only by those for whom it is intended. Of course, the developers WPA took into account the bitter experience of implementing WEP and stuffed the authorization procedure with various cool dynamic algorithms that prevent an ordinary hacker from quickly reading the password “over the air.” In particular, it is not the password itself that is transmitted over the air from a laptop (or whatever you have) to the access point. and some digital mess (hackers and their sympathizers call this process “handshake”, from the English handshake - “handshake”), obtained as a result of chewing a long random number, password and network name (ESSID) using a pair of computationally complex iterative algorithms PBKDF2 and HMAC (PBKDF2 was especially distinguished, consisting in sequentially performing four thousand hash transformations on the password + ESSID combination. Obviously, the main goal of the WPA developers was to make life as difficult as possible for hackers and to exclude the possibility of quickly brute-force guessing a password, because this would require PBKDF2 calculations). /HMAC-convolutions for each password option, which, given the computational complexity of these algorithms and the number of possible combinations of characters in the password (and there are them, i.e. characters, a WPA password can be from 8 to 63), will last exactly until the next big bang, or even longer. However, taking into account the love of inexperienced users for passwords like “12345678”, in the case of WPA-PSK (and therefore with WPA2-PSK, see above), a so-called dictionary attack is quite possible, which consists of searching through the pre-prepared most frequently occurring ones. several billion passwords, and if suddenly a PBKDF2/HMAC convolution with one of them gives exactly the same answer as in the intercepted handshake - bingo! We have the password.
All of the above matan could not be read; the most important thing will be written in the next sentence. To successfully crack WPA/WPA2-PSK, you need to catch a high-quality record of the key exchange procedure between the client and the access point (“handshake”), know the exact name of the network (ESSID) and use a dictionary attack, unless of course we want to grow old before we finish the brute force though would be all password combinations starting with “a”. These stages will be discussed in subsequent chapters.
Chapter 3. From theory to practice.
Well, having accumulated a fair amount of theoretical knowledge, let’s move on to practical exercises. To do this, we first determine what we need from the hardware and what software needs to be loaded into this same hardware.
Even the deadest netbook will do to intercept handshakes. All that is required of it is a free USB port for connecting the “correct” Wi-Fi adapter (you can, of course, catch it with the built-in one, but this is only if you attack your dorm neighbor, since the weak signal of the built-in adapter and its incomprehensible antenna are unlikely to penetrate at least one normal concrete wall, not to mention a couple of hundred meters to the victim, which it is very advisable to withstand so as not to burn. good advantage A netbook can be lightweight (if you have to work on the go) and have a long battery life. To solve the problem of selecting a password, the computing power of a netbook (and even a full-fledged laptop) will no longer be enough, but we will talk about this a little later; now we need to focus on the handshake and methods of catching it.
Just above I mentioned the “correct” Wi-Fi adapter. Why is he so “correct”? First of all, it must have an external antenna with a gain of at least 3 dBi, preferably 5-7 dBi, connected via a connector (this will allow, if necessary, to connect an external directional antenna instead of the standard pin and thereby significantly increase the killing distance to the victim), output signal power the adapter must be at least 500 mW (or 27 dBm, which is the same thing). It’s also not worth chasing too much after the power of the adapter, since the success of intercepting a handshake depends not only on how loudly we shout into the air, but also on how well we can hear the victim’s response, and this is usually an ordinary laptop (or even worse, a smartphone) with all the shortcomings of its built-in Wi-Fi.
Among wardrivers of all generations, the most “correct” are adapters from the Taiwanese company ALPHA Network, for example AWUS036H or similar. In addition to the alpha, products from TP-LINK are quite functional, for example the TL-WN7200ND, although it costs half as much as the alpha, and there are thousands of models from other manufacturers that are as similar to each other as two peas in a pod, fortunately there are not that many Wi-Fi chipsets in nature and more.


So we’ve sorted out the hardware, the laptop is charged and ready for exploits, and the necessary adapter has been purchased at the nearest computer store. Now a few words about the software.
Historically, the most common operating system on our laptops has been and remains Windows. This is the main problem with the wardriver. The fact is that most kosher adapters (or rather their chipsets) do not have normal Windows drivers supporting vital functions - monitoring mode and packet injection, which turns the laptop into a potential victim, but not into a hunter for handshakes. To be fair, it is worth noting that some chips are still supported by the CommView Windows program, which is very popular in narrow circles, but the list of them is so poor compared to the cost of the program itself (or the remorse of downloading a stolen version), which immediately completely discourages the desire to do “this” under Windows . At the same time, a solution has long been invented, and without compromising the health of your laptop - this is a special BackTrack Linux distribution, in which the maintainers carefully packed not only all the Wi-Fi chipset drivers we need with all sorts of tricky functions, but also full set utilities of the aircrack-ng package (which will soon be very useful to us), and many other useful things.
So, let's download current version BackTrack 5R1 (hereinafter referred to as BT5 or generally just BT, since we will have to return to this name more than once): http://www.backtrack-linux.org/downloads/
It is not at all necessary to register, we select a window manager of our choice (WM Flavor - Gnome or KDE), the architecture of our laptop (most likely 32-bit), Image - ISO (we don’t need any virtual machines), and the download method - directly (Direct) or via a torrent tracker (Torrent). The distribution is a Live-DVD image, i.e. boot disk, so you can simply cut it into a blank and boot, or spend a little more time and calories and make a bootable flash drive using this utility: Universal USB Installer (download here: www.pendrivelinux.com). The obvious beauty of the second solution is that you can create a permanent partition on a flash drive with the ability to save files, which will come in handy in the future. I will not dwell in detail on the creation process itself. bootable flash drive, I’ll just say that it is desirable that its volume be at least 4 GB.
We insert the flash drive (disk, or whatever you got) into the laptop and boot from it. Voila, we have a scary and terrible (but actually terribly beautiful) BT5 desktop! (When asked for a username and password, enter root and toor respectively. If the desktop does not appear, give the startx command. If it does not appear again, then it is not your destiny to work in Linux, smoke the manuals).


BackTrack: Finish him!
So, everything has loaded perfectly, we begin to study what we have where. First, let's find our Wi-Fi adapter; to do this, open a command line window (Terminal or Konsole, depending on the type of window manager) and give the command
Code:

root@bt:~# iwconfig wlan0 IEEE 802.11abgn ESSID:off/any Mode:Managed Access Point: Not-Associated Tx-Power=14 dBm Retry long limit:7 RTS thr:off Fragment thr:off Encryption key:off Power Management :off wlan1 IEEE 802.11bgn ESSID:off/any Mode:Managed Access Point: Not-Associated Tx-Power=20 dBm Retry long limit:7 RTS thr:off Fragment thr:off Encryption key:off Power Management:off

Great, our adapter is visible as wlan1 (wlan0 is a built-in laptop adapter, you can completely disable it so as not to interfere). Transfer wlan1 from Managed mode to Monitor mode:
Code:

root@bt:~# airmon-ng start wlan1

and look what happened:
Code:

root@bt:~# iwconfig wlan0 IEEE 802.11abgn ESSID:off/any Mode:Managed Access Point: Not-Associated Tx-Power=14 dBm Retry long limit:7 RTS thr:off Fragment thr:off Encryption key:off Power Management :off wlan1 IEEE 802.11bgn Mode:Monitor Tx-Power=20 dBm Retry long limit:7 RTS thr:off Fragment thr:off Power Management:off

Just great, but why is the TX-Power parameter (transmit power) only 20 dBm? We have a 27 dBm adapter? Let's try to add power (the main thing here is not to overdo it):
Code:

root@bt:~# iwconfig wlan1 txpower 27 Error for wireless request “Set Tx Power” (8B26) : SET failed on device wlan1 ; Invalid argument.

And here the first disappointment befalls us - it is impossible to set the power to more than 20 dBm! This is prohibited by law in many countries, but not Bolivia! It would seem that Bolivia has something to do with it, but:
Code:

root@bt:~# iw reg set BO root@bt:~# iwconfig wlan1 txpower 27

... and everything goes smoothly, Bolivia helped us a lot, thank you for that.
What do we have on at this stage? Our powerful Wi-Fi adapter is configured for maximum power in monitor mode and waits for orders on the mon0 interface. It's time to look around and listen to the broadcast. It's very simple:
Code:

root@bt:~# airodump-ng mon0

Now all attention is on the screen!


The network with WEP is circled in red - a rarity these days.
In the left top corner you can see how channels are scanned (if you need to fix a channel, you need to call airodump-ng with the –channel key<номера каналов через запятую>), then there is a table of found networks indicating (from left to right): BSSID (MAC address of the network), signal reception level in dBm (depends on the sensitivity of the receiver, on good adapters -80 dBm is a completely normal level), number of received Beacon frames ( these are broadcast packets carrying information about the network), the number of received data packets and the reception speed (packets per second), the channel on which the access point is broadcasting, the speed of the access point in megabits, the type of authentication (OPN - open network, WEP, WPA, WPA2), encryption type, magic letters PSK in the case of WPA/WPA2 (details are described above in Chapter 2) and, finally, the name of the network, that is, its ESSID.
Just below the main table is a table of current client associations to points. Looking ahead, I note that it is also important, since it can be used to determine the activity and MAC addresses of clients for their subsequent deassociation.
From the picture above it follows that we have something to catch - there are both access points and clients with good signal. All that remains is to select a victim (so that the file does not swell too much, you can record packets from only one access point by giving the –bssid key or limiting the channels as indicated just above) and give the command to write packets to a file by adding the -w switch to the call<префикс названия файла>. Important: if you booted from a DVD, you must record the file with packages to an external flash drive or hard drive, having previously mounted them with the mount command:
Code:

root@bt:~# mkdir /mnt root@bt:~# mount /dev/sda1 /mnt root@bt:~# cd /mnt

where /dev/sda1 is the device file external flash drive(you can find where the flash drive was picked up in your case by rummaging through the output of the dmesg command).
For example, let's run airodump-ng to record packets from only one network from the list to the testcap.cap file:
Code:

root@bt:~# airodump-ng –bssid a0:21:b7:a0:71:3c -w testcap mon0

Now you can pour a cup of coffee and chew a sandwich while waiting until the next client wants to cling to the access point and give us the coveted handshake. By the way, after receiving a handshake, a warning message will appear in the upper right corner: WPA handshake: A0:21:B7:A0:71:3C. That's it, the job is done, and you can move on to the next chapter.
When all the sandwiches are eaten, there is no more coffee and there is still no handshake, a bright thought comes to mind that it would be nice to hurry the client up with a handshake. To do this, the aircrack-ng package includes special utility, which allows you to send requests to clients to deassociate (disconnect) from the access point, after which the client will want to connect again, which is exactly what we are waiting for. This utility is called aireplay-ng and you need to run it in a separate window in parallel with the launch of airodump-ng so that you can simultaneously record the results of the work. Let's start deassociation:
Code:

root@bt:~# aireplay-ng –deauth 5 -a a0:21:b7:a0:71:3c -c 00:24:2b:6d:3f:d5 wlan1

where it is obvious that we are conducting 5 deassociation sessions of client 00:24:2b:6d:3f:d5 from the access point with BSSID a0:21:b7:a0:71:3c (we took the client address from the lower airodump-ng association table, you don’t have to specify it at all, then the deassociation will be carried out by a broadcast request, which is not as efficient as we would like).
After carrying out such a procedure (and nothing prevents us from repeating it one more time, just in case), the likelihood of catching a handshake increases significantly.
Now the most important thing. Everything described above was described for educational purposes only. And all because the aircrack-ng kit includes such a wonderful utility as besside-ng, which automatic mode does all the above operations, cracks WEP itself and saves WPA handshakes in a separate file. Launching this utility is incredibly simple:
Code:

root@bt:~# besside-ng mon0

And it's all! Having given this magic command, you can now just sit and watch the results of its vigorous activity, rejoicing at all the handshakes coming and coming (they are saved in current folder to the wpa.cap file, and the log is written to the besside.log file). Passwords from WEP networks hacked by besside-ng can also be found in its log.
Well, as a result of the enormous work done, we have accumulated *.cap files containing handshakes and we can safely move on to chapter four. But let’s still see what we caught and evaluate the quality of the handshakes.
You can quickly assess whether there are handshakes in a file using the simple call aircrack-ng:
Code:

aircrack-ng<имя файла>

If there is a handshake, aircrack-ng will show the BSSID, ESSID and number of handshakes for each network:


aircrack-ng sees linksys handshake, bro
However, I mentioned above that using aircrack-ng you can only assess the presence of a handshake, and this is not without reason. The fact is that aircrack-ng is not a good EAPOL parser and can easily show the presence of a handshake where there is none (or, more precisely, it is there, but not working). Let's dive deeper into the jungle of EAPOL packets with using Wireshark(Lazy and not very curious readers can skip their precious time and skip straight to Chapter 4).
Open our *.cap file in Wireshark and set the expression
Code:

(eapol || wlan.fc.type_subtype == 0×08) && not malformed

as a filter to see among the piles of garbage only the packages that interest us.


Here they are, handshakes
So what do we see? The first packet in the list is a Beacon frame, which carries information about the wireless network. It is there and indicates that the network is called 'dlink'. It happens that the Beacon frame is missing in the file, then to carry out an attack we must know the ESSID of the network for certain, taking into account the fact that it is case sensitive (yes, 'dlink', 'Dlink' and 'DLINK' are three different ESSIDs!) and , for example, may contain spaces in unexpected places, such as at the end. By specifying the wrong ESSID for the attack in this case, we are doomed to failure - the password will not be found even if it is in the dictionary! So the presence of a Beacon frame in a file with a handshake is an obvious plus.
Next in the file are the key EAPOL packets, which make up the handshake itself. In general, a full-fledged EAPOL handshake should contain four consecutive packets, from msg (1/4) to msg (4/4), but in in this case We were not too lucky; we managed to intercept only the first two pairs, consisting of msg (1/4) and msg (2/4). The beauty is that it is in them that all the information about the WPA-PSK password hash is transmitted and they are the ones needed to carry out the attack.
Let's take a closer look at the first pair msg(1/4) and msg(2/4) (circled in red). In them, the access point (Station) 02:22:B0:02:22:B0 transmits a random number ANonce to the client (Client) 00:18:DE:00:18:DE in the first EAPOL handshake packet and receives back SNonce and MIC, calculated by the client based on the received ANonce. But pay attention to the time interval between msg (1/4) and msg (2/4) - it is almost a whole second. This is a lot, and it is quite possible that the msg (1/4) and msg (2/4) packets belong to different handshakes (which will definitely lead to the inability to guess the password even if it is in the dictionary), and not having msg control packets intercepted ( 3/4) and msg (4/4) it is impossible to check this. Therefore, the first handshake is of very dubious quality, although it looks quite valid.
Fortunately, in this case we have another pair of packets msg (1/4) and msg (2/4) with a time interval of only 50 milliseconds between them. This most likely indicates that they belong to the same handshake, so we will choose them for attack. Let’s mark the Beacon frame and these packets by right-clicking and selecting Mark packet (toggle) and save them to a new file by selecting the ‘Save As...’ menu item and not forgetting to check the Marked packets box:

Let's preserve what we have acquired through backbreaking labor!
In conclusion of the chapter, I would like to note that for an attack it is still recommended to use “full-fledged” handshakes that have a Beacon frame and the entire sequence of EAPOL packets from the first to the fourth. To do this, your Wi-Fi equipment must “hear” both the access point and the client very well. Unfortunately, in real life this is not always possible, so you have to make compromises and try to “revive” half-dead handshakes manually, as was demonstrated above.
Chapter 4. From a handshake to a password.
The attentive reader has long understood that hacking WPA, even in the presence of a handshake and direct hands of the attacker, is akin to a lottery, organized by the owner of the access point who assigns the password. Now, having a more or less high-quality handshake in hand, our next task is to guess this very password, i.e. essentially winning the lottery. It’s a no brainer that no one can guarantee a favorable outcome, but inexorable statistics show that at least 20% of WPA networks are successfully hacked, so don’t despair, let’s get to work, friends! First of all, you need to prepare a dictionary. A WPA dictionary is a regular text file containing one possible password in each line. Given the WPA standard password requirements, possible passwords must have a minimum of 8 and a maximum of 63 characters and can only consist of numbers, Latin letters upper and lower case and special characters like!@#$%, etc. (by the way, this alphabet is considered quite extensive). And if with lower limit The length of the password is clear (at least 8 characters and a period), but from the top it’s not so simple. Cracking a 63-character password using a dictionary is a completely pointless task, so it’s quite reasonable to limit yourself to maximum length The password in the dictionary is 14-16 characters. A high-quality dictionary (for which a success rate of 20% is estimated) weighs more than 2 GB and contains about 250 million possible passwords with a length in the specified range of 8-16 characters. What should be included in these possible password combinations? Firstly, definitely, the entire eight-digit digital range, which, according to statistics, accounts for almost half of all disclosed passwords. After all, various dates fit perfectly into 8 digits, for example 05121988. A full digital eight-digit number has 10^8 = 100 million combinations, which in itself is quite a lot. In addition, the wardriver’s combat dictionary must necessarily include the words most often used as passwords, for example internet, password, qwertyuiop, names, etc., as well as their mutations with popular password extender suffixes (the sole leader in this area is of course the suffix 123). Those. If the diana password is too short to comply with the WPA standard, a resourceful user in most cases will add it to diana123, thereby increasing (in his experienced opinion) the password's secrecy. There are also several dozen such popular suffixes known. If you assemble a dictionary yourself, you can Google keywords wpa wordlist and download a ready-made dictionary (don’t forget about targeting, because it would be quite naive to hope for success by running a Chinese handshake through a Russian dictionary and vice versa) or look for a suitable one in this thread.

and this is how you can use crunch to create various combinations of basic words
Having prepared some kind of dictionary (let’s call it wordlist.txt for clarity), we proceed directly to password selection. Launch aircrack-ng with the following parameters:
Code:

root@bt:~# aircrack-ng -e -b -w wordlist.txt testcap.cap


Hooray! The dictionary password was found in 3 seconds! (if only it were that simple...)
In the screenshot above, aircrack-ng found the password (and it was the word dictionary) in just 3 seconds. To do this, he tried 3,740 possible passwords at a speed of 1,039 passwords per second. Everything would be fine, but here the attentive reader should strain quite a bit, because earlier we talked about a dictionary of 250 million possible passwords! A quick calculation: 250*10^6 divided by 1039 and we get... about 240 thousand seconds, which is 66 hours, which is almost three days! This is exactly how long it will take your laptop to process a basic 2GB dictionary (unless of course you are lucky and the password is found somewhere in the middle of the process). Such gigantic time intervals are dictated by the low speed of calculations due to the high computational complexity inherent in the authentication procedure WPA algorithms. What can we say about large dictionaries, for example, a full digital nine-digit character already contains 900 million combinations and will require a couple of weeks of calculations to make sure that (at a minimum) the password is not found
Such a loser situation could not help but bother the inquisitive minds of the hackers, and soon a solution was found. GPUs were used for streaming computing. GPU (Graphic Processing Unit) is the heart of your 3D accelerator, a chip with hundreds (and even thousands) of stream processors that allows you to distribute numerous but elementary password hashing operations and thereby speed up the search process by orders of magnitude. In order not to be unfounded, I will say that the overclocked ATI RADEON HD 5870 is capable of achieving a speed of 100,000 passwords per second, and this is already a noticeable (two orders of magnitude) leap forward compared to aircrack-ng.


Monster ATI RADEON 6990 – 3000 shaders, 165,000 WPA passwords per second. Who is bigger?
Of course, such figures are typical only for top-end ATI RADEON adapters (NVIDIA, with its CUDA technology, is still frankly inferior to ATI in terms of WPA enumeration speed due to the obvious architectural advantages of the latter). But everything has to be paid for good adapter costs good money, and it consumes a lot of energy. In addition, you need to very carefully monitor the overclocking and cooling of the GPU, without succumbing to the provocations of true gamers who push their adapters until artifacts appear on the screen. After all, for them, artifacts (and in fact, hardware errors of GPU calculators due to operation at extreme frequencies) are only fleeting debris on the screen, but for us they are fraught with a missed password.
As part of this article for beginners, I probably won’t go deep into the jungle of setting up the ATI SDK and pyrit for Linux (I’ll just note that this is a bit of a hassle), because this would be worthy of a separate article (of which there are many on the Internet), and the target audience, namely the happy owners of top-end Radeons, is not so large, and they can easily find the necessary material on their own.
Paradoxically, Windows is best suited for guessing WPA passwords using the GPU. The fact is that video adapter drivers play a significant role in this process, the Windows versions of which developers pay much more attention to than drivers for Linux and other operating systems, and this is no coincidence, because they focus mainly on the needs of gamers. Two programs can select a WPA password for Windows - the commercial Elcomsoft Wireless Security Auditor (or simply EWSA) and the console utility hashcat-plus from the hashcat by Atom package (to the general joy of Windows users, it also has a GUI, or simply put, a separate window interface). We will consider the use of these particular programs further, and at the same time compare their quality characteristics, and specifically this will be the search speed that each of them will develop under equal conditions, namely on the same computer with the same drivers and the same and the same dictionary.
You need to start with searching and installing latest version drivers for your video card (or at least make sure that you already have the latest version installed). Adherents of green video adapters should visit www.nvidia.com, while red ones go the old fashioned way at www.ati.com, where by selecting your GPU model from the list you can download drivers for your Windows versions. I won’t pay much attention to the driver installation procedure; you’ve probably already done this before, and more than once.
EWSA can be found (and purchased) on the developers website - www.elcomsoft.com, just keep in mind that the free trial version is rumored to not show the found password (the normal “trial” version can be found here, just remember to delete it from your computer after trying it) . Installing and configuring EWSA should not cause much trouble, you can immediately select the Russian language in the menu, in the GPU settings, make sure that your GPUs are visible to the program and selected by checkboxes (if the GPUs are not visible in the list, you clearly have a problem with the drivers), and also specify program your dictionaries in the dictionary settings.

Let's harness all the horses...
Click “Import data -> Import TCPDUMP file” and select the *.cap file with a handshake (the program will check them and offer to mark those that we want to attack), after which you can safely click “Launch attack -> Dictionary attack”:


EWSA otakue (what a speed...)
In this test, EWSA showed a speed of only 135,000 passwords per second, although based on the hardware configuration I expected to see a figure of at least 350 thousand.
Let's compare the work of EWSA with its real life free competitor– hashcat-plus. Download the full set of hashcat-gui (which already includes the console hashcat-plus) from the author’s website and unpack the archive to a convenient place (no installation required). Launch hashcat-gui32.exe or hashcat-gui64.exe depending on Windows bit depth and answer the first question of which GPU we will use - NVidia (CUDA) or ATI RADEON (the CPU only option obviously will not suit us).
When the main program window appears, go to the oclHashcat-plus tab (or cudaHashcat-plus in the case of NVidia). There is one subtlety here - hashcat cannot parse EAPOL handshakes (not at all), and requires you to give it WPA hashes “on a silver platter” in its own *.hccap format. You can convert regular *.cap to *.hccap using the patched aircrack-ng utility, but don’t download BT again for such a trifle! To our general joy, the hashcat developer has made a convenient online converter, just upload your *.cap file with a handshake there and specify the ESSID, if there is a handshake in the file, you will receive a *.hccap ready for attack.
Let's move on - we indicate to the program our *.hccap file as the Hash file for the attack, add dictionary files to the Word lists window (you can use the arrows to set the desired order of their passage), select WPA/WPA2 as the Hash type and click on Start.

A console window should appear with the launch of the selected hashcat-plus version with a bunch of parameters, and if everything is in order, the utility will start working. During the calculation process, you can display the current status by pressing the 's' key, pause the process by pressing 'p' or interrupt it by pressing 'q'. If hashcat-plus suddenly finds a password, it will definitely familiarize you with it.


The result is 392,000 passwords per second! And this agrees very well with the theoretical expected speed based on the system configuration.
I am not a strong supporter or opponent of EWSA or hashcat-plus. However this test convincingly shows that hashcat-plus is much more scalable when using multiple GPUs simultaneously. The choice is yours.

With the spread of wireless networks, the WPA and WPA2 encryption protocols have become known to almost all owners of devices connecting to Wi-Fi. They are indicated in the connection properties, and the attention of most users who are not system administrators, attract a minimum. It is quite enough to know that WPA2 is an evolution of WPA, and therefore WPA2 is newer and more suitable for modern networks.

WPA is an encryption protocol designed to protect wireless networks of the IEEE 802.11 standard, developed by the Wi-Fi Alliance in 2003 as a replacement for the outdated and insecure WEP protocol.
WPA2- an encryption protocol that is an improved development of WPA, introduced in 2004 by the Wi-Fi Alliance.

Difference between WPA and WPA2

Finding the difference between WPA and WPA2 is not relevant for most users, since all wireless network protection comes down to choosing a more or less complex access password. Today the situation is such that all devices operating in Wi-Fi networks are required to support WPA2, so the choice of WPA can only be determined by non-standard situations. Eg, OS older than Windows XP SP3 do not support WPA2 without applying patches, so machines and devices managed by such systems require the attention of a network administrator. Even some modern smartphones may not support the new encryption protocol, this mainly applies to off-brand Asian gadgets. On the other hand, some versions of Windows older than XP do not support WPA2 at the object level group policy, so in this case they require more fine tuning network connections.
The technical difference between WPA and WPA2 is the encryption technology, in particular, the protocols used. WPA uses the TKIP protocol, WPA2 uses the AES protocol. In practice, this means that the more modern WPA2 provides a higher degree of network security. For example, the TKIP protocol allows you to create an authentication key up to 128 bits in size, AES - up to 256 bits.

TheDifference.ru determined that the difference between WPA2 and WPA is as follows:

WPA2 is an improvement over WPA.
WPA2 uses the AES protocol, WPA uses the TKIP protocol.
WPA2 is supported by all modern wireless devices.
WPA2 may not be supported by older operating systems.
WPA2 is more secure than WPA.

Security in Wi-Fi networks has been constantly improved since its inception. wireless technology. Recently, it has developed so much that almost all modern routers are protected from possible attacks by strong passwords, complex methods encryption, built-in firewalls and many other means of protection against intruders. But what happens if the encryption algorithms that have so far made Wi-Fi one of the most secure protocols are broken?

This is exactly what happened in the fall of 2017, when Belgian researchers from the University of Leuven found several critical vulnerabilities in the WPA2 protocol and published a detailed report about it. WPA2 protocol is used to protect most Wi-Fi networks in the world and is considered the most reliable security tool available for mass use.

How to protect your data if Wi-Fi no longer guarantees security?

The fact that WPA has been hacked is alarming news that affects many electronic devices, however, there is no cause for alarm.

Essentially, researchers have found a vulnerability in the Wi-Fi protocol that makes wireless traffic potentially susceptible to eavesdropping by attackers. In other words, anyone can use this flaw in network security to spy on other people’s actions on the Internet, steal credit card numbers, passwords, intercept messages in instant messengers, etc.

Fortunately, manufacturers of many gadgets have already managed to improve and finalize their devices, eliminating the found vulnerability. And besides, WPA2 is far from the only wall protection between the hacker and the personal data of users.

To hack someone else's Wi-Fi, an attacker, firstly, needs to position his receiving antenna within range of the radio channel, and secondly, most of the information on the Internet is transmitted in encrypted form, and the hacker will not be able to read it in any case.


The https protocol, which most web servers run on, adds an extra layer of security to your connection, just like using a VPN service.

That's why you should always remember the padlock icon in your browser's address bar. If the small padlock is not displayed there, it means that the site does not use the https protocol, and all information entered into forms, including passwords, may be accessible to third parties.

That's why before you send your home address or payment details anywhere, you should always make sure there is a padlock in the address bar.

Almost immediately after the news of the Wi-Fi protocol vulnerability, all leading software developers released corresponding patches for their products. For example, Microsoft released an update for Windows in October 2017. Apple also patched its macOS and iOS operating systems around the same time.

Google released an update for Android in November, so every owner of a device running this platform should check the About section in their phone or tablet's settings to find out when it was released. Last update security systems. If it was performed before November, and the phone has Android 6 or an earlier version of the OS, then an update must be made.

Which wireless security standard should you prefer?

Wireless routers can use a wide range of different protocols to encrypt data. Here are the three main standards that most home and office routers work with:

1.Wired Equivalent Privacy (WEP): This protocol was introduced in 1997 immediately after the development of the 802.11 Wi-Fi standard; Currently, WEP is considered insecure and since 2003 it has been replaced by WPA information security technology with the TKIP encryption method.

2. Temporal Key Integrity Protocol (TKIP). This standard is also obsolete and is gradually falling out of use. But unlike WEP, it can still be found in the firmware of many models of modern equipment.

3.Advanced Encryption Standard (AES). This standard was introduced immediately after TKIP in 2004, along with the updated and improved WPA2 connection certification system. Routers that work specifically with this technology should be given preference when choosing new network equipment. Gadgets connected to a wireless network must also support AES in order to interact properly with such routers. Despite the vulnerability mentioned above, WPA2 is still considered the best Wi-Fi security method. Currently, router manufacturers and ISPs typically use WPA2 as a standard; some of them use a combination of WPA2 and WPA to do possible job with the widest range of wireless gadgets.

IN technical documentation You can also sometimes see the letters PSK attached to routers, which stand for Pre-Shared-Key or Personal Shared Key. When given a choice, it is always better to give preference to models with WPA2-PSK (AES) instead of WPA2-PSK (TKIP), but if some older gadgets cannot connect to the router, then you can go for WPA2-PSK (TKIP). TKIP technology uses the modern WPA2 encryption method, leaving older devices that depend on TKIP the ability to connect to wireless routers.

How to secure your Wi-Fi

Disabling WPS

WPS stands for Wi-Fi Protected Setup, is a standard and at the same time a protocol that was created to make setting up wireless connections easier. Despite its practicality and functionality, this solution contains a serious flaw: the eight-digit PIN code, consisting only of numbers, is easily broken by primitive guessing methods, and this creates a convenient starting point for hackers who want to take over someone else's Wi-Fi.

To find out whether it is used or not wireless router WPS protocol, you need to take a closer look at the box in which it comes: WPS support is indicated by the presence of a special logo on the packaging and a separate physical button on the device body. From the point of view of protection against hacking, it is better to disable this protocol and never use it.

After you have successfully logged into the panel using the native password set by the manufacturer or received from your Internet service provider, you can see the section for changing the administrator login or password. Many routers come with primitive passwords and logins like 'admin' and 'password', which, of course, need to be changed to normal ones. A complex password will make hacking the router and accessing its admin panel almost impossible for unauthorized persons.