IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [wep]

Wired Equivalent Privacy (WEP) is a security protocol for 802.11-based wireless networks.

Wired Equivalent Privacy (WEP) is a security protocol for 802.11-based wireless networks. WEP uses the RC4 stream cipher. The protocol is now known to be flawed, and breaking into networks that use it is considered trivial.

78 questions
2
votes
1 answer

How to find a wep key inside a pcap file with only 2 IV?

I have a pcap file that contains 3 packets. I need to find a WEP key inside these packets. These packets contains only two IV. It's not a live attack so I can't try brute force.
user163054
2
votes
2 answers

Data sniffing on a WEP 128-bit encryption

I am relatively new to cybersecurity and hacking and I aim to learn ethical hacking as a passion alongside my mainstream education(Electrical Engineering). My setup: I have set up my very own WEP WiFi network(intentionally made vulnerable by setting…
Kathir
  • 121
  • 4
2
votes
3 answers

Handshake not recording

I am trying to crack wireless WEP password of my wireless AP. When I enable monitor mode and issue this command: root#airodump-ng -w TESTFILE1 -c 1 --bssid 68:72:51:58:A3:14 wlan0mon No handshake is recorded. I disconnect or connect any client…
Usman
  • 21
  • 2
2
votes
1 answer

When running a WEP fragmentation attack on an AP with no clients, how are the first few bytes of keystream obtained?

As I've understood Andrea Bittau's fragmentation attack, an attacker can obtain a keystream of arbitrary length if he can first obtain a very small keystream of about 8 bytes. I understand that this small keystream can be obtained by intercepting an…
Magnus
  • 377
  • 2
  • 10
2
votes
1 answer

Packet Injection during attacks on WPA/WPA2/WEP -- How it works

Most Wi-Fi attacks rely on some kind of packet injection. This could be in the form of injecting deauth packets, arp packets, etc. I have a question about these fake packets -- Are they constructed from scratch by the wireless network interface…
Minaj
  • 1,536
  • 2
  • 14
  • 23
2
votes
2 answers

How to determine if a key is a weak key

How to do you decide that a particular key is a weak key? In the case of WEP, the weak keys seem to be those whose initialization vectors are in the form of (B + 3,255,x). Does the condition for weak keys depend on the type of encryption function we…
Pankaj Kumar
  • 41
  • 1
  • 5
2
votes
0 answers

Determining time it would take to exhaust IVs on 802.11b/g/n

I'm trying to learn about WEP attacks at the moment. I know that attacks against WEP require collisions of the initialization vectors. Is there a way to determine how long it would take for the vectors to be exhausted on 802.11b/g/n networks before…
pfinferno
  • 121
  • 2
1
vote
3 answers

A neighbor is using a WEP encrypted router, should I inform them of the security risk?

Someone in my neighborhood is using a WEP encrypted wifi router. I am not sure who they are yet, but if I find out, should I inform them of the security risks which that poses or are there any legal ramifications to doing so?
dramzy
  • 121
  • 3
1
vote
3 answers

Why is shared less secure than open when it comes to WEP?

According to this post, Jeffrey Tippet (Microsoft employee) writes: WEP can run in two modes: shared and open. Despite the names, shared is actually less secure than open. Because of this, our telemetry shows that that only 0.1% (and declining)…
But I'm Not A Wrapper Class
  • 113
  • 4
1
vote
0 answers

How Modification attacks works?

Theoretically... In Active attacks we have "modification attack"...ie "In a message modification attack, an intruder alters packet header addresses to direct a message to a different destination or modify the data on a target machine." not sure how…
Curi0usM3
  • 61
  • 1
  • 5
1
vote
1 answer

Is (WEP) shared key authentication secure?

I've been reading up on wireless authentication and shared key authentication sounds completely bonkers. I know WEP is very insecure and breaking it with aircrack-ng takes 5-15 minutes but this sounds worse. Basics: The station sends an…
yggur
  • 11
  • 3
1
vote
2 answers

Does this show the need for a two-factor authentication?

I need some help for my understanding while reading through this authentication scheme in WEP. In a WEP authentication scheme, the station first sends a request for authentication. However, this authentication scheme is a one-way authentication…
Papple.
  • 115
  • 7
1
vote
0 answers

WEP fake authentication purpose

I am studying WEP protocol and more specifically fake authentication attack. Man page says This is only useful when you need an associated MAC address in various aireplay-ng attacks and there is currently no associated client. Whereas the whole…
philippe
  • 193
  • 8
1
vote
3 answers

How can wireless password cracking be detected?

Our team was hired for a red team engagement for a client. A part of the engagement is attempting to crack the WiFi passwords of their office APs. However, we obviously want to stay undetected. What kind of thing should we watch out for? Apart from…
trallgorm
  • 875
  • 7
  • 19
1
vote
1 answer

WEP cracking - Why does many IVs allow to actually get the cipher key

I've been reading a lot about WEP cracking on online resources very recently, however there is one question that no website gives answer to I believe. I would like to first understand the theory very well. I understand how RC4 stream cipher…
KB303
  • 423
  • 2
  • 5
  • 15
1 2
3
4 5 6