Wired Equivalent Privacy (WEP) is a wireless security protocol, providing both encryption and authentication.
The encryption method used is RSA's RC4 stream cipher. The RC4 algorithm operates on a 'seed' consisting of an initialization vector (IV) and a secret shared key to create a keystream which is XORed with plaintext to create ciphertext.
When connecting to a WEP secured network you are asked for the secret shared key which is used to authenticate clients to the network and also encrypt the traffic.
The vulnerability in the WEP protocol is the transit of the IV in plaintext. This allows an attacker to eavesdrop on wireless traffic and collect enough IVs to bruteforce the secret shared authentication key. Once the key is obtained the attacker uses it to connect to the target wireless network.
Note: A standard WEP implementation uses a 40 bit key and a 24 bit IV, resulting in a 64 bit keystream. Because of this, WEP is sometimes referred to as 40 bit WEP or 64 bit WEP.
Cracking a WEP Key
The purpose of this article is for education and security auditing only. Anyone using this for any other reason are liable for their own actions.
To see this vulnerability work and to actually crack a WEP key in a test environment you need some tools.
- A test network using an 802.11 wireless router with WEP enabled and a 40 bit key created.
- A linux machine with a wireless card. In this example Back Track 4 r2 is the operating system used. Download a live DVD if you don't have a dedicated machine.
- macchanger, airmon-ng, airdump-ng, and aircrack-ng. These tools are all included in Back Track 4.
Assuming the wireless interface is wlan0, disable the interface.
ifconfig wlan0 down
Use macchanger to change the MAC address of the wlan0 interface.
macchanger --mac 00:11:22:33:44:55 wlan0
Bring the wlan0 interface back up.
ifconfig wlan0 up
Use airmon to create a monitor mode interface for wlan0. The new monitoring interface is called mon0.
airmon-ng start wlan0
Run airodump to observe target networks and gather MAC (BSSID), channel and ESSID.
Run airodump again this time specifying the target channel, BSSID, and file to dump the output to. This step is where the IVs are collected for analysis later. Again, since this is a passive attack it may take a while to collect enough IVs. Leave the machine on overnight collecting data if needed.
-w /root/dumpfile --bssid mon0
Keep an eye on the above command. One column is called #Data. This is the actual number of IVs collected from the network. If there is no traffic on the network this number will slowly increase. Once you have about 20,000 IVs, run the following command.
aircrack will report back if it has successfully cracked the WEP key or if you need to continue to collect more IVs and try again. The number of IVs needed to crack a key varies, but it can be done in less than 20,000 IVs.