Page 2 of 3 FirstFirst 123 LastLast
Results 11 to 20 of 23

Thread: WEP hacking in detail: Mac filter, Dhcp off, still quite safe?!

  1. #11
    Junior Member
    Join Date
    Jun 2008
    Posts
    30

    Default

    There's like a million "Cracking WEP" tutuorials on the "interweb" .. This is just more of that same ol'.. waste of time.
    There are dozens of tutorials out, why make more?

  2. #12
    Junior Member
    Join Date
    Jan 2010
    Posts
    42

    Default

    Quote Originally Posted by sunapi386 View Post
    There's like a million "Cracking WEP" tutuorials on the "interweb" .. This is just more of that same ol'.. waste of time.
    There are dozens of tutorials out, why make more?
    Dude it wasn't just a tutorial. He explained his steps and then asked few questions.
    And if you have gone through "millions" of cracking WEP then why don't you reply to his questions?

  3. #13
    Just burned his ISO
    Join Date
    Jul 2008
    Posts
    14

    Default

    I realize he began this thread to ask about the faults and insecurities regarding WEP, but continuing along the category of wireless security, how effective would you say WPA is? I understand that using the right wordlist is necessary to make cracking WPA feasible, but should the AP have a non-comprehensive password not revolving around a real word, what's the chances someone could crack that?

    An example might be a password of "123abc456def" Most wordlists I've seen revolve around real words and "l337" words.

    Would WPA be the safest home-use network security for wireless APs?

  4. #14
    Member Apollopimp's Avatar
    Join Date
    Nov 2007
    Posts
    120

    Default

    Quote Originally Posted by Kennosuke View Post
    I realize he began this thread to ask about the faults and insecurities regarding WEP, but continuing along the category of wireless security, how effective would you say WPA is? I understand that using the right wordlist is necessary to make cracking WPA feasible, but should the AP have a non-comprehensive password not revolving around a real word, what's the chances someone could crack that?

    An example might be a password of "123abc456def" Most wordlists I've seen revolve around real words and "l337" words.

    Would WPA be the safest home-use network security for wireless APs?

    at this time the only way to crack wpa is with the password you could have a 50 Terabyte password list but if the actual password is not in the list than you will never crack it.

    a password like this but 63 charters would be uncrackable a~.<)Q{}^*d2*x~\K|>:;T'[^r@9n could you imagine how big your password list would need to be i believe 11111111 to 99999999 is like 11gbs

  5. #15
    Just burned his ISO
    Join Date
    Jul 2008
    Posts
    5

    Default

    Ciao!

    Thanks for the info! I don't really wanna post something inadequate here, so basically I'm trying to figure out what you wrote.

    1: Ok, never expected to monitor wired traffic with my wireless card
    2: Will study TCP IP more, currently playing with:

    wireshark filter dns.flags==0x8180, monitoring DNS.


    3. furthermore, I started playing with "arping", "fping" and "hping" in BT3.

    For me it's important to figure serveral approaches to one problem. I try to start working my way through and understand more. I want this post to be interesting and informative, so thanks for reading first of all and thanks for giving some advice, too. I shall keep you posted on the progress - that's the only way to make a post rational and gives it orientation. Thanks

    Cheers

    Dionysos

    PS I guess WPA is a challenge and from the idea itself: it s safe. But how many XP users out of 100 will click on "accept the certificate", even though it s faked and someone is playing with the net.
    For some nice tables regarding WPA, check the shmoo group's website.

  6. #16
    Senior Member
    Join Date
    Apr 2008
    Posts
    2,008

    Default

    Quote Originally Posted by Dionysos View Post
    PS I guess WPA is a challenge and from the idea itself: it s safe. But how many XP users out of 100 will click on "accept the certificate", even though it s faked and someone is playing with the net.
    For some nice tables regarding WPA, check the shmoo group's website.
    This has nothing to do with WPA, and as long as you use a strong passphrase along with WPA there is no reason to fear that anyone would gain access to your AP and be able to perform a MITM attack on you. There are naturally other ways to perform a MITM than to gain access to a wireless AP, but these scenarios have even less to do with WPA encryption than the previously mentioned.
    -Monkeys are like nature's humans.

  7. #17
    Just burned his ISO
    Join Date
    Jul 2008
    Posts
    5

    Default

    Ciao,

    Catch your point! It was my lunch break so I had to be quick, minds flowing faster than I could write. I will be more precise in explaining myself in future, so to straighten this out:

    I asked myself the question: How many out of 100 WinXP users will accept a fake certificate from someone who is playing with net (actually performing a MITM attack, as you stated correctly)==> 80?! maybe 90?!
    Thus, refering to the discussed points concerning WPA:
    How many out of 100 WinXP users will choose a sensible password or passphrase(length!) when setting up the WPA secured network?! 60?! 70?!
    It's gotta be quick today, with setting up things - accomplishing something. That's my opinion. Most people don't think about it due to the lack of knowledge or simply ignorance: Media puts "WPA" is bulletproof in a headline and that's for a lot of people out there all they wanna know. Otherwise, when set up sensibly, WPA seems to be a very safe solution.

    Quoting a professor of my brother: (prof asking the students)

    "How do you choose a password?"
    Student: "Case sensitive. Use numbers and special characters"
    Professor: "You don't choose a password! You choose the length of the pw and create a random chain of characters!"


    (I hope this didn't get lost in translation)

    ==>If you wanna play around with your router and see what kind of WPA-passwords one can actually hack by using precomputed tables: the tables of the shmoo group are a good source!

    In fact the MITM has nothing to do with cracking keys of WEP or WPA networks. Hope I made myself clear this time.

    Cheers

    Dionysos

  8. #18
    Senior Member
    Join Date
    Apr 2008
    Posts
    2,008

    Default

    Quote Originally Posted by Dionysos View Post
    I asked myself the question: How many out of 100 WinXP users will accept a fake certificate from someone who is playing with net (actually performing a MITM attack, as you stated correctly)==> 80?! maybe 90?!
    Thus, refering to the discussed points concerning WPA:
    How many out of 100 WinXP users will choose a sensible password or passphrase(length!) when setting up the WPA secured network?! 60?! 70?!
    It's gotta be quick today, with setting up things - accomplishing something. That's my opinion. Most people don't think about it due to the lack of knowledge or simply ignorance: Media puts "WPA" is bulletproof in a headline and that's for a lot of people out there all they wanna know. Otherwise, when set up sensibly, WPA seems to be a very safe solution.
    Well now I understand the connection between the two that you were trying to make, pardon my last reply but as you say yourself your previous post was rather unclear.

    I absolutely agree on that most people, especially windows users, probably are so used to clicking on pop-ups that they will blindly accept next to anything without paying any real attention to the actual warning message. I would believe that this same thoughtlessness often applies to WPA as well as any other service requiring you to choose your own password and remember it.

    I can't refrain from citing Pureh@te's signature here as I find it to be one of the more insightful out there and it indeed is relevant to this subject:
    Social engineering, because there is no patch for human stupidity!
    -Monkeys are like nature's humans.

  9. #19
    Junior Member
    Join Date
    Feb 2010
    Posts
    25

    Default

    Quote Originally Posted by Apollopimp View Post
    from that i get that after we help you crack your own network you will most likely be cracking networks that aren't yours..

    also you said your new ,if so than put your copy of backtrack in the trash and try your hand at Slax or Ubuntu.. these are more noobish friendly..

    i hardly come here anymore because of all the "i need help cracking networks" it gets old.. we all know the truth so don't lie to us we are not stupid..
    This post is just RUDE.
    You don't disrespect members like this.
    If you want to be sure, that no one is using this forum to hack networks that aren't his. YOU HAVE TO CLOSE IT.

    you say you hardly come here anymore.
    I say GOOD FOR US.

    we don't need replies like this. Mister i know it all.

  10. #20
    Junior Member
    Join Date
    Feb 2010
    Posts
    27

    Default

    I totally agree ReckaH although the post you quoted isn't the only one. Time and time again this type of response is seen on these forums by big mouths but also by people who should know better. I saw this thread from the very first post by Dionysos and watched as the type of posts I expected to appear unfortuneatly did.

    Come on lads, it aint that hard to distinguish between the dicks that want to piss about with their neighbours network and people that are starting out and want to learn.

Page 2 of 3 FirstFirst 123 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •