Friday, January 21, 2011

Video: Hacking WEP-128, WPA2-PSK, and 802.1x/PEAP in Under 5 Minutes

Although this doesn't prove anything that hasn't already been proven, seeing often cements belief much more effectively than reading. In this video, I compromise access to three separate wireless networks using three separate authentication and encryption schemes.

Test Networks - The Victims:

ClientCorporate: 802.1x/PEAP
ClientVendor: WPA2-PSK/AES
ClientGuest: WEP-128 PSK

Full Disclosure - This video is different than a real-world attack in the following ways:
  • For the 802.1x compromise, I used supplicants that are either not configured to validate the RADIUS certificate or bypassed the warning screen that discloses that the RADIUS server is serving an untrusted certificate.
  • Also for the 802.1x compromise I authenticated with test victim users using passwords pulled from my password list.
  • For the WPA compromise, I used pre-computed a hash table using CoWPAtty's "genpmk" since the SSID of a WPA network is factored into the handshake. A huge torrent exists with pre-computed hashes of the top 1000 SSID names using a very large dictionary. I didn't check, but I doubted "ClientVendor" would be included so I made my own.
  • Also for the WPA compromise, I used a PSK that was pulled from my password list.
  • I wasn't smooth enough to pull this off in one take so it's chopped up. The attacks, however, are not sped up.
Perspectives - The AP used in this video was either an attacking or victim AP depending on the attack utilized.
  • The DD-WRT'd Linksys wireless router I used can be considered a victim AP for the WEP and WPA-PSK attacks.
  • However, my AP should be considered an attacker AP for the 802.1x attack since I am actively trying to use it along with a fake RADIUS server to attract victims of the legitimate 802.1x wireless network that I am attacking.
Mitigating Wireless Risk - So what do I do about this?
  • WEP: Don't use WEP.
  • WPA-PSK: Use a complex PSK like "R$g2Gn#~qzZ4@" (rather than "MyBank123", "HomeWiFi! or "CoolDude1993"). If your PSK is in my dictionary, then I can crack your PSK.
  • 802.1x:
    • Ensure a trusted RADIUS certificate is deployed, but not too trusted. An internal CA works fine as long as its root cert is in your clients cert stores.
    • Ensure that clients are configured to validate the RADIUS server cert as specifically as possible.
    • Only trust the CA that generated the cert.
    • Don't rely on users to get it right, use GPOs or more advanced tools that give you central administration like Juniper Odyssey Access Client.
    • Helpdesk and other folks commonly called on to fix wireless problems will likely resort to unchecking "Validate Server Certificate" so watch them and train them.
    • Ensure that your password complexity policies are sufficient on whatever credential stores the RADIUS talks to. Again, if a users' password is in my dictionary, and I obtain an MSCHAPV2 challenge/response pair from that user, I've got their credentials and access to whatever they have access to.
Tools Used / Props -

The fine tools listed below were absolutely required to make it this easy to test and penetration wireless networks. Like a lot of technology, they are very powerful and can do a lot of positive and negative things in the right (wrong) hands.

    1 comment:

    1. Great video demonstrating the power of freely available tools to compromise wireless networks. I also appreciate the recommendations to reduce the risk.