Still think strong passwords are overrated? Think twice!

-

A few months ago, I wrote about various ways attackers could make attempts on your passwords for nefarious purposes. In case you did not read it, do so here right away. 

Since then, have you really cared to reinforce your passwords to conform to best practices? Some of the discussed password strengthening strategies I highlighted included using unique passphrases that are a mix of 8 characters or more, not recycling passwords for use in more than one site, and using password managers in case you feel overwhelmed by the number of passwords you need to cram and/or use. 

In case you are not convinced that you need to have really good passwords, let me make an attempt to crack a deliberately weak WIFI password from one of my routers. To do this, I will set a generic password i.e. password123 as my WIFI password, and then attempt to crack it. 

While practical, this article is for demonstration purposes. Never attempt to crack passwords at your workplace or target devices and infrastructure belonging to other people more so, without express permission. Doing so will attract legal action as stipulated in local laws such as the Computer Misuse and Cybercrimes Act (2018) and the Data Protection Act (2019). Read the two laws here in case you are not familiar with their existence. 

Let's get started!

Step 1: Setting up vulnerable Access Point

To begin with, I set up my WIFI name to MyHomeNet and assigned password123
as the password. These settings are meant to mimick weak passwords you may have set for devices such as your home router or computers which ultimately become vulnerable to attackers. (Don't worry about the country, I am not in Tanzania as you would be led to believe). Notice that the WIFI security protocol is Wi­Fi Protected Access using a preshared key (WPA2-PSK). This is one of the strongest wireless security protocols in the market. However, this cannot protect you from weak passwords. 

Step 2: Firing up the attack tool 

In this step, I fired up aircrack-ng, a WIFI reconnaissance tool popular for cracking WIFI access points. Starting airmon-ng will disconnect your machine from wifi so as to release the network card into monitor mode. Monitor mode allows the card to indiscriminately capture traffic the same way promiscuous mode would on wired network cards. In simpler terms, the card is listening to everything and anything concerning wireless networks around it. 

Step 3: Capturing data from broadcasting APs in the vicinity of my wireless network card

In this step, while in monitor mode, network traffic from available access points (WIFI networks) was captured and displayed. This capture contained vital information such as AP MAC addresses, channels in use, and signal strength. Here, we are interested in my AP device MAC address (BSSID), the access point ESSID (MyHomeNet), and the client (station) MAC address connecting to it. In this case, the station was my smartphone already connected to the wireless network. Below we can see all the mentioned details. The upper part indicates the access point details while the lower part indicates stations connected to the access points.  


I confirmed that indeed, my phone was the station connected to the AP. Note that the above station MAC address and that of my phone below are identical. 



Step 4: Forcing station de-authentication to capture password hashes upon reauthentication

In this step, I used the aireplay-ng command to force my smartphone to de-authenticate from the AP. I noted that my phone briefly disconnected from WIFI before connecting again. In doing so, it had to reauthenticate with a saved password. In the background, a hash of the password was captured as the smartphone and the AP performed a four-way handshake to reestablish the connection. 



Step 5: Cracking the weak password

The final step involved deciphering the password from the already captured hash. Note that this is the point where having a strong passphrase/password would make the cracking process difficult or impossible. 

Below, I ran a password list (in this case, the famous rockyou.txt ) against the captured password hash to find a match. Since password123 is such as common and uncomplicated password, it was immediately cracked and displayed back to me. 


While this last step was a typical dictionary attack, attackers could use brute force attacks and rule-based attacks to crack passwords as long as they have obtained the password hashes during the de-authentication and reauthentication process. Read about these password attacks here. Beware that an attacker could also conduct social engineering and OSINT techniques to derive possible password sets. 

Final thoughts

I have demonstrated how easy it could be for an attacker to crack your access point passwords. While you can certainly not prevent attackers from sniffing networks and obtaining password hashes, you can prevent the successful execution of password breaches. This is done by observing password hygiene practices mentioned previously. Whether you are using a router, a smartphone hotspot, or any other form of wireless network, you are always vulnerable to password attacks. Such attacks may be a precursor to graver challenges such as data theft and network infiltration more so, in an enterprise environment. Always configure your credentials to the highest possible security! 

What are your thoughts? Share and comment below!



Comments

  1. UnknownMarch 23, 2022 at 4:43 AM

    Great insights thanks for the information

    ReplyDelete
  2. jachobeagleNovember 7, 2022 at 1:09 PM

    Remember, making the proper decision from the word go present you with|provides you with} the most effective chances of profitable even a jackpot. You'd danger 소울카지노 your winnings, and could get} your account banned. Instead, use proven video poker technique and suggestions and land some winnings the proper means. Many gamers mistakenly assume that keeping a kicker provides them a better probability to win with a better payout.

    ReplyDelete
  3. farlandobertNovember 9, 2022 at 2:53 PM

    After the change is made, the machine must be locked to new gamers for 4 minutes and show an on-screen message informing potential gamers that a change is being made. Historically, many casinos, both online and offline, have been unwilling to publish individual recreation RTP figures, making it inconceivable for the player to know whether they are taking 토토사이트 part in} a "free" or a "tight" recreation. Historically, all slot machines used revolving mechanical reels to show and determine outcomes.

    ReplyDelete
  4. AnonymousDecember 2, 2022 at 9:01 AM

    In contrast, you can to|you probably can} play the 코인카지노 free bonus round of Rainbow Riches Reels of Gold without spending cash within the demo mode. Playing demo slots also can give you a glimpse into method to|tips on how to} play slots on-line. When they first start half in}, punters must set the number of paylines they need to bet on and modify their bet measurement accordingly.

    ReplyDelete

Post a Comment

Impressed? Leave a comment!

Was that insightful? Read more articles below

Enough with Numbers and Versions!

-
Image
It is now emerging that Apple will release iPhone 12 in the coming months, much to the delight of those able to afford and of course, to the envy of those who can't or have never owned an iPhone in their lives (me included). But that's not the point. The point is, this next release will be iPhone 12. That is about 12 years since the release of the first iPhone, iPhone 1 (iPhone 2G). That is roughly an iPhone every year. Very impressive. By 2050, assuming we go by the 'an iPhone a year' trend, we should see iPhone 42. Right?  iPhone is just one example. Other phone makers are hot on this trail. Since an emphatic re-entry into the android market, Nokia has released a whole range of flagship devices, from Nokia 1 to Nokia 9 pureview. In between, there are insane devices and versions. Number 6, for example, is taken by Nokia 6, Nokia 6.1, Nokia 6.1 plus, and Nokia 6.2. Isn't this overwhelming? This is the trend for just about any Nokia released recently.  Now consider
Read more

Password Attacks: How Much do you Know?

-
Image
source:lifars.com There are a variety of ways hackers can get hold of your passwords to compromise the confidentiality, integrity, and availability of your system/accounts. The type and severity of the attacks will depend on the willingness to get hold of your accounts and whether you present anything of value to the attacker's course. Nonetheless, everyone needs to know the methods hackers can use to get breach the integrity of their passwords. Whether you are a clueless toddler with a tablet or a tech-savvy CEO, understanding password attacks will better help you know how to protect yourself.  Non-Electronic Password Attacks Non-electronic password attacks are a common tool for attackers without any deep technical knowledge. Such malicious actors will use subtle ways to get wind of your passwords, more so without your knowledge. One such way is through social engineering , where the individual will manipulate and trick you into revealing your password. The attack might for exampl
Read more

Mobile Viruses - The Stronger Foes

-
Hi there!  You have probably heard of a plethora of antiviruses sufficient enough to keep the Corona virus at bay. One such antivirus is the Astrazeneca vaccine that is widely available, and for free. Why not get a jab at the nearest designated health facility? You may not believe it, but we need you around. For taxes.  See, when I was young, I wanted to become a doctor. So far, not so good. Here's the flipside though, I still get to talk about viruses, albeit computer viruses. A virus is a type of malicious software (malware) that upon execution, acts to harm your computer by damaging programs, compromising their functionality, and more broadly, doing anything it is designed to do by its creator. A virus may for example, delete your files, replicate and spread itself to slow down system activities and services, and disrupt the overall performance of your computer. No wonder you hear comments over the association between a slowing machine and the presence of computer viruses. There
Read more