5. 8/6/16
WPA and Rainbows
●
Can you make WPA rainbow tables?
– Yes but you’d be an idiot
●
Why?
– Glad you asked!
– WPA[1,2] takes a string as the password and salts it with the SSID
– “password” + “Linksys” == “passwordLinksys”
– Actually this is how you make the pair-wise master key
pwmk = PBKDF2(HMAC-SHA1, “password”, “Linksys”, 4096 rounds, 256
bit)
– Therefore, only pre-compute words for common SSIDs
7. 8/6/16
Demo?
●
Play along at home:
http://www.lovemytool.com/files/test.pcap
●
Precompute WPA key
– https://www.wireshark.org/tools/wpa-psk.html
●
Open wireshark preferences
●
Got to IEEE 802.11 and add key
●
…
●
Magic
8. 8/6/16
Old Rage
●
“Well I use HTTPS and that’s just passive
interception”
– Mostly true
●
We still have ARP and DHCP and DNS servers
that are skiddy hackable
●
Can’t trust any shared networks
10. 8/6/16
Enterprise Environments
●
WPA2 Personal: Everyone gets the same key
●
WPA2 Enterprise: Everyone makes their own
key based on their authentication (credentials,
certificate, etc)
●
No more wireshark decrypt
11. 8/6/16
Attacking WPA2 Enterprise
●
Setup Rogue AP
●
Have the client connect to it
●
Receive the EAP protected credentials
●
Use `asleap` to crack protected credentials
13. 8/6/16
Defending Home/Hackerspace
●
No one wants to maintain a RADIUS server just
to do authentication over wifi
– Ok except for Pee
●
A RADIUS service is a target
●
What if you don’t care about authentication but
just care about making a single session key?
14. 8/6/16
Setup
●
Setup FreeRADIUS server to authenticate your
wireless network
●
Add the following lines
– DEFAULT Auth-Type := Accept
– log_auth = yes
– log_auth_badpass = yes
– log_auth_goodpass = yes
●
Bonus: This will collect all usernames and
passwords that people enter.
– “Please log in with your Gmail or Yahoo passwords”
15. 8/6/16
Conclusion
●
This is super hacky but effective
●
WPA crypto primitives are getting old:
– SHA1
– PBKDF2 with only 4096 bit
– No PFS
●
WPA is old: 2004
●
There are no plans AFAIK to change them
●
WPA3: SHA256, PSK, DH temporal key exchange
16. 8/6/16
The Bill Slide
●
No, your WiFi isn’t secure enough
●
WPA2 Enterprise + EAP + Any username is
more secure
●
Google “radius docker wpa” done.
●
Tell management that wifi sucks because it
doesn’t have Diffie-Hellman. Seriously.