SlideShare uma empresa Scribd logo

Cafe Latte

AirTight Networks
AirTight Networks
Tecnologia
1 de 12
Vivek Ramachandran MD Sohail Ahmad www.airtightnetworks.net Cafe Latte with a Free Topping of Cracked WEP - Retrieving WEP Keys From Road-Warriors
Talk Outline ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Cracks in WEP -- Historic Evolution 2001 - The insecurity of 802.11, Mobicom, July 2001 N. Borisov, I. Goldberg and D. Wagner. 2001 - Weaknesses in the key scheduling algorithm of RC4. S. Fluhrer, I. Mantin, A. Shamir. Aug 2001. 2002 - Using the Fluhrer, Mantin, and Shamir Attack to Break WEP A. Stubblefield, J. Ioannidis, A. Rubin. 2004 – KoreK, improves on the above technique and reduces the complexity of WEP cracking. We now require only around 500,000 packets to break the WEP key. 2005 – Adreas Klein introduces more correlations between the RC4 key stream and the key. 2007 – PTW extend Andreas technique to further simplify WEP Cracking. Now with just around 60,000 – 90,000 packets it is possible to break the WEP key. Is there really a need for a New Attack?
Limitations of the traditional WEP Cracking ,[object Object],[object Object],Client AP Hacker
An example scenario where traditional approaches fail ,[object Object],Hacker Victim ,[object Object],[object Object],[object Object],WEP Cracking Fails!! Café Latte Attack to the rescue!
What is the Café Latte Attack? ,[object Object],[object Object],[object Object],Hacker Client Moon No AP needed
Before we begin – a quick 101!
Attack Background – Windows Wireless Configuration Manager User connects to a WEP protected network “Default” for the first time User enters the WEP key when prompted by the Windows wireless utility “ Default” gets added into the preferred network list (PNL) of the configuration manager
Attack Background - Conclusions ,[object Object],[object Object],[object Object],[object Object],[object Object]
Can we crack WEP with just an isolated Client? ,[object Object],[object Object],[object Object],[object Object],[object Object],Client
Café Latte - How does it work? ,[object Object],[object Object],[object Object],[object Object],Default Default
 

Recomendados

Caffe Latte Attack
Caffe Latte AttackCaffe Latte Attack
Caffe Latte AttackAirTight Networks
 
Caffe Latte Attack Presented In Toorcon
Caffe Latte Attack Presented In ToorconCaffe Latte Attack Presented In Toorcon
Caffe Latte Attack Presented In ToorconMd Sohail Ahmad
 
Chapter11ccna
Chapter11ccnaChapter11ccna
Chapter11ccnarobertoxe
 
Hacking Wireless Networks : Null Delhi (November)
Hacking Wireless Networks : Null Delhi (November)Hacking Wireless Networks : Null Delhi (November)
Hacking Wireless Networks : Null Delhi (November)Mandeep Jadon
 
Nick Stephens-how does someone unlock your phone with nose
Nick Stephens-how does someone unlock your phone with noseNick Stephens-how does someone unlock your phone with nose
Nick Stephens-how does someone unlock your phone with noseGeekPwn Keen
 
N918 specification-www.ttbvs.com
N918 specification-www.ttbvs.comN918 specification-www.ttbvs.com
N918 specification-www.ttbvs.comTTBVS
 
New flaws in WPA-TKIP
New flaws in WPA-TKIPNew flaws in WPA-TKIP
New flaws in WPA-TKIPvanhoefm
 
Huiming Liu-'resident evil' of smart phones--wombie attack
Huiming Liu-'resident evil' of smart phones--wombie attackHuiming Liu-'resident evil' of smart phones--wombie attack
Huiming Liu-'resident evil' of smart phones--wombie attackGeekPwn Keen
 

Recomendados

Caffe Latte Attack
Caffe Latte AttackCaffe Latte Attack
Caffe Latte AttackAirTight Networks
 
Caffe Latte Attack Presented In Toorcon
Caffe Latte Attack Presented In ToorconCaffe Latte Attack Presented In Toorcon
Caffe Latte Attack Presented In ToorconMd Sohail Ahmad
 
Chapter11ccna
Chapter11ccnaChapter11ccna
Chapter11ccnarobertoxe
 
Hacking Wireless Networks : Null Delhi (November)
Hacking Wireless Networks : Null Delhi (November)Hacking Wireless Networks : Null Delhi (November)
Hacking Wireless Networks : Null Delhi (November)Mandeep Jadon
 
Nick Stephens-how does someone unlock your phone with nose
Nick Stephens-how does someone unlock your phone with noseNick Stephens-how does someone unlock your phone with nose
Nick Stephens-how does someone unlock your phone with noseGeekPwn Keen
 
N918 specification-www.ttbvs.com
N918 specification-www.ttbvs.comN918 specification-www.ttbvs.com
N918 specification-www.ttbvs.comTTBVS
 
New flaws in WPA-TKIP
New flaws in WPA-TKIPNew flaws in WPA-TKIP
New flaws in WPA-TKIPvanhoefm
 
Huiming Liu-'resident evil' of smart phones--wombie attack
Huiming Liu-'resident evil' of smart phones--wombie attackHuiming Liu-'resident evil' of smart phones--wombie attack
Huiming Liu-'resident evil' of smart phones--wombie attackGeekPwn Keen
 
Cisco Packet Tracer Overview
Cisco Packet Tracer OverviewCisco Packet Tracer Overview
Cisco Packet Tracer OverviewAli Usman
 
Attacking and Securing WPA Enterprise Networks
Attacking and Securing WPA Enterprise NetworksAttacking and Securing WPA Enterprise Networks
Attacking and Securing WPA Enterprise NetworksNortheast Ohio Information Security Forum
 
Zhiyun Qian-what leaves attacker hijacking USA Today site
Zhiyun Qian-what leaves attacker hijacking USA Today siteZhiyun Qian-what leaves attacker hijacking USA Today site
Zhiyun Qian-what leaves attacker hijacking USA Today siteGeekPwn Keen
 
W2055 specification-www.ttbvs.com
W2055 specification-www.ttbvs.comW2055 specification-www.ttbvs.com
W2055 specification-www.ttbvs.comTTBVS
 
CCNA NAT (Network Address Translation)
CCNA NAT (Network Address Translation)CCNA NAT (Network Address Translation)
CCNA NAT (Network Address Translation)Networkel
 
How Hack WiFi through Aircrack-ng in Kali Linux Cyber Security
How Hack WiFi through Aircrack-ng in Kali Linux Cyber SecurityHow Hack WiFi through Aircrack-ng in Kali Linux Cyber Security
How Hack WiFi through Aircrack-ng in Kali Linux Cyber SecurityAhmad Yar
 
Feb-8-2012-Breaking-Wireless-Security
Feb-8-2012-Breaking-Wireless-SecurityFeb-8-2012-Breaking-Wireless-Security
Feb-8-2012-Breaking-Wireless-SecurityCasey Dunham
 
CCNA Network Monitoring
CCNA Network MonitoringCCNA Network Monitoring
CCNA Network MonitoringNetworkel
 
Webinar NETGEAR - Nuovi AP Professionali Prosafe WAC720 e WAC730
Webinar NETGEAR - Nuovi AP Professionali Prosafe WAC720 e WAC730Webinar NETGEAR - Nuovi AP Professionali Prosafe WAC720 e WAC730
Webinar NETGEAR - Nuovi AP Professionali Prosafe WAC720 e WAC730Netgear Italia
 
Practical Verification of TKIP Vulnerabilities
Practical Verification of TKIP VulnerabilitiesPractical Verification of TKIP Vulnerabilities
Practical Verification of TKIP Vulnerabilitiesvanhoefm
 
Aircrack
AircrackAircrack
AircrackMuhammadHanzalah6
 
Wi-Fi
Wi-FiWi-Fi
Wi-FiShubham Chauhan
 
Hacking wireless networks
Hacking wireless networksHacking wireless networks
Hacking wireless networksSahil Rai
 
CCNA point to point
CCNA point to pointCCNA point to point
CCNA point to pointNetworkel
 
Firewall - Network Defense in Depth Firewalls
Firewall - Network Defense in Depth FirewallsFirewall - Network Defense in Depth Firewalls
Firewall - Network Defense in Depth Firewallsphanleson
 
Packet tracer 6.2 new features
Packet tracer 6.2 new featuresPacket tracer 6.2 new features
Packet tracer 6.2 new featuresSebastien Langlois
 
Cracking WPA/WPA2 with Non-Dictionary Attacks
Cracking WPA/WPA2 with Non-Dictionary AttacksCracking WPA/WPA2 with Non-Dictionary Attacks
Cracking WPA/WPA2 with Non-Dictionary Attacksn|u - The Open Security Community
 
11 01 Tbd I Radius Security
11 01 Tbd I Radius Security11 01 Tbd I Radius Security
11 01 Tbd I Radius Securitysantosh_bhatkhande
 
CSCI 1100 Group 1 project 1
CSCI 1100 Group 1 project 1CSCI 1100 Group 1 project 1
CSCI 1100 Group 1 project 1Julie Young
 
SSL Web VPN
SSL Web VPNSSL Web VPN
SSL Web VPNNetwax Lab
 
123
123123
123arenmmmm
 
SMAC _ Can It Maximise Staff and Customer Engagement? RWTS
SMAC _ Can It Maximise Staff and Customer Engagement? RWTSSMAC _ Can It Maximise Staff and Customer Engagement? RWTS
SMAC _ Can It Maximise Staff and Customer Engagement? RWTSAirTight Networks
 

Mais conteúdo relacionado

Mais procurados

Cisco Packet Tracer Overview
Cisco Packet Tracer OverviewCisco Packet Tracer Overview
Cisco Packet Tracer OverviewAli Usman
 
Zhiyun Qian-what leaves attacker hijacking USA Today site
Zhiyun Qian-what leaves attacker hijacking USA Today siteZhiyun Qian-what leaves attacker hijacking USA Today site
Zhiyun Qian-what leaves attacker hijacking USA Today siteGeekPwn Keen
 
W2055 specification-www.ttbvs.com
W2055 specification-www.ttbvs.comW2055 specification-www.ttbvs.com
W2055 specification-www.ttbvs.comTTBVS
 
CCNA NAT (Network Address Translation)
CCNA NAT (Network Address Translation)CCNA NAT (Network Address Translation)
CCNA NAT (Network Address Translation)Networkel
 
How Hack WiFi through Aircrack-ng in Kali Linux Cyber Security
How Hack WiFi through Aircrack-ng in Kali Linux Cyber SecurityHow Hack WiFi through Aircrack-ng in Kali Linux Cyber Security
How Hack WiFi through Aircrack-ng in Kali Linux Cyber SecurityAhmad Yar
 
Feb-8-2012-Breaking-Wireless-Security
Feb-8-2012-Breaking-Wireless-SecurityFeb-8-2012-Breaking-Wireless-Security
Feb-8-2012-Breaking-Wireless-SecurityCasey Dunham
 
CCNA Network Monitoring
CCNA Network MonitoringCCNA Network Monitoring
CCNA Network MonitoringNetworkel
 
Webinar NETGEAR - Nuovi AP Professionali Prosafe WAC720 e WAC730
Webinar NETGEAR - Nuovi AP Professionali Prosafe WAC720 e WAC730Webinar NETGEAR - Nuovi AP Professionali Prosafe WAC720 e WAC730
Webinar NETGEAR - Nuovi AP Professionali Prosafe WAC720 e WAC730Netgear Italia
 
Practical Verification of TKIP Vulnerabilities
Practical Verification of TKIP VulnerabilitiesPractical Verification of TKIP Vulnerabilities
Practical Verification of TKIP Vulnerabilitiesvanhoefm
 
Hacking wireless networks
Hacking wireless networksHacking wireless networks
Hacking wireless networksSahil Rai
 
CCNA point to point
CCNA point to pointCCNA point to point
CCNA point to pointNetworkel
 
Firewall - Network Defense in Depth Firewalls
Firewall - Network Defense in Depth FirewallsFirewall - Network Defense in Depth Firewalls
Firewall - Network Defense in Depth Firewallsphanleson
 
Packet tracer 6.2 new features
Packet tracer 6.2 new featuresPacket tracer 6.2 new features
Packet tracer 6.2 new featuresSebastien Langlois
 
CSCI 1100 Group 1 project 1
CSCI 1100 Group 1 project 1CSCI 1100 Group 1 project 1
CSCI 1100 Group 1 project 1Julie Young
 

Mais procurados (20)

Cisco Packet Tracer Overview
Cisco Packet Tracer OverviewCisco Packet Tracer Overview
Cisco Packet Tracer Overview
 
Attacking and Securing WPA Enterprise Networks
Attacking and Securing WPA Enterprise NetworksAttacking and Securing WPA Enterprise Networks
Attacking and Securing WPA Enterprise Networks
 
Zhiyun Qian-what leaves attacker hijacking USA Today site
Zhiyun Qian-what leaves attacker hijacking USA Today siteZhiyun Qian-what leaves attacker hijacking USA Today site
Zhiyun Qian-what leaves attacker hijacking USA Today site
 
W2055 specification-www.ttbvs.com
W2055 specification-www.ttbvs.comW2055 specification-www.ttbvs.com
W2055 specification-www.ttbvs.com
 
CCNA NAT (Network Address Translation)
CCNA NAT (Network Address Translation)CCNA NAT (Network Address Translation)
CCNA NAT (Network Address Translation)
 
How Hack WiFi through Aircrack-ng in Kali Linux Cyber Security
How Hack WiFi through Aircrack-ng in Kali Linux Cyber SecurityHow Hack WiFi through Aircrack-ng in Kali Linux Cyber Security
How Hack WiFi through Aircrack-ng in Kali Linux Cyber Security
 
Feb-8-2012-Breaking-Wireless-Security
Feb-8-2012-Breaking-Wireless-SecurityFeb-8-2012-Breaking-Wireless-Security
Feb-8-2012-Breaking-Wireless-Security
 
CCNA Network Monitoring
CCNA Network MonitoringCCNA Network Monitoring
CCNA Network Monitoring
 
Webinar NETGEAR - Nuovi AP Professionali Prosafe WAC720 e WAC730
Webinar NETGEAR - Nuovi AP Professionali Prosafe WAC720 e WAC730Webinar NETGEAR - Nuovi AP Professionali Prosafe WAC720 e WAC730
Webinar NETGEAR - Nuovi AP Professionali Prosafe WAC720 e WAC730
 
Practical Verification of TKIP Vulnerabilities
Practical Verification of TKIP VulnerabilitiesPractical Verification of TKIP Vulnerabilities
Practical Verification of TKIP Vulnerabilities
 
Aircrack
AircrackAircrack
Aircrack
 
Wi-Fi
Wi-FiWi-Fi
Wi-Fi
 
Hacking wireless networks
Hacking wireless networksHacking wireless networks
Hacking wireless networks
 
CCNA point to point
CCNA point to pointCCNA point to point
CCNA point to point
 
Firewall - Network Defense in Depth Firewalls
Firewall - Network Defense in Depth FirewallsFirewall - Network Defense in Depth Firewalls
Firewall - Network Defense in Depth Firewalls
 
Packet tracer 6.2 new features
Packet tracer 6.2 new featuresPacket tracer 6.2 new features
Packet tracer 6.2 new features
 
Cracking WPA/WPA2 with Non-Dictionary Attacks
Cracking WPA/WPA2 with Non-Dictionary AttacksCracking WPA/WPA2 with Non-Dictionary Attacks
Cracking WPA/WPA2 with Non-Dictionary Attacks
 
11 01 Tbd I Radius Security
11 01 Tbd I Radius Security11 01 Tbd I Radius Security
11 01 Tbd I Radius Security
 
CSCI 1100 Group 1 project 1
CSCI 1100 Group 1 project 1CSCI 1100 Group 1 project 1
CSCI 1100 Group 1 project 1
 
SSL Web VPN
SSL Web VPNSSL Web VPN
SSL Web VPN
 

Destaque

SMAC _ Can It Maximise Staff and Customer Engagement? RWTS
SMAC _ Can It Maximise Staff and Customer Engagement? RWTSSMAC _ Can It Maximise Staff and Customer Engagement? RWTS
SMAC _ Can It Maximise Staff and Customer Engagement? RWTSAirTight Networks
 
NYC Annual Citywide Bocce Tournament
NYC Annual Citywide Bocce TournamentNYC Annual Citywide Bocce Tournament
NYC Annual Citywide Bocce TournamentNYCParksDept
 
WizShark : Wi-Fi Troubleshooting Made Easy - CWNP Conference 2014
WizShark : Wi-Fi Troubleshooting Made Easy - CWNP Conference 2014WizShark : Wi-Fi Troubleshooting Made Easy - CWNP Conference 2014
WizShark : Wi-Fi Troubleshooting Made Easy - CWNP Conference 2014AirTight Networks
 
Citywide Beach Volleyball Tournament
Citywide Beach Volleyball TournamentCitywide Beach Volleyball Tournament
Citywide Beach Volleyball TournamentNYCParksDept
 
The Impact of IoT on Enterprise Wi-Fi by AirTight Networks via Slideshare
The Impact of IoT on Enterprise Wi-Fi by AirTight Networks via SlideshareThe Impact of IoT on Enterprise Wi-Fi by AirTight Networks via Slideshare
The Impact of IoT on Enterprise Wi-Fi by AirTight Networks via SlideshareAirTight Networks
 

Destaque (9)

123
123123
123
 
SMAC _ Can It Maximise Staff and Customer Engagement? RWTS
SMAC _ Can It Maximise Staff and Customer Engagement? RWTSSMAC _ Can It Maximise Staff and Customer Engagement? RWTS
SMAC _ Can It Maximise Staff and Customer Engagement? RWTS
 
Activemethods
ActivemethodsActivemethods
Activemethods
 
Volleyball 2008
Volleyball 2008Volleyball 2008
Volleyball 2008
 
NYC Annual Citywide Bocce Tournament
NYC Annual Citywide Bocce TournamentNYC Annual Citywide Bocce Tournament
NYC Annual Citywide Bocce Tournament
 
MulchFest 2009
MulchFest 2009MulchFest 2009
MulchFest 2009
 
WizShark : Wi-Fi Troubleshooting Made Easy - CWNP Conference 2014
WizShark : Wi-Fi Troubleshooting Made Easy - CWNP Conference 2014WizShark : Wi-Fi Troubleshooting Made Easy - CWNP Conference 2014
WizShark : Wi-Fi Troubleshooting Made Easy - CWNP Conference 2014
 
Citywide Beach Volleyball Tournament
Citywide Beach Volleyball TournamentCitywide Beach Volleyball Tournament
Citywide Beach Volleyball Tournament
 
The Impact of IoT on Enterprise Wi-Fi by AirTight Networks via Slideshare
The Impact of IoT on Enterprise Wi-Fi by AirTight Networks via SlideshareThe Impact of IoT on Enterprise Wi-Fi by AirTight Networks via Slideshare
The Impact of IoT on Enterprise Wi-Fi by AirTight Networks via Slideshare
 

Semelhante a Cafe Latte

Security Issues of 802.11b
Security Issues of 802.11bSecurity Issues of 802.11b
Security Issues of 802.11bguestd7b627
 
Security Issues of IEEE 802.11b
Security Issues of IEEE 802.11bSecurity Issues of IEEE 802.11b
Security Issues of IEEE 802.11bSreekanth GS
 
Wired equivalent privacy by SecArmour
Wired equivalent privacy by SecArmour Wired equivalent privacy by SecArmour
Wired equivalent privacy by SecArmourSec Armour
 
4 wifi security
4 wifi security4 wifi security
4 wifi securityal-sari7
 
WEP/WPA attacks
WEP/WPA attacksWEP/WPA attacks
WEP/WPA attacksHuda Seyam
 
L14 More Wireless Hacking: Cracking Wired Equivalent Privacy (WEP) it-slidesh...
L14 More Wireless Hacking: Cracking Wired Equivalent Privacy (WEP) it-slidesh...L14 More Wireless Hacking: Cracking Wired Equivalent Privacy (WEP) it-slidesh...
L14 More Wireless Hacking: Cracking Wired Equivalent Privacy (WEP) it-slidesh...phanleson
 
Wireless security presentation
Wireless security presentationWireless security presentation
Wireless security presentationMuhammad Zia
 
Wireless Device and Network level security
Wireless Device and Network level securityWireless Device and Network level security
Wireless Device and Network level securityChetan Kumar S
 
Pentesting Your Own Wireless Networks, June 2011 Issue
Pentesting Your Own Wireless Networks, June 2011 IssuePentesting Your Own Wireless Networks, June 2011 Issue
Pentesting Your Own Wireless Networks, June 2011 IssueIshan Girdhar
 
Wireless security837
Wireless security837Wireless security837
Wireless security837mark scott
 
Wireless Security
Wireless SecurityWireless Security
Wireless SecuritysiDz
 
How to Hack WiFi on Windows
How to Hack WiFi on Windows How to Hack WiFi on Windows
How to Hack WiFi on Windows Vrushank Narola
 
Hacking Wireless Networks by Mandeep Singh Jadon
Hacking Wireless Networks by Mandeep Singh JadonHacking Wireless Networks by Mandeep Singh Jadon
Hacking Wireless Networks by Mandeep Singh JadonOWASP Delhi
 
DTS Solution - Wireless Security Protocols / PenTesting
DTS Solution - Wireless Security Protocols / PenTesting DTS Solution - Wireless Security Protocols / PenTesting
DTS Solution - Wireless Security Protocols / PenTesting Shah Sheikh
 
Fundamentals of network hacking
Fundamentals of network hackingFundamentals of network hacking
Fundamentals of network hackingPranshu Pareek
 

Semelhante a Cafe Latte (20)

Security Issues of 802.11b
Security Issues of 802.11bSecurity Issues of 802.11b
Security Issues of 802.11b
 
Security Issues of IEEE 802.11b
Security Issues of IEEE 802.11bSecurity Issues of IEEE 802.11b
Security Issues of IEEE 802.11b
 
Wired equivalent privacy by SecArmour
Wired equivalent privacy by SecArmour Wired equivalent privacy by SecArmour
Wired equivalent privacy by SecArmour
 
Wifi Security
Wifi SecurityWifi Security
Wifi Security
 
4 wifi security
4 wifi security4 wifi security
4 wifi security
 
Shashank wireless lans security
Shashank wireless lans securityShashank wireless lans security
Shashank wireless lans security
 
WEP/WPA attacks
WEP/WPA attacksWEP/WPA attacks
WEP/WPA attacks
 
609 618
609 618609 618
609 618
 
L14 More Wireless Hacking: Cracking Wired Equivalent Privacy (WEP) it-slidesh...
L14 More Wireless Hacking: Cracking Wired Equivalent Privacy (WEP) it-slidesh...L14 More Wireless Hacking: Cracking Wired Equivalent Privacy (WEP) it-slidesh...
L14 More Wireless Hacking: Cracking Wired Equivalent Privacy (WEP) it-slidesh...
 
Airheads vail 2011 pci 2.0 compliance
Airheads vail 2011 pci 2.0 complianceAirheads vail 2011 pci 2.0 compliance
Airheads vail 2011 pci 2.0 compliance
 
Wireless security presentation
Wireless security presentationWireless security presentation
Wireless security presentation
 
Wireless Device and Network level security
Wireless Device and Network level securityWireless Device and Network level security
Wireless Device and Network level security
 
Pentesting Your Own Wireless Networks, June 2011 Issue
Pentesting Your Own Wireless Networks, June 2011 IssuePentesting Your Own Wireless Networks, June 2011 Issue
Pentesting Your Own Wireless Networks, June 2011 Issue
 
Wireless security837
Wireless security837Wireless security837
Wireless security837
 
Wireless Security
Wireless SecurityWireless Security
Wireless Security
 
How to Hack WiFi on Windows
How to Hack WiFi on Windows How to Hack WiFi on Windows
How to Hack WiFi on Windows
 
Hacking Wireless Networks by Mandeep Singh Jadon
Hacking Wireless Networks by Mandeep Singh JadonHacking Wireless Networks by Mandeep Singh Jadon
Hacking Wireless Networks by Mandeep Singh Jadon
 
DTS Solution - Wireless Security Protocols / PenTesting
DTS Solution - Wireless Security Protocols / PenTesting DTS Solution - Wireless Security Protocols / PenTesting
DTS Solution - Wireless Security Protocols / PenTesting
 
Aircrack
AircrackAircrack
Aircrack
 
Fundamentals of network hacking
Fundamentals of network hackingFundamentals of network hacking
Fundamentals of network hacking
 

Mais de AirTight Networks

iBeacon Reality Check _ Essential Considerations for an iBeacon Deployment
iBeacon Reality Check _ Essential Considerations for an iBeacon DeploymentiBeacon Reality Check _ Essential Considerations for an iBeacon Deployment
iBeacon Reality Check _ Essential Considerations for an iBeacon DeploymentAirTight Networks
 
WLPC: Staying on Top of Security and Spectrum Rules in WIPS Deployments by He...
WLPC: Staying on Top of Security and Spectrum Rules in WIPS Deployments by He...WLPC: Staying on Top of Security and Spectrum Rules in WIPS Deployments by He...
WLPC: Staying on Top of Security and Spectrum Rules in WIPS Deployments by He...AirTight Networks
 
The New Economics of Wi-Fi _ Disruptive Forces Driving Innovation for Carrier...
The New Economics of Wi-Fi _ Disruptive Forces Driving Innovation for Carrier...The New Economics of Wi-Fi _ Disruptive Forces Driving Innovation for Carrier...
The New Economics of Wi-Fi _ Disruptive Forces Driving Innovation for Carrier...AirTight Networks
 
Marriott Fined 600K by FCC for Blocking Guests Wi-Fi
Marriott Fined 600K by FCC for Blocking Guests Wi-FiMarriott Fined 600K by FCC for Blocking Guests Wi-Fi
Marriott Fined 600K by FCC for Blocking Guests Wi-FiAirTight Networks
 
SMAC - Presentation from RetailWeek Technology Summit, Sept 23
SMAC - Presentation from RetailWeek Technology Summit, Sept 23SMAC - Presentation from RetailWeek Technology Summit, Sept 23
SMAC - Presentation from RetailWeek Technology Summit, Sept 23AirTight Networks
 

Mais de AirTight Networks (6)

iBeacon Reality Check _ Essential Considerations for an iBeacon Deployment
iBeacon Reality Check _ Essential Considerations for an iBeacon DeploymentiBeacon Reality Check _ Essential Considerations for an iBeacon Deployment
iBeacon Reality Check _ Essential Considerations for an iBeacon Deployment
 
WLPC: Staying on Top of Security and Spectrum Rules in WIPS Deployments by He...
WLPC: Staying on Top of Security and Spectrum Rules in WIPS Deployments by He...WLPC: Staying on Top of Security and Spectrum Rules in WIPS Deployments by He...
WLPC: Staying on Top of Security and Spectrum Rules in WIPS Deployments by He...
 
The New Economics of Wi-Fi _ Disruptive Forces Driving Innovation for Carrier...
The New Economics of Wi-Fi _ Disruptive Forces Driving Innovation for Carrier...The New Economics of Wi-Fi _ Disruptive Forces Driving Innovation for Carrier...
The New Economics of Wi-Fi _ Disruptive Forces Driving Innovation for Carrier...
 
Marriott Fined 600K by FCC for Blocking Guests Wi-Fi
Marriott Fined 600K by FCC for Blocking Guests Wi-FiMarriott Fined 600K by FCC for Blocking Guests Wi-Fi
Marriott Fined 600K by FCC for Blocking Guests Wi-Fi
 
Appi fi
Appi fiAppi fi
Appi fi
 
SMAC - Presentation from RetailWeek Technology Summit, Sept 23
SMAC - Presentation from RetailWeek Technology Summit, Sept 23SMAC - Presentation from RetailWeek Technology Summit, Sept 23
SMAC - Presentation from RetailWeek Technology Summit, Sept 23
 

Último

Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfOverkill Security
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024The Digital Insurer
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...apidays
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Victor Rentea
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyKhushali Kathiriya
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...apidays
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfOrbitshub
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDropbox
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Orbitshub
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxRustici Software
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...apidays
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Zilliz
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native ApplicationsWSO2
 

Último (20)

Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 

Cafe Latte

  • 1. Vivek Ramachandran MD Sohail Ahmad www.airtightnetworks.net Cafe Latte with a Free Topping of Cracked WEP - Retrieving WEP Keys From Road-Warriors
  • 2.
  • 3. Cracks in WEP -- Historic Evolution 2001 - The insecurity of 802.11, Mobicom, July 2001 N. Borisov, I. Goldberg and D. Wagner. 2001 - Weaknesses in the key scheduling algorithm of RC4. S. Fluhrer, I. Mantin, A. Shamir. Aug 2001. 2002 - Using the Fluhrer, Mantin, and Shamir Attack to Break WEP A. Stubblefield, J. Ioannidis, A. Rubin. 2004 – KoreK, improves on the above technique and reduces the complexity of WEP cracking. We now require only around 500,000 packets to break the WEP key. 2005 – Adreas Klein introduces more correlations between the RC4 key stream and the key. 2007 – PTW extend Andreas technique to further simplify WEP Cracking. Now with just around 60,000 – 90,000 packets it is possible to break the WEP key. Is there really a need for a New Attack?
  • 4.
  • 5.
  • 6.
  • 7. Before we begin – a quick 101!
  • 8. Attack Background – Windows Wireless Configuration Manager User connects to a WEP protected network “Default” for the first time User enters the WEP key when prompted by the Windows wireless utility “ Default” gets added into the preferred network list (PNL) of the configuration manager
  • 9.
  • 10.
  • 11.
  • 12.