A couple of months back, I walked past a friend who was working furiously on her laptop. It was her red BackTrack wallpaper that caught my attention. Being curious, I proceeded to ask her opinion on BackTrack 5 as I have yet to get my hands on those.
It turns out that this was her first BackTrack and she was still exploring the tools. She also shared with me that she learnt how to crack her own WEP router back home but could better appreciate the significance of cracking the WEP if she had better knowledge on what went behind the scenes with respect to the exploits. (Subject is not named to protect her identity).
I believe most of us could relate to her situation especially when we were starting out in the field of security. Truth be told, with the tools available today, one does not need to know what is happening in the background. Just launch the program and launch the exploit. As with the majority of the software consumers, we embrace the "It just works!" mentality on a daily basis.
Taking a look at BackTrack 5, I was surprised to see how "user-friendly" WEP cracking has evolved. A tool called Fern WiFi Cracker is available in BackTrack 5 where it provides users with a nice GUI, choose their target and run the exploit on their victims. This software, written in Python leverages on the Aircrack-NG suite in the background to deliver the exploit. In short, it does the complicated/tedious commands on behalf of the user and all you need to know is your target.
I was also surprised to discover that the rage of supported Wi-Fi adaptors improved. I can finally use my AWUS036NH, which uses the RT3070 chipset, that offers 802.11N support as well as a 2000 mW max output for better range. So how simple is it to use Fern?
Simply select your network interface, and scan your environment.
Select your target, and click exploit. The cracked password should appear in a minute or so.
Image Source: hackingcrackingweb.blogspot.in
Having tried the tool myself, I cannot help but conclude that WEP cracking is no longer a challenge.
With tools like Fern there is no need to know what is an IV, why ARP Request Replay generates IV, and fundamentally why is WEP vulnerable.
For the enterprising hackers, before Fern in BackTrack 5, there was a tool called SPOONWEP that was in BackTrack 3. It does similar cracking and provides users with a GUI to execute the exploit. Products like WiFly-City's 1000mW 10G adaptor below (courtesy of a friend) can be bought online for less than $20 USD and comes with instructions to crack a WEP router.
Would such tools encourage and excite users to learn more about the in-depth concepts of such exploits and ultimately further their knowledge? Or will they simply continue using such tools at face value? A person's choice at this juncture would determine if he or she will lead a path towards being a script kiddie.
Have a great weekend ahead and have a Happy Lunar New Year!
Shared by Andre Ng, First Mate of Div0.
Commenti