Re: Wireless Pen Test

---

• From: m0rebel <m0rebel@xxxxxxxxxxxxxxxxx>
• Date: Thu, 27 Nov 2008 01:00:56 -0500

---

WPA and WPA2 both can be cracked with aircrack-ng. They both have the
same weakness, and in terms of using aircrack, they're exactly the
same thing. You need to sniff traffic on the WPA or WPA2 network until
you capture the 4-way handshake when someone is connecting. If someone
is already connected, you can speed this up by kicking them off the
network with a deauth attack and wait for them to reconnect, if you
don't mind an active attack. Once you have the handshake, you can
crack it by doing a dictionary attack (aircrack-ng -w dictionary.txt
dump.cap).

If your client is using either WPA or WPA2 and a really long,
complicated, hard-to-guess password that's not in anyone's dictionary
files (say, 40 random characters), then I'd say you can give them
reasonable assurance that it's secure from the outside.

m0rebel

On Wed, Nov 26, 2008 at 10:37 AM, anshuman sharma <anshuman251@xxxxxxxxx> wrote:

Hi All,

Is there any tool available to break WAP2 encryption (I searched a lot
but was not able to find any). I know using Aircrack (Airodump and
Aireplay), WEP and WPA key can be breaked. But if the encyption is
WPA2 can we give a reasonable assurance to the client that the Wifi
network is secure from outside.

Thanks and Regards
Anshuman

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Security Trends Report from Cenzic
Stay Ahead of the Hacker Curve!
Get the latest Q2 2008 Trends Report now

www.cenzic.com/landing/trends-report
------------------------------------------------------------------------

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Security Trends Report from Cenzic
Stay Ahead of the Hacker Curve!
Get the latest Q2 2008 Trends Report now

www.cenzic.com/landing/trends-report
------------------------------------------------------------------------

---

• Follow-Ups:
  • Re: Wireless Pen Test
    • From: Paul Melson
  • RE: Wireless Pen Test
    • From: Rui Pereira (WCG)

• References:
  • Wireless Pen Test
    • From: anshuman sharma

• Prev by Date: RE: Wireless Pen Test
• Next by Date: Wireless Pen Test
• Previous by thread: RE: Wireless Pen Test
• Next by thread: RE: Wireless Pen Test
• Index(es):
  • Date
  • Thread

---

Relevant Pages RE: Wireless Pen Test ... Aircrack-ng is an 802.11 WEP and WPA-PSK keys cracking program. ... BUT if you are using WPA ... WPA and WPA2 both can be cracked with aircrack-ng. ... Security Trends Report from Cenzic ... (Pen-Test) Wireless Pen Test ... Recently there has been some research released on attacks against WPA ... From my understanding this flaw is in the TKIP implementation ... the WPA2 Key is set to the name of the company, ... Security Trends Report from Cenzic ... (Pen-Test) RE: Wireless Pen Test ... WEP and WPA key can be breaked. ... WPA2 can we give a reasonable assurance to the client that the Wifi ... Security Trends Report from Cenzic ... Stay Ahead of the Hacker Curve! ... (Pen-Test) Re: Wireless-ethernet bridge with WPA-PSK (AES) ? ... WPA2). ... WPA - Wi-Fi Protected Access ... Looking at the various home router certifications at: ... and WPA2 with an assortment of authentication protocols. ... (alt.internet.wireless) Re: Wireless-ethernet bridge with WPA-PSK (AES) ? ... WPA2). ... WPA - Wi-Fi Protected Access ... Looking at the various home router certifications at: ... and WPA2 with an assortment of authentication protocols. ... (alt.internet.wireless)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(16)