WIFI PENTESTING : HACK WPA/WPA2-PSK USING AIRCRACK-NG [DICTIONARY ATTACK]
Wi-Fi Protected Access (WPA) and Wi-Fi Protected Access II (WPA2) are two security protocols to secure wireless computer networks. WPA was developed as a replacement to broken Wired Equivalent Privacy (WEP) in 2003, as WEP can be bypassed very easily and effectively using various methods.
WPA uses RC4 stream cipher based Temporal Key Integrity Protocol (TKIP) to ensure that each data packet is transmitted with a unique encyption key, thereby preventing the types of attacks that compromised WEP. However, a flaw has been discovered on TKIP based WPA which relies on chopchop attack used in WEP cracking. TKIP is much stronger than a cyclic redundancy check algorithm (CRC) used in WEP, but not as strong as the Counter Mode Cipher Block Chaining Message Authentication Code Protocol, Counter Mode CBC-MAC Protocol (CCMP) algorithm used in WPA2.
WPA2 uses Advanced Encryption Standard (AES) block cipher based CCMP. It is stronger than TKIP in both privacy and integrity.
Authentication modes :
1. WPS mode
2. Personal mode
3. Enterprise mode
WPS mode has already been discussed and exploited in previous video. Here is the link in case you missed it https://youtu.be/7XYt5-FeB7U
PERSONAL or PSK mode was designed for home and small office networks. This mode use a 256 bit key to encrypt the network traffic, which is a string of 64 hexadecimal digits or a passphrase of 8 to 63 printable ASCII characters. If ASCII characters are used, the 256 bit key is calculated by applying the PBKDF2 key derivation function to the passphrase, using the SSID as the salt and 4096 iterations of HMAC-SHA1. Personal mode is available in both WPA and WPA2, which is the topic of this video. The authentication takes place by a 4-way handshake in both PSK and Enterprise mode. Initial authentication is done using PSK or EAP exchange to ensure the client is authenticated to the access point (AP). After PSK authentication a secret shared key is generated called Pairwise Master Key (PMK). The PSK is derived from a password that is put through PBKDF2-SHA1 as the cryptographic hash function. In a pre-shared-key network, the PSK is actually the PMK. For AP and client exchanging encrypted data, both need to have the right key(s) installed. Each time a client (Supplicant) associates to an AP (Authenticator), new Pairwise Temporal/Transient Key (PTK) is generated, which is unique for each connected client. In case of Broadcast and Multicast frames, all clients use the same Groupwise Temporal Key (GTK) that don’t require a new generation for each association. The function to generate a Pairwise Temporal Key (PTK) is known as a Pseudo Random Function (PRF):
PTK = PRF(PMK + ANonce + SNonce + APMAC + SMAC)
Nonce is number used once and are pseudo random numbers. Anonce and Snonce are AP and STA (client or station) nonces respectively. APMAC and SMAC are MAC addresses of AP and STA respectively.
The 4-way handshake takes place as follows :
1. The AP sends Anonce to the client or STA.
2. The client sends the SNonce to the AP protected by a cryptographic hash (HMAC-SHA1) called Message Integrity Code (MIC) for integrity of this message. The message also includes the Robust Security Network Information Element (RSN IE).
3. The AP constructs and sends the GTK and a sequence number together with another MIC.
4. The Supplicant acknowledges the installation of PTK and GTK afterwards, encrypted Unicast and Broadcast/Multicast transmission can start now.
Using aircrack along with a dictionary or crunch bruteforce can take from fews minutes to lifetime to crack the passkey. However, the things can be accelerated using rainbow tables, precomputed hashes, GPU power. A long random alphanumeric password containing upper and lower case letters and special characters is beyond the of computation power available till now. However no one uses such passwords instead people use passwords which are easy to remember, and hence are vulnerable to such attacks. So, in order to speeed up the cracking process what we do is that we use precomputed hashes, and hence saving the conversion time required to hash all words in a wordlist. Rainbow tables come up with precomputed hashes for most commonly used SSIDs. Remember two different SSIDs with same password will produce different hashes. So in order to use rainbow table against captured hash one must ensure first the target network's SSID is present in most commonly used 1000 SSIDs list. In case your SSID is not present in that list then you cant create your own rainbow table using tools like RainbOwCrack. We can make our own hashes for a partical SSID using genpmk and testing the created hashes against captured hash using another tool called cowpatty. In order to use GPU power we can use tools loke oclHashCat, which uses GPU power along with CPU power to crack the wifi key. I am going to cover all these topics in coming tutorials.
Video tutorial :
WPA uses RC4 stream cipher based Temporal Key Integrity Protocol (TKIP) to ensure that each data packet is transmitted with a unique encyption key, thereby preventing the types of attacks that compromised WEP. However, a flaw has been discovered on TKIP based WPA which relies on chopchop attack used in WEP cracking. TKIP is much stronger than a cyclic redundancy check algorithm (CRC) used in WEP, but not as strong as the Counter Mode Cipher Block Chaining Message Authentication Code Protocol, Counter Mode CBC-MAC Protocol (CCMP) algorithm used in WPA2.
WPA2 uses Advanced Encryption Standard (AES) block cipher based CCMP. It is stronger than TKIP in both privacy and integrity.
Authentication modes :
1. WPS mode
2. Personal mode
3. Enterprise mode
WPS mode has already been discussed and exploited in previous video. Here is the link in case you missed it https://youtu.be/7XYt5-FeB7U
PERSONAL or PSK mode was designed for home and small office networks. This mode use a 256 bit key to encrypt the network traffic, which is a string of 64 hexadecimal digits or a passphrase of 8 to 63 printable ASCII characters. If ASCII characters are used, the 256 bit key is calculated by applying the PBKDF2 key derivation function to the passphrase, using the SSID as the salt and 4096 iterations of HMAC-SHA1. Personal mode is available in both WPA and WPA2, which is the topic of this video. The authentication takes place by a 4-way handshake in both PSK and Enterprise mode. Initial authentication is done using PSK or EAP exchange to ensure the client is authenticated to the access point (AP). After PSK authentication a secret shared key is generated called Pairwise Master Key (PMK). The PSK is derived from a password that is put through PBKDF2-SHA1 as the cryptographic hash function. In a pre-shared-key network, the PSK is actually the PMK. For AP and client exchanging encrypted data, both need to have the right key(s) installed. Each time a client (Supplicant) associates to an AP (Authenticator), new Pairwise Temporal/Transient Key (PTK) is generated, which is unique for each connected client. In case of Broadcast and Multicast frames, all clients use the same Groupwise Temporal Key (GTK) that don’t require a new generation for each association. The function to generate a Pairwise Temporal Key (PTK) is known as a Pseudo Random Function (PRF):
PTK = PRF(PMK + ANonce + SNonce + APMAC + SMAC)
Nonce is number used once and are pseudo random numbers. Anonce and Snonce are AP and STA (client or station) nonces respectively. APMAC and SMAC are MAC addresses of AP and STA respectively.
The 4-way handshake takes place as follows :
1. The AP sends Anonce to the client or STA.
2. The client sends the SNonce to the AP protected by a cryptographic hash (HMAC-SHA1) called Message Integrity Code (MIC) for integrity of this message. The message also includes the Robust Security Network Information Element (RSN IE).
3. The AP constructs and sends the GTK and a sequence number together with another MIC.
4. The Supplicant acknowledges the installation of PTK and GTK afterwards, encrypted Unicast and Broadcast/Multicast transmission can start now.
Using aircrack along with a dictionary or crunch bruteforce can take from fews minutes to lifetime to crack the passkey. However, the things can be accelerated using rainbow tables, precomputed hashes, GPU power. A long random alphanumeric password containing upper and lower case letters and special characters is beyond the of computation power available till now. However no one uses such passwords instead people use passwords which are easy to remember, and hence are vulnerable to such attacks. So, in order to speeed up the cracking process what we do is that we use precomputed hashes, and hence saving the conversion time required to hash all words in a wordlist. Rainbow tables come up with precomputed hashes for most commonly used SSIDs. Remember two different SSIDs with same password will produce different hashes. So in order to use rainbow table against captured hash one must ensure first the target network's SSID is present in most commonly used 1000 SSIDs list. In case your SSID is not present in that list then you cant create your own rainbow table using tools like RainbOwCrack. We can make our own hashes for a partical SSID using genpmk and testing the created hashes against captured hash using another tool called cowpatty. In order to use GPU power we can use tools loke oclHashCat, which uses GPU power along with CPU power to crack the wifi key. I am going to cover all these topics in coming tutorials.
Video tutorial :
Comments
Post a Comment