By

Swaroop YermalkaR

Changing the

world

through Wireless

Communication!

Dj Akhil Talreja

BT5 r3 laptop with wifi card

Dlink router Galaxy

pop

Simple WPA/2 Cracking Technique Brute-Force attack Understanding WPS [ Wi-Fi Protected Setup ] Exploring Reaver

1. Start Sniffing 2. Capture WPA Handshake 3. Apply Dictionary 4. Crack the password!

Supplicant Authenticator

Probe req,resp

Authentication RR, Association RR

Pre-shared key 256bit Pre-shared key 256bit

PTK PTK Message 2

Snounce + MIC

Message 4

Key install Acknowledgement

Snounce

Source: securitytube.net

Step 1

Step 2

Step 3

Step 4

1. Monitor air for a new client trying to associate with the access point (passive)

2. De-authentication one or all clients and monitor reconnection (active)

De-authentication Packet

Legitimate client AP

Source: http://lastbit.com/pswcalc.asp

Wi-Fi Protected Setup (WPS; originally Wi-Fi Simple Config) is a computing standard that attempts to allow easy establishment of a secure wireless home network. Created by the Wi-Fi Alliance and introduced in 2007, the goal of the protocol is to allow home users who know little of wireless security and may be intimidated by the available security options to set up Wi-Fi Protected Access, as well as making it easy to add new devices to an existing network without entering long passphrases.

Source: wikipedia

Reaver is fantastic tool to crack this WPS pin written by Craig Heffner. It performs a brute force attack against the AP, attempting every possible combination in order to guess the AP's 8 digit pin number. Since the pin numbers are all numeric, there are 10^8 (100,000,000) possible values for any given pin number.

Source: Tactical Network Solutions articles

n0nEc@nhaCkthi$pa$sw0rd!!!

…use pin as master key!

Ex: R0ck$t@R

Keep non-dictionary, combination of symbols, digits and numbers.

1. Tactical Network Solutions 2. WiFi Security Megaprimer by Vivek Ramchandran

Feedback, questions and suggestions:

swaroop.wireless@gmail.com

Swaroop D. YermalkaR