by There is a linux based operating system called BackTrack which is specifically designed to test the security of wireless networks, home networks and corporate networks, as well as being used to retrieve lost passwords and basically test how secure everything on your computer/network is.
Now, the tools on Backtrack, which were designed for good, are also being used by people to gain access to their neighbours wifi! It can also be used on a netbook to engage in an activity known as "war driving" where the netbook owner drives around until he finds a suitable wireless network, and then proceeds to crack the password and gain entry on to your network.
BackTrack comes preconfigured to do all this, all you do is pick the wireless network you want and away it goes. If you use WEP, your wireless can be cracked in 2 minutes flat, using a tool called SpoonWEP, once the MAC address of the wireless router is provided. This can be gotten instantaneously with Kismet or the aircrack-ng tools.
WPA is different though. To hack WPA, you need to capture whats called a "4-way handshake". This occurs when the owner logs on to the wireless router. Obviously, they'll have the password stored in their profile so when they log on, and if someone is listening, this logon sequence gets captured.
However, its not as simple as just opening the file you just captured and looking at the password in plain text. The password is encrypted with irreversible encryption. So, how does one get this password? Here's how:
First, you need a dictionary file. A dictionary file is basically just a list of words in a file. You use the tools to encrypt every word in this dictionary file, one by one, and compare the encrypted word to the encrypted password you captured. If they match, then you know thats the password. This is called a "brute force" attack, coz its basically just a "throw everything ya got at it!" sorta method!
One point of note here though is that if the password for the wirelss router is not in the dictionary file, then it will not be cracked. Many dictionary files are just copy and pasted from actual dictionarys so if your password is something like "watermelon" then it will be in the dictionary and will be cracked. However, if your password is something strange like "water123melon456" then it will be very hard to crack since where will you find a file that contains "water123melon456"??
Some hacker nerds over in Asia have recently come out and said they've cracked WPA without a dictionary "brute force" attack! Heres the link:
http://www.theregister.co.uk/2009/08/28/wpa_60sec/
So, if you want to secure your wireless from hackers, dont use WEP ever! Use WPA2 and use a password that you wouldnt find in a dictionay, or list of sports team, or list of TV characters from The Simpsons or whatever, coz ya never know whos compiled a list of them for use against your wireless network!!
News
Site map
SitemapIndex
RSS Feed