Aircrack-ng

Last updated
aircrack-ng
Original author(s) Christophe Devine
Developer(s) Thomas d'Otreppe de Bouvette
Stable release
1.7 / May 10, 2022 (2022-05-10) [1]
Repository https://github.com/aircrack-ng/aircrack-ng
Written in C
Operating system Cross-platform
Type Packet sniffer and injector; WEP, WPA, WPA2 key recovery
License GPL
Website www.aircrack-ng.org

Aircrack-ng is a network software suite consisting of a detector, packet sniffer, WEP and WPA/WPA2-PSK cracker and analysis tool for 802.11 wireless LANs. It works with any wireless network interface controller whose driver supports raw monitoring mode and can sniff 802.11a, 802.11b and 802.11g traffic. Packages are released for Linux and Windows. [2]

Contents

Aircrack-ng is a fork of the original Aircrack project. It can be found as a preinstalled tool in many security-focused Linux distributions such as Kali Linux or Parrot Security OS, [3] which share common attributes, as they are developed under the same project (Debian). [4]

Development

Aircrack was originally developed by French security researcher Christophe Devine. [5] Its main goal was to recover 802.11 wireless networks WEP keys using an implementation of the Fluhrer, Mantin and Shamir (FMS) attack alongside the ones shared by a hacker named KoreK. [6] [7] [8]

Aircrack was forked by Thomas D'Otreppe in February 2006 and released as Aircrack-ng (Aircrack Next Generation). [9]

Wi-Fi security history

WEP

Basic WEP encryption: RC4 keystream XORed with plaintext. Wep-crypt-alt.svg
Basic WEP encryption: RC4 keystream XORed with plaintext.

Wired Equivalent Privacy was the first security algorithm to be released, with the intention of providing data confidentiality comparable to that of a traditional wired network. [10] It was introduced in 1997 as part of the IEEE 802.11 technical standard and based on the RC4 cipher and the CRC-32 checksum algorithm for integrity. [11]

Due to U.S. restrictions on the export of cryptographic algorithms, WEP was effectively limited to 64-bit encryption. [12] Of this, 40 bits were allocated to the key and 24 bits to the initialization vector (IV), to form the RC4 key. After the restrictions were lifted, versions of WEP with a stronger encryption were released with 128 bits: 104 bits for the key size and 24 bits for the initialization vector, known as WEP2. [13] [14]

The initialization vector works as a seed, which is prepended to the key. Via the key-scheduling algorithm (KSA), the seed is used to initialize the RC4 cipher's state. The output of RC4's pseudo random generation algorithm (PRGA) follows a XOR operation in combination with the plaintext, and produces the ciphertext. [15]

The IV is constrained to 24 bits, which means that its maximum values are 16,777,216 (224), regardless of the key size. [16] Since the IV values will eventually be reused and collide (given enough packets and time), WEP is vulnerable to statistical attacks. [17] William Arbaugh notes that a 50% chance of a collision exists after 4823 packets. [18]

In 2003, the Wi-Fi Alliance announced that WEP had been superseded by Wi-Fi Protected Access (WPA). In 2004, with the ratification of the full 802.11i standard (i.e. WPA2), the IEEE declared that both WEP and WEP2 have been deprecated. [19]

WPA

Wi-Fi Protected Access (WPA) was designed to be implemented through firmware updates rather than requiring dedicated hardware. [20] While still using RC4 at its core, it introduced significant improvements over its predecessor. WPA included two modes: WPA-PSK (WPA Personal) and WPA Enterprise.

WPA-PSK (Wi-Fi Protected Access Pre-Shared Key), also known as WPA Personal, used a variant of the Temporal Key Integrity Protocol (TKIP) encryption protocol. It improved security by implementing the following features:

TKIP allocated 48 bits to the IV compared to the 24 bits of WEP, so the maximum number is 281,474,976,710,656 (248). [22]

In WPA-PSK, each packet was individually encrypted using the IV information, the MAC address, and the pre-shared key as inputs. The RC4 cipher was used to encrypt the packet content with the derived encryption key. [22]

Additionally, WPA introduced WPA Enterprise, which provided enhanced security for enterprise-level networks. WPA Enterprise employed a more robust authentication mechanism known as Extensible Authentication Protocol (EAP). This mode required the use of an Authentication Server (AS) such as RADIUS (Remote Authentication Dial-In User Service) to validate user credentials and grant access to the network.

In 2015, the Wi-Fi Alliance recommended in a technical note that network administrators should discourage the use of WPA and that vendors should remove support for it and rely instead on the newer WPA2 standard. [24]

WPA2

WPA2 (Wi-Fi Protected Access 2) was developed as an upgrade to the original WPA standard and ratified in 2004, and became mandatory for Wi-Fi certified products in 2006. [25] Like WPA, WPA2 provides two modes: WPA2-PSK (WPA2 Personal) and WPA2 Enterprise. [26]

Unlike WPA, WPA2-PSK uses the more secure Advanced Encryption Standard (AES) in CCM mode (Counter-Mode-CBC-MAC Protocol), instead of TKIP. [21] AES provides stronger authentication, encryption and is less vulnerable to attacks. [27] [28] A backward compatible version, called WPA/WPA2 (Personal) still made use of TKIP. [29]

WPA2-PSK replaces the message integrity code Michael with CCMP. [21]

Timeline of the attacks

WEP

In 1995, before the WEP standard was available, computer scientist David Wagner of the Princeton University discussed a potential vulnerability in RC4. [15]

In March 2000, a presentation by Dan Simon, Bernard Aboba, and Tim Moore of Microsoft provided a summary of 802.11 vulnerabilities. They noted that denial of service deauthentication attacks are possible because the messages are unauthenticated and unencrypted (later implemented by the aireplay-ng tool). [30] In addition, they wrote that because some implementations of WEP derive the key from a password, dictionary attacks are easier than pure brute force. [31] [17]

In May 2001, William A. Arbaugh of the University of Maryland presented his inductive chosen-plaintext attack against WEP with the conclusion that the protocol is vulnerable to packet forgery. [18]

In July 2001, Borisov et al. published a comprehensive paper on the status of WEP and its various vulnerabilities. [17]

In August 2001, in the paper Weaknesses in the Key Scheduling Algorithm of RC4, authors Scott Fluhrer, Itsik Mantin, and Adi Shamir performed a cryptoanalysis of the KSA, citing Wagner among others. They stated that they had not conducted an attack against WEP, and therefore couldn't claim that WEP was vulnerable. [32] However, other researchers implemented the attack and were able to demonstrate the protocol's insecurity. [33] [13]

In 2004, a hacker using the pseudonym KoreK posted a series of attacks on the NetStumbler.org forum, which were incorporated into the original aircrack 1.2 by Christophe Devine. [34] [35] That same month, aircrack began supporting replay attacks against WEP, which use ARP requests to generate more IVs and make key recovery easier. [36]

Later that year, KoreK released the Chopchop attack, an active packet injector for WEP. [37] The name of the attack derives from its inherent working: a packet is intercepted, "chops" off a part of it and sends a modified version to the Access Point, who will drop it if not valid. By repeatedly trying multiple values, the message can gradually be decrypted. [38] [39] [40] The Chopchop attack was later improved by independent researchers. [41]

In 2005, security researcher Andrea Bittau presented the paper The Fragmentation Attack in Practice. The homonymous attack exploits the fact that WEP splits the data into smaller fragments, which are reassembled by the receiver. Taking advantage of the fact that at least part of the plaintext of some packets may be known, and that the fragments may have the same IV, data can be injected at will, flooding the network to statistically increase the chances of recovering the key. [15]

In April 2007 a team at the Darmstadt University of Technology in Germany presented a new attack, named "PTW" (from the researchers' names, Pyshkin, Tews, Weinmann). It decreased the number of initialization vectors or IVs needed to decrypt a WEP key and has been included in the aircrack-ng suite since the 0.9 release. [42] [43]

Evolution of the attacks/vulnerabilities
DateAuthor/sAttack name/typePackets neededImplemented inSource
2001A. Stubblefield et al.FMS: Passive partial key exposure attack1,000,000 (optimized from 5,000,000-6,000,000)- [33] [44]
2001W. ArbaughInductive chosen plaintext- [18]
2002David HultonPractical Exploitation of RC4 Weaknesses in WEP Environments500,000-2,000,000- [45]
2003Andrea BittauExpansion of FMS classes- [46]
2004KoreKFMS: Passive partial key exposure attack700,000 (about 50% success probability)aircrack 1.2 [47]
2004KoreKChopchopaircrack 2.2-beta1 [37] [35]
2006A. KleinAttacks on the RC4 stream cipher- [48]
2007Tews, Weinmann, PyshkinPTW35,000 to 40,000 (about 50% success probability)aircrack-ng 0.9 [47]
2007S. Vaudenay and M. VuagnouxVX: Passive key recovery45'000- [49]

WPA

The first known attack on WPA was described by Martin Beck and Erik Tews in November 2008. They described an attack against TKIP in the paper Practical Attacks Against WEP and WPA. The proof of concept resulted in the creation of tkiptun-ng. [47] In 2009, their attack was improved and demonstrated by a research group from Norway. [50]

Features

The aircrack-ng software suite includes:

aircrack-ng

aircrack-ng supports cracking WEP (FMS, PTW, KoreK and dictionary attacks), WPA/WPA2 and WPA2 keys (using dictionary attacks). [51] While it doesn't support direct attacks on WPA3 (introduced in 2018), it has been used successfully in combination with a downgrade attack. [52]

airbase-ng

airbase-ng incorporates techniques for attacking clients, instead of Access Points. Some of its features include an implementation of the Caffe Latte attack (developed by security researcher Vivek Ramachandran) [53] and the Hirte attack (developed by Martin Beck). [54] The WEP Hirte attack is a method of creating an Access Point with the same SSID of the network to be exploited (similar to an evil twin attack). [55] If a client (that was previously connected to the victim's access point) is configured to automatically reconnect, it will try the rogue AP. At this point, ARP packets are sent in the process of obtaining a local IP address, and airbase-ng can collect IVs that can later be used by aircrack-ng to recover the key. [56]

Execution of a fragmentation attack against WEP with aireplay-ng. Aireplay-ng Fragmentation Attack Demo.png
Execution of a fragmentation attack against WEP with aireplay-ng.

aireplay-ng

aireplay-ng is an injector and frame replay tool. [51] [57] Deauthentication attacks are supported. [30] Deauthentication refers to a feature of IEEE 802.11 which is described as "sanctioned technique to inform a rogue station that they have been disconnected from the network". [58] Since this management frame doesn't need to be encrypted and can be generated knowing only the client's MAC address, aireplay-ng can force a client to disconnect and capture the handshake (or to perform a Denial of service attack). In addition, a client deauthentication and subsequent reconnection will reveal a hidden SSID. [30]

Other features include the ability to perform fake authentification, ARP request replay, fragmentation attack, the Caffe Latte and Chopchop attacks. [59]

airmon-ng

airmon-ng can place supported wireless cards in monitor mode. [51] Monitor mode refers to a provision in the IEEE 802.11 standard for auditing and design purposes, [60] in which a wireless card can capture packets in air range. [61] It is able to detect potential programs that could interfere with proper operation and kill them.[ citation needed ]

Setting monitor mode using airmon-ng. Airmon-ng setting monitor mode.png
Setting monitor mode using airmon-ng.

airodump-ng

A network scan is performed using airodump-ng. Airodump-ng scanning networks.png
A network scan is performed using airodump-ng.

airodump-ng is a packet sniffer. [51] It can store information in various formats, making it compatible with software other than the aircrack-ng suite. It supports channel-hopping. [62]

airserv-ng

airserv-ng is a wireless card server, which allows multiple wireless programs to use a card independently. [63]

airtun-ng

Virtual tunnel interface creator. Its main uses are monitoring the traffic as an intrusion detection system, and inject arbitrary traffic in a network. [64]

besside-ng

A tool to automatize WEP cracking and logging of WPA handshakes.

easside-ng

easside-ng is an automated tool which attempts connection to a WEP Access Point without knowing the encryption key. It uses the fragmentation attack and a remote server (which can be hosted with the tool buddy-ng) in the attempt to recover an encrypted packet, exploiting the AP which will decrypt it for the attacker. [65]

tkiptun-ng

tkiptun-ng is a WPA/TKIP attack tool developed by Martin Beck.

wesside-ng

wesside-ng is a proof of concept based on the tool wesside, originally written by Andrea Bittau to demonstrate his fragmentation attack. It is a tool designed to automate the process of recovering a WEP key. [15]

airdecap-ng

airdecap-ng decrypts WEP or WPA encrypted capture files with known key. [36] It was formally known as airunwep and 802ether. [35]

airdecloak-ng

airdecloak-ng can remove WEP cloaked frames from pcap files. Cloaking refers to a technique for use by wireless intrusion prevention systems (which rely on WEP encryption) to inject packets encrypted with random keys into the air, in the attempt to make cracking more difficult. [66]

airolib-ng

airolib-ng can create a database of pre-computed hash tables by computing the Pairwise Master Keys (PMK) captured during the 4-way handshaking process. [67] In WPA and WPA2, the PMK are derived from the password selected by the user, the SSID name, its length, the number of hashing iterations, and the key length. [68] [6] During the 4-way handshaking process, the PMK is used, among other parameters, to generate a Pairwise Transient Key (PTK), which is used to encrypt data between the client and Access Point. [69] [70]

The hash tables can be reused, provided the SSID is the same. [71] Pre-computed tables for the most common SSIDs are available online. [72]

besside-ng-crawler is seen filtering files in a directory. Besside-ng-crawler demo.png
besside-ng-crawler is seen filtering files in a directory.

besside-ng-crawler

Performs operations on a directory to search for pcap files and filter out relevant data.

buddy-ng

buddy-ng is a tool used in conjunction with the tool easside-ng, running on a remote computer. It is the receiving end that allows a packet decrypted by the access point to be captured. [65]

ivstools

ivstools can extract initialization vectors from a capture file (.cap).

kstats

kstats is a tool for displaying the Fluhrer, Mantin and Shamir attack algorithm votes [note 1] for an IVS dump with a given WEP key.

makeivs-ng

makeivs-ng is a testing tool used to generate an IVS file with a given WEP key.

packetforge-ng

wpaclean in use. Wpaclean and tcpdump output.png
wpaclean in use.

packetforge-ng can create and modify packets for injection. It supports packets such as arp requests, UDP, ICMP and custom packets. [73] It was originally written by Martin Beck. [74]

wpaclean

wpaclean reduces the contents of the capture file (generated by airodump-ng) by keeping only what is related to the 4-way handshake and a beacon. The former refers to a cryptographic process that establishes encryption without publicly revealing the key. [75] Meanwhile, the beacon frame is sent by the Access Point to announce its presence and other information to nearby clients. [76] [77]

airventriloquist-ng

airventriloquist-ng is a tool that can perform injection on encrypted packets.

Version history

Aircrack changelog [35]
VersionDateNotable changes
1.0July 29, 2004
1.1August 11, 2004Implementation of ARP replay attack.
1.2August 17, 2004First implementation of KoreK attacks.
1.3August 19, 2004
1.4August 26, 2004
2.0September 3, 2004
2.0.1September 21, 2004
2.0.2September 24, 2004
2.1October 1, 2004Added support for longer WEP keys (256 and 512 bit).
2.2-beta1June 22, 2005Chopchop attack is implemented. WPA-PSK support is added.
2.2-beta2June 27, 2005The aireplay tool implements automated replay, deauthentication attacks, and fake authentication.
2.2-beta3June 28, 2005
2.2-beta4July 3, 2005
2.2-beta5July 10, 2005WPA2 support is added.
2.2-beta6July 12, 2005
2.2-beta7July 14, 2005
2.2-beta8 and 2.2-beta9July 21, 2005
2.2-beta10July 23, 2005
2.2-beta11July 27, 2005
2.2-beta12July 30, 2005
2.2August 3, 2005
2.21August 9, 2005
2.22August 14, 2005
2.23August 28, 2005
2.4November 12, 2005
2.41November 22, 2005
Aircrack-ng changelog [74]
VersionDateNotable changes
0.1UnknownForked from aircrack 2.41.
0.2March 19, 2006
0.2.1March 20, 2006
0.3March 30, 2006The tool ivstools is introduced, merged from two other software.
0.4April 16, 2006
0.4.1April 19, 2006
0.4.2April 20, 2006
0.4.3 and 0.4.4April 24, 2006
0.5May 5, 2006Further optimization of the Chopchop code.
0.6June 23, 2006
0.6.1August 27, 2006
0.6.2October 1, 2006packetforge-ng is introduced.
0.7January 20, 2007
0.8April 25, 2007
0.9April 13, 2007First implementation of PTW attack.
0.9.1June 25, 2007
1.0-beta1October 1, 2007PTW attack supersedes KoreK attack as the default. The tools airdriver-ng, wesside-ng, easside-ng, buddy-ng, airserv-ng and airolib-ng are introduced.
1.0-beta2February 1, 2008Reduced number of packets needed for WPA attacks.
0.9.2February 5, 2008
0.9.3February 24, 2008
1.0-rc1June 9, 2008airbase-ng is introduced. Caffe latte and CFrag attacks are implemented.
1.0-rc2January 22, 2009tkip-tun is introduced.
1.0-rc3March 26, 2009
1.0-rc4July 27, 2009
1.0September 8, 2009
1.1April 24, 2010airdrop-ng is introduced.
1.2-beta1May 25, 2013wpaclean is introduced. Migration mode attack is added in aireplay-ng.
1.2-beta2November 30, 2013
1.2-beta3March 31, 2014
1.2-rc1October 31, 2014
1.2-rc2April 10, 2015
1.2-rc3November 21, 2015
1.2-rc4February 14, 2016
1.2-rc5April 3, 2018airventriloquist-ng is introduced.
1.2April 15, 2018
1.3July 10, 2018
1.4September 29, 2018
1.5.2December 9, 2018
1.6January 25, 2020airodump-ng supports viewing WPA3 networks.
1.7May 10, 2022

See also

Notes

  1. In the context of the FMS algorithm, votes represent the number of successful attempts made by the algorithm to decrypt the encrypted data.

Related Research Articles

<span class="mw-page-title-main">IEEE 802.11</span> Wireless network standard

IEEE 802.11 is part of the IEEE 802 set of local area network (LAN) technical standards, and specifies the set of medium access control (MAC) and physical layer (PHY) protocols for implementing wireless local area network (WLAN) computer communication. The standard and amendments provide the basis for wireless network products using the Wi-Fi brand and are the world's most widely used wireless computer networking standards. IEEE 802.11 is used in most home and office networks to allow laptops, printers, smartphones, and other devices to communicate with each other and access the Internet without connecting wires. IEEE 802.11 is also a basis for vehicle-based communication networks with IEEE 802.11p.

In cryptography, RC4 is a stream cipher. While it is remarkable for its simplicity and speed in software, multiple vulnerabilities have been discovered in RC4, rendering it insecure. It is especially vulnerable when the beginning of the output keystream is not discarded, or when nonrandom or related keys are used. Particularly problematic uses of RC4 have led to very insecure protocols such as WEP.

<span class="mw-page-title-main">Wi-Fi</span> Wireless local area network

Wi-Fi is a family of wireless network protocols based on the IEEE 802.11 family of standards, which are commonly used for local area networking of devices and Internet access, allowing nearby digital devices to exchange data by radio waves. These are the most widely used computer networks, used globally in home and small office networks to link devices and to provide Internet access with wireless routers and wireless access points in public places such as coffee shops, hotels, libraries, and airports.

A wireless gateway routes packets from a wireless LAN to another network, wired or wireless WAN. It may be implemented as software or hardware or a combination of both. Wireless gateways combine the functions of a wireless access point, a router, and often provide firewall functions as well. They provide network address translation (NAT) functionality, so multiple users can use the internet with a single public IP. It also acts like a dynamic host configuration protocol (DHCP) to assign IPs automatically to devices connected to the network.

Wired Equivalent Privacy (WEP) is a severely flawed security algorithm for 802.11 wireless networks. Introduced as part of the original IEEE 802.11 standard ratified in 1997, its intention was to provide data confidentiality comparable to that of a traditional wired network. WEP, recognizable by its key of 10 or 26 hexadecimal digits, was at one time widely used, and was often the first security choice presented to users by router configuration tools.

Wi-Fi Protected Access (WPA), Wi-Fi Protected Access 2 (WPA2), and Wi-Fi Protected Access 3 (WPA3) are the three security certification programs developed after 2000 by the Wi-Fi Alliance to secure wireless computer networks. The Alliance defined these in response to serious weaknesses researchers had found in the previous system, Wired Equivalent Privacy (WEP).

IEEE 802.11i-2004, or 802.11i for short, is an amendment to the original IEEE 802.11, implemented as Wi-Fi Protected Access II (WPA2). The draft standard was ratified on 24 June 2004. This standard specifies security mechanisms for wireless networks, replacing the short Authentication and privacy clause of the original standard with a detailed Security clause. In the process, the amendment deprecated broken Wired Equivalent Privacy (WEP), while it was later incorporated into the published IEEE 802.11-2007 standard.

Temporal Key Integrity Protocol is a security protocol used in the IEEE 802.11 wireless networking standard. TKIP was designed by the IEEE 802.11i task group and the Wi-Fi Alliance as an interim solution to replace WEP without requiring the replacement of legacy hardware. This was necessary because the breaking of WEP had left Wi-Fi networks without viable link-layer security, and a solution was required for already deployed hardware. However, TKIP itself is no longer considered secure, and was deprecated in the 2012 revision of the 802.11 standard.

Counter Mode Cipher Block Chaining Message Authentication Code Protocol or CCM mode Protocol (CCMP) is an encryption protocol designed for Wireless LAN products that implements the standards of the IEEE 802.11i amendment to the original IEEE 802.11 standard. CCMP is an enhanced data cryptographic encapsulation mechanism designed for data confidentiality and based upon the Counter Mode with CBC-MAC of the Advanced Encryption Standard (AES) standard. It was created to address the vulnerabilities presented by Wired Equivalent Privacy (WEP), a dated, insecure protocol.

A wireless distribution system (WDS) is a system enabling the wireless interconnection of access points in an IEEE 802.11 network. It allows a wireless network to be expanded using multiple access points without the traditional requirement for a wired backbone to link them. The notable advantage of WDS over other solutions is that it preserves the MAC addresses of client frames across links between access points.

IEEE 802.11r-2008 or fast BSS transition (FT), is an amendment to the IEEE 802.11 standard to permit continuous connectivity aboard wireless devices in motion, with fast and secure client transitions from one Basic Service Set to another performed in a nearly seamless manner. It was published on July 15, 2008. IEEE 802.11r-2008 was rolled up into 802.11-2012. The terms handoff and roaming are often used, although 802.11 transition is not a true handoff/roaming process in the cellular sense, where the process is coordinated by the base station and is generally uninterrupted.

In cryptography, a related-key attack is any form of cryptanalysis where the attacker can observe the operation of a cipher under several different keys whose values are initially unknown, but where some mathematical relationship connecting the keys is known to the attacker. For example, the attacker might know that the last 80 bits of the keys are always the same, even though they don't know, at first, what the bits are.

Extensible Authentication Protocol (EAP) is an authentication framework frequently used in network and internet connections. It is defined in RFC 3748, which made RFC 2284 obsolete, and is updated by RFC 5247. EAP is an authentication framework for providing the transport and usage of material and parameters generated by EAP methods. There are many methods defined by RFCs, and a number of vendor-specific methods and new proposals exist. EAP is not a wire protocol; instead it only defines the information from the interface and the formats. Each protocol that uses EAP defines a way to encapsulate by the user EAP messages within that protocol's messages.

<span class="mw-page-title-main">Wireless security</span> Aspect of wireless networks

Wireless security is the prevention of unauthorized access or damage to computers or data using wireless networks, which include Wi-Fi networks. The term may also refer to the protection of the wireless network itself from adversaries seeking to damage the confidentiality, integrity, or availability of the network. The most common type is Wi-Fi security, which includes Wired Equivalent Privacy (WEP) and Wi-Fi Protected Access (WPA). WEP is an old IEEE 802.11 standard from 1997. It is a notoriously weak security standard: the password it uses can often be cracked in a few minutes with a basic laptop computer and widely available software tools. WEP was superseded in 2003 by WPA, a quick alternative at the time to improve security over WEP. The current standard is WPA2; some hardware cannot support WPA2 without firmware upgrade or replacement. WPA2 uses an encryption device that encrypts the network with a 256-bit key; the longer key length improves security over WEP. Enterprises often enforce security using a certificate-based system to authenticate the connecting device, following the standard 802.11X.

wpa_supplicant Open-source implementation of IEEE 802.11i

wpa_supplicant is a free software implementation of an IEEE 802.11i supplicant for Linux, FreeBSD, NetBSD, QNX, AROS, Microsoft Windows, Solaris, OS/2 and Haiku. In addition to being a WPA3 and WPA2 supplicant, it also implements WPA and older wireless LAN security protocols.

In cryptography, a pre-shared key (PSK) is a shared secret which was previously shared between the two parties using some secure channel before it needs to be used.

IEEE 802.1AE is a network security standard that operates at the medium access control layer and defines connectionless data confidentiality and integrity for media access independent protocols. It is standardized by the IEEE 802.1 working group.

A Wi-Fi deauthentication attack is a type of denial-of-service attack that targets communication between a user and a Wi-Fi wireless access point.

<span class="mw-page-title-main">KRACK</span> Attack on the Wi-Fi Protected Access protocol

KRACK is a replay attack on the Wi-Fi Protected Access protocol that secures Wi-Fi connections. It was discovered in 2016 by the Belgian researchers Mathy Vanhoef and Frank Piessens of the University of Leuven. Vanhoef's research group published details of the attack in October 2017. By repeatedly resetting the nonce transmitted in the third step of the WPA2 handshake, an attacker can gradually match encrypted packets seen before and learn the full keychain used to encrypt the traffic.

In cryptography, Simultaneous Authentication of Equals (SAE) is a password-based authentication and password-authenticated key agreement method.

References

  1. "Aircrack-ng 1.7". Aircrack-ng - Official Aircrack-ng blog (Blog). 2022-05-10. Retrieved 2022-04-08.
  2. Robb, Drew (2023-04-06). "24 Top Open-Source Penetration Testing Tools". eSecurity Planet. Retrieved 2023-10-06.
  3. Antaryami, Aradhna (2021-09-29). Comparative analysis of Parrot, Kali Linux and Network Security Toolkit (NST). ERA (Technical report). doi: 10.7939/r3-pcre-7v35 . Archived from the original on 2023-08-14. Retrieved 2023-08-10.
  4. Cisar, Petar; Pinter, Robert (2019-12-23). "Some ethical hacking possibilities in Kali Linux environment". Journal of Applied Technical and Educational Sciences. 9 (4): 129–149. doi: 10.24368/jates.v9i4.139 . ISSN   2560-5429. S2CID   213755656.
  5. MacMichael, John L. (2005-07-21). "Auditing Wi-Fi Protected Access (WPA) Pre-Shared Key Mode". Archived from the original on 2023-08-14. Retrieved 2023-08-10.
  6. 1 2 Kissi, Michael Kyei; Asante, Michael (2020). "Penetration Testing of IEEE 802.11 Encryption Protocols using Kali Linux Hacking Tools". International Journal of Computer Applications. 176 (32): 4–5. doi: 10.5120/ijca2020920365 .
  7. Nykvist, Gustav; Larsson, Johannes (2008). "Practical WLAN security, spring 2008". Archived from the original on 2023-08-14. Retrieved 2023-08-10.
  8. Chaabouni, Rafik (2006). "Break WEP Faster with Statistical Analysis". epfl.ch. Retrieved 2023-09-08.
  9. Alamanni, Marco (2015). Kali Linux Wireless Penetration Testing Essentials. Packt. p. 8. ISBN   9781785280856.
  10. IEEE Standard for Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) specifications. IEEE STD 802.11-1997. 1997. p. 6. doi:10.1109/IEEESTD.1997.85951. ISBN   978-0-7381-3044-6.
  11. Zhao, Songhe; Shoniregun, Charles A. (2007). Critical Review of Unsecured WEP. 2007 IEEE Congress on Services (Services 2007). pp. 368–374. doi:10.1109/SERVICES.2007.27. ISBN   978-0-7695-2926-4. S2CID   20721020.
  12. Thakur, Hasnain Nizam; Al Hayajneh, Abdullah; Thakur, Kutub; Kamruzzaman, Abu; Ali, Md Liakat (2023). A Comprehensive Review of Wireless Security Protocols and Encryption Applications. 2023 IEEE World AI IoT Congress (AIIoT). IEEE. pp. 0373–0379. doi:10.1109/AIIoT58121.2023.10174571. ISBN   979-8-3503-3761-7. S2CID   259859998.
  13. 1 2 Stubblefield, Adam; Ioannidis, John; Rubin, Aviel D. (2004-05-01). "A key recovery attack on the 802.11b wired equivalent privacy protocol (WEP)". ACM Transactions on Information and System Security. 7 (2): 319–332. doi:10.1145/996943.996948. ISSN   1094-9224. S2CID   1493765.
  14. Selim, G.; El Badawy, H.M.; Salam, M.A. (2006). New protocol design for wireless networks security. 2006 8th International Conference Advanced Communication Technology. Vol. 1. pp. 4 pp.–776. doi:10.1109/ICACT.2006.206078. ISBN   89-5519-129-4. S2CID   28833101.
  15. 1 2 3 4 Bittau, Andrea (2005). The fragmentation attack in practice (PDF). IEEE Symposium on Security and Privacy.
  16. Borsc, M.; Shinde, H. (2005). Wifeless security & privacy. 2005 IEEE International Conference on Personal Wireless Communications, 2005. ICPWC 2005. p. 425. doi:10.1109/ICPWC.2005.1431380. ISBN   0-7803-8964-6. S2CID   19153960.
  17. 1 2 3 Borisov, Nikita; Goldberg, Ian; Wagner, David (2001-07-16). "Intercepting mobile communications: The insecurity of 802.11". Proceedings of the 7th annual international conference on Mobile computing and networking. MobiCom '01. New York, NY, USA: Association for Computing Machinery. pp. 180–189. doi:10.1145/381677.381695. ISBN   978-1-58113-422-3. S2CID   216758.
  18. 1 2 3 Arbaugh, William A. "An Inductive Chosen Plaintext Attack against WEP/WEP2". www.cs.umd.edu. Archived from the original on 2023-08-24. Retrieved 2023-08-24.
  19. Vondráček, Martin; Pluskal, Jan; Ryšavý, Ondřej (2018). "Automation of MitM Attack on Wi-Fi Networks". In Matoušek, Petr; Schmiedecker, Martin (eds.). Digital Forensics and Cyber Crime. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering. Vol. 216. Cham: Springer International Publishing. pp. 207–220. doi:10.1007/978-3-319-73697-6_16. ISBN   978-3-319-73697-6.
  20. Kumkar, Vishal; Tiwari, Akhil; Tiwari, Pawan; Gupta, Ashish; Shrawne, Seema (2012). "WPA Exploitation In The World Of Wireless Network". International Journal of Advanced Research in Computer Engineering & Technology. 1 (2).
  21. 1 2 3 4 Lashkari, Arash Habibi; Danesh, Mir Mohammad Seyed; Samadi, Behrang (2009). A survey on wireless security protocols (WEP, WPA and WPA2/802.11i). 2009 2nd IEEE International Conference on Computer Science and Information Technology. pp. 48–52. doi:10.1109/ICCSIT.2009.5234856. ISBN   978-1-4244-4519-6. S2CID   12691855.
  22. 1 2 3 Siwamogsatham, Siwaruk; Srilasak, Songrit; Limmongkol, Kitiwat; Wongthavarawat, Kitti (2008). Encryption vs. Performance of infrastructure IEEE 802.11 WLANs. 2008 Wireless Telecommunications Symposium. pp. 405–408. doi:10.1109/WTS.2008.4547595. ISBN   978-1-4244-1869-5. S2CID   26431268.
  23. Khasawneh, Mahmoud; Kajman, Izadeen; Alkhudaidy, Rashed; Althubyani, Anwar (2014). "A Survey on Wi-Fi Protocols: WPA and WPA2". In Martínez Pérez, Gregorio; Thampi, Sabu M.; Ko, Ryan; Shu, Lei (eds.). Recent Trends in Computer Networks and Distributed Systems Security. Communications in Computer and Information Science. Vol. 420. Berlin, Heidelberg: Springer. pp. 496–511. doi:10.1007/978-3-642-54525-2_44. ISBN   978-3-642-54525-2.
  24. "Technical Note Removal of TKIP from Wi-Fi® Devices" (PDF). wi-fi.org. 2015-03-16. Retrieved 2023-09-08.
  25. "WPA2™ Security Now Mandatory for Wi-Fi CERTIFIED™ Products | Wi-Fi Alliance". www.wi-fi.org. Retrieved 2023-09-08.
  26. Opio, Joe. "WPA2 Residential - An extension of 802.11i WPA2 Personal" (PDF). Retrieved 2023-09-08.
  27. Xia, Wen Yu; Wu, Kai Jun; Zhou, Liang (2014). "The Security Analysis of WLAN Protocol Based on 802.11i". Applied Mechanics and Materials. 513–517: 628–631. doi:10.4028/www.scientific.net/AMM.513-517.628. ISSN   1662-7482. S2CID   108686720.
  28. Cam-Winget, Nancy; Housley, Russ; Wagner, David; Walker, Jesse (2003). "Security flaws in 802.11 data link protocols". Communications of the ACM. 46 (5): 35–39. doi:10.1145/769800.769823. ISSN   0001-0782. S2CID   3132937.
  29. Sudar, Chandramohan; Arjun, S K; Deepthi, L. R. (2017). Time-based one-time password for Wi-Fi authentication and security. 2017 International Conference on Advances in Computing, Communications and Informatics (ICACCI). pp. 1212–1216. doi:10.1109/ICACCI.2017.8126007. ISBN   978-1-5090-6367-3. S2CID   25011403.
  30. 1 2 3 Noman, Haitham Ameen; Abdullah, Shahidan M.; Mohammed, Haydar Imad (2015). "An Automated Approach to Detect Deauthentication and Disassociation Dos Attacks on Wireless 802.11 Networks". IJCSI International Journal of Computer Science Issues. 12 (4): 108 via ResearchGate.
  31. Simon, Dan; Aboba, Bernard; Moore, Tim (2000). "IEEE 802.11 Security and 802.1X" (PDF). free.fr. Retrieved 2023-08-24.
  32. Fluhrer, Scott; Mantin, Itsik; Shamir, Adi (2001). "Weaknesses in the Key Scheduling Algorithm of RC4" (PDF).
  33. 1 2 Stubblefield, Adam; Ioannidis, John; Rubin, Aviel D. (2001-08-21). "Using the Fluhrer, Mantin, and Shamir Attack to Break WEP" (PDF). Retrieved 2023-09-01.
  34. Chaabouni, Rafik (2006). Break WEP Faster with Statistical Analysis (Technical report).
  35. 1 2 3 4 "changelog_aircrack [Aircrack-ng]". www.aircrack-ng.org. Retrieved 2023-08-12.
  36. 1 2 Yuan, Xiaohong; Wright, Omari T.; Yu, Huiming; Williams, Kenneth A. (2008-09-26). "Laboratory design for wireless network attacks". Proceedings of the 5th annual conference on Information security curriculum development. InfoSecCD '08. New York, NY, USA: Association for Computing Machinery. pp. 5–12. doi:10.1145/1456625.1456629. ISBN   978-1-60558-333-4. S2CID   179367.
  37. 1 2 "chopchop (Experimental WEP attacks) : Unix/Linux". netstumbler.org. Retrieved 2023-08-24.
  38. "chopchop (Experimental WEP attacks) : Unix/Linux". netstumbler.org. Retrieved 2023-08-24.
  39. Guennoun, Mouhcine; Lbekkouri, Aboubakr; Benamrane, Amine; Ben-Tahir, Mohamed; El-Khatib, Khalil (2008). Wireless networks security: Proof of chopchop attack. 2008 International Symposium on a World of Wireless, Mobile and Multimedia Networks. pp. 1–4. doi:10.1109/WOWMOM.2008.4594924. ISBN   978-1-4244-2099-5. S2CID   2936140.
  40. Halvorsen, Finn M.; Haugen, Olav; Eian, Martin; Mjølsnes, Stig F. (2009), Jøsang, Audun; Maseng, Torleiv; Knapskog, Svein Johan (eds.), "An Improved Attack on TKIP", Identity and Privacy in the Internet Age, Lecture Notes in Computer Science, vol. 5838, Berlin, Heidelberg: Springer Berlin Heidelberg, pp. 120–132, doi:10.1007/978-3-642-04766-4_9, ISBN   978-3-642-04765-7 , retrieved 2023-08-12
  41. Ji, Qingbing; Zhang, Lijun; Yu, Fei (2013). "Improvement of Chopchop Attack". In Zhong, Zhicai (ed.). Proceedings of the International Conference on Information Engineering and Applications (IEA) 2012. Lecture Notes in Electrical Engineering. Vol. 218. London: Springer. pp. 329–336. doi:10.1007/978-1-4471-4847-0_41. ISBN   978-1-4471-4847-0.
  42. Tews, Erik (2007-12-15). "Diploma thesis Fachgebiet Theoretische Informatik" (PDF). Retrieved 2023-08-10.
  43. Tews, Erik; Weinmann, Ralf-Philipp; Pyshkin, Andrei (2007). "Breaking 104 Bit WEP in Less Than 60 Seconds". In Kim, Sehun; Yung, Moti; Lee, Hyung-Woo (eds.). Information Security Applications. Lecture Notes in Computer Science. Vol. 4867. Berlin, Heidelberg: Springer. pp. 188–202. doi:10.1007/978-3-540-77535-5_14. ISBN   978-3-540-77535-5.
  44. Stubblefield, Adam; Ioannidis, John; Rubin, Aviel D. (2004). "A key recovery attack on the 802.11b wired equivalent privacy protocol (WEP)". ACM Transactions on Information and System Security. 7 (2): 319–332. doi:10.1145/996943.996948. ISSN   1094-9224. S2CID   1493765.
  45. Hulton, David (2022-02-22). "Practical Exploitation of RC4 Weaknesses in WEP Environments" . Retrieved 2023-09-07.
  46. Bittau, Andrea (2003-09-12). "Additional weak IV classes for the FMS attack". Archived from the original on 2007-09-30. Retrieved 2023-09-01.
  47. 1 2 3 Tews, Erik; Beck, Martin (2009-03-16). "Practical attacks against WEP and WPA" (PDF). Proceedings of the second ACM conference on Wireless network security. WiSec '09. New York, NY, USA: Association for Computing Machinery. pp. 79–86. doi:10.1145/1514274.1514286. ISBN   978-1-60558-460-7. S2CID   775144.
  48. Halvorsen, Finn M.; Haugen, Olav; Eian, Martin; Mjølsnes, Stig F. (2009). "An Improved Attack on TKIP". In Jøsang, Audun; Maseng, Torleiv; Knapskog, Svein Johan (eds.). Identity and Privacy in the Internet Age. Lecture Notes in Computer Science. Vol. 5838. Berlin, Heidelberg: Springer. pp. 120–132. doi:10.1007/978-3-642-04766-4_9. ISBN   978-3-642-04766-4.
  49. Vaudenay, Serge; Vuagnoux, Martin (2007). "Passive–Only Key Recovery Attacks on RC4". In Adams, Carlisle; Miri, Ali; Wiener, Michael (eds.). Selected Areas in Cryptography. Lecture Notes in Computer Science. Vol. 4876. Berlin, Heidelberg: Springer. pp. 344–359. doi: 10.1007/978-3-540-77360-3_22 . ISBN   978-3-540-77360-3.
  50. Halvorsen, Finn M.; Haugen, Olav; Eian, Martin; Mjølsnes, Stig F. (2009). "An Improved Attack on TKIP". In Jøsang, Audun; Maseng, Torleiv; Knapskog, Svein Johan (eds.). Identity and Privacy in the Internet Age. Lecture Notes in Computer Science. Vol. 5838. Berlin, Heidelberg: Springer. pp. 120–132. doi:10.1007/978-3-642-04766-4_9. ISBN   978-3-642-04766-4.
  51. 1 2 3 4 Kumbar, Vishal; Tiwari, Akhil; Tiwari, Pawan; Gupta, Ashish; Shrawne, Seema (2012). "Vulnerabilities of Wireless Security protocols (WEP and WPA2)". International Journal of Advanced Research in Computer Engineering & Technology. 1 (2): 35.
  52. Baray, Elyas; Kumar Ojha, Nitish (2021). WLAN Security Protocols and WPA3 Security Approach Measurement Through Aircrack-ng Technique. 2021 5th International Conference on Computing Methodologies and Communication (ICCMC). pp. 23–30. doi:10.1109/ICCMC51019.2021.9418230. ISBN   978-1-6654-0360-3. S2CID   233990683.
  53. Ramachandran, Vivek (2011). Backtrack 5 Wireless Penetration Testing: Beginner's Guide. Packt Publishing. ISBN   978-1849515580.
  54. Moreno, Daniel (2016). Pentest em redes sem fio (in Portuguese). Novatec Editora. ISBN   978-8575224830.
  55. Lanze, Fabian; Panchenko, Andriy; Ponce-Alcaide, Ignacio; Engel, Thomas (2014-09-21). "Undesired relatives: Protection mechanisms against the evil twin attack in IEEE 802.11". Proceedings of the 10th ACM symposium on QoS and security for wireless and mobile networks. Q2SWinet '14. New York, NY, USA: Association for Computing Machinery. pp. 87–94. doi:10.1145/2642687.2642691. ISBN   978-1-4503-3027-5. S2CID   16163079.
  56. Administrator. (2015-02-03). "Hirte Attack". Penetration Testing Lab. Retrieved 2023-08-24.
  57. Abdalla, Michel; Pointcheval, David; Fouque, Pierre-Alain; Vergnaud, Damien, eds. (2009). Applied Cryptography and Network Security. Lecture Notes in Computer Science. Vol. 5536. p. 408. doi:10.1007/978-3-642-01957-9. ISBN   978-3-642-01956-2. ISSN   0302-9743. S2CID   5468669.
  58. Wardana, I N K; Ciptayani, P I; Suranata, I W A (2018). "Sub-1GHz wireless sensing and control instruments for green house farming system". Journal of Physics: Conference Series. 953 (1): 012081. Bibcode:2018JPhCS.953a2081W. doi: 10.1088/1742-6596/953/1/012081 . ISSN   1742-6588. S2CID   169566536.
  59. Joshi, Deep; Dwivedi, Ved Vyas; Pattani, K.M. (2017). "De-Authentication attack on wireless network 802.11i using Kali Linux". International Research Journal of Engineering and Technology. 4 (1). eISSN   2395-0056.
  60. Günther, Stephan M.; Leclaire, Maurice; Michaelis, Julius; Carle, Georg (2014). Analysis of injection capabilities and media access of IEEE 802.11 hardware in monitor mode. 2014 IEEE Network Operations and Management Symposium (NOMS). pp. 1–9. doi:10.1109/NOMS.2014.6838262. ISBN   978-1-4799-0913-1. S2CID   2819887.
  61. Prasad, Ajay; Verma, Sourabh Singh; Dahiya, Priyanka; Kumar, Anil (2021). "A Case Study on the Monitor Mode Passive Capturing of WLAN Packets in an On-the-Move Setup". IEEE Access. 9: 152408–152420. Bibcode:2021IEEEA...9o2408P. doi: 10.1109/ACCESS.2021.3127079 . ISSN   2169-3536. S2CID   243967156.
  62. Oransirikul, Thongtat; Nishide, Ryo; Piumarta, Ian; Takada, Hideyuki (2014-01-01). "Measuring Bus Passenger Load by Monitoring Wi-Fi Transmissions from Mobile Devices". Procedia Technology. International workshop on Innovations in Information and Communication Science and Technology, IICST 2014, 3-5 September 2014, Warsaw, Poland. 18: 120–125. doi: 10.1016/j.protcy.2014.11.023 . ISSN   2212-0173.
  63. Kacic, Matej. "New Approach in Wireless Intrusion Detection System" . Retrieved 2023-08-12.
  64. Abdalla, Michel; Pointcheval, David; Fouque, Pierre-Alain; Vergnaud, Damien, eds. (2009). Applied Cryptography and Network Security. Lecture Notes in Computer Science. Vol. 5536. p. 409. doi:10.1007/978-3-642-01957-9. ISBN   978-3-642-01956-2. ISSN   0302-9743. S2CID   5468669.
  65. 1 2 Bittau, A.; Handley, M.; Lackey, J. (2006). The final nail in WEP's coffin. 2006 IEEE Symposium on Security and Privacy (S&P'06). pp. 15 pp.–400. doi:10.1109/SP.2006.40. ISBN   0-7695-2574-1. S2CID   17323665.
  66. Gupta, Deepak; Ramachandran, Vivek. "The Emperor Has No Cloak - WEP Cloaking Exposed" (PDF). Retrieved 2023-08-15.
  67. Alamanni, Marco (2015). Kali Linux Wireless Penetration Testing Essentials. Packt. ISBN   978-1785280856.
  68. Nishi, Ryuzou; Hori, Yoshiaki; Sakurai, Kouichi (2008). Key Distribution Scheme Using Matched Filter Resistant against DoS Attack. 22nd International Conference on Advanced Information Networking and Applications - Workshops (Aina workshops 2008). pp. 1534–1539. doi:10.1109/WAINA.2008.180. ISBN   978-0-7695-3096-3. S2CID   18573212.
  69. Noh, Jaewon; Kim, Jeehyeong; Kwon, Giwon; Cho, Sunghyun (2016). Secure key exchange scheme for WPA/WPA2-PSK using public key cryptography. 2016 IEEE International Conference on Consumer Electronics-Asia (ICCE-Asia). pp. 1–4. doi:10.1109/ICCE-Asia.2016.7804782. ISBN   978-1-5090-2743-9. S2CID   10595698.
  70. Abdelrahman, A.; Khaled, H.; Shaaban, Eman; Elkilani, Wail S. (2018). WPA-WPA2 PSK Cracking Implementation on Parallel Platforms. 2018 13th International Conference on Computer Engineering and Systems (ICCES). pp. 448–453. doi:10.1109/ICCES.2018.8639328. ISBN   978-1-5386-5111-7. S2CID   61811881.
  71. Stimpson, Thomas; Liu, Lu; Zhang, Jianjun; Hill, Richard; Liu, Weining; Zhan, Yongzhao (2012). Assessment of security and vulnerability of home wireless networks. 2012 9th International Conference on Fuzzy Systems and Knowledge Discovery. pp. 2133–2137. doi:10.1109/FSKD.2012.6233783. ISBN   978-1-4673-0024-7. S2CID   11965972.
  72. Phifer, Lisa. "WPA PSK Crackers: Loose Lips Sink Ships" (PDF). Retrieved 2023-08-26.
  73. Singh, Rajeev; Sharma, Teek Parval (2015-05-10). "On the IEEE 802.11i security: a denial-of-service perspective: On the IEEE 802.11i security: a denial-of-service perspective". Security and Communication Networks. 8 (7): 3. doi:10.1002/sec.1079.
  74. 1 2 "changelog [Aircrack-ng]". www.aircrack-ng.org. Retrieved 2023-08-12.
  75. De Rango, Floriano; Lentini, Dionigi Cristian; Marano, Salvatore (2006). "Static and Dynamic 4-Way Handshake Solutions to Avoid Denial of Service Attack in Wi-Fi Protected Access and IEEE 802.11i". EURASIP Journal on Wireless Communications and Networking. 2006 (1): 4–6. doi: 10.1155/WCN/2006/47453 . ISSN   1687-1499.
  76. Tuysuz, M. F.; Mantar, H. A. (2014-03-01). "A Beacon-Based Collision-Free Channel Access Scheme for IEEE 802.11 WLANs". Wireless Personal Communications. 75 (1): 158–159. doi:10.1007/s11277-013-1353-z. ISSN   1572-834X. S2CID   255131564.
  77. Rondon, Luis Puche; Babun, Leonardo; Akkaya, Kemal; Uluagac, A. Selcuk (2019-12-09). "HDMI-walk: Attacking HDMI distribution networks via consumer electronic control protocol". Proceedings of the 35th Annual Computer Security Applications Conference. ACSAC '19. New York, NY, USA: Association for Computing Machinery. pp. 650–659. doi: 10.1145/3359789.3359841 . ISBN   978-1-4503-7628-0. S2CID   203836275.