Cracking WEP and Breaking into the Wireless Router

WEP has been known to be broken for a very long time now and there are around half a dozen cryptographic attacks (FMS, Klien, PTW etc) which allow an attacker to crack a WEP network's key in under 5 minutes. Still, most home users and even some enterprises (retail  chains using hand-held scanners) rely on WEP heavily for security. In most cases, the naive user is unaware of the insecurities in WEP and thus ends up having a false sense of security by using it.

In this video, Myownremote (myownremote [] googlemail [] com) demos how to break a WEP network and own the WLAN Router. He first monitors the air using Airodump-ng to find a vulnerable wireless router using WEP and a connected Client. He then uses the Airreplay-ng utility to increase traffic between the wireless router and the Client. This provides him enough WEP encrypted packets to crack the key using Aircrack-ng. Once the key is cracked, he connects to the wireless network and obtains an IP address via DHCP. In almost all cases, the gateway IP address sent via DHCP is the router's IP address. Now Myownremote breaks into the router by using the default password for the router (you can find the default passwords on the router manufacturer's site).

It's important to note here that even though in this case the default password worked, most users, even if they change the password, choose short and predictable dictionary based passwords. In a majority of these cases, it would take nothing more than a couple of hours to break this password using a HTTP basic authentication brute force password cracker such as Hydra! Also, the WEP key is cracked, the attacker can now decrypt the encrypted traffic and snoop at what the victim is doing!

This is a recommended watch for wireless hackers! Thanks go out to Myownremote for submitting this video to SecurityTube. You can visit this blog for more interesting articles on security and hacking.

Vivek Ramachandran is a security evangelist and has been working in computer security related fields for the past 7 years. In 2007, Vivek spoke at world renowned conferences Defcon (WEP Cloaking Exposed) and Toorcon (The Caffe Latte Attack). The discovery of the Caffe Latte Attack was covered by CBS5 news, BBC online, Network World etc news agencies.In 2006, Vivek was announced as one of winners of the Microsoft Security Shootout contest held in India among 65,000 participants. He has also been a recipient of a Team Achievement at Cisco Systems for his work on 802.1x and Port Security modules on the Catalyst 6500 switches. Currently he spends all of his time maintaining Security- Freak.Net , SecurityTube.Net and is the co-founder of Axonize. Vivek, is a Bachelor in Electronics and Communications Engineering from the prestigious Indian Institute of Technology, Guwahati.You can contact him at vivek[at]securitytube.net