Forgot your password?
typodupeerror

WEP Cracking for Mac OS X 29

Posted by pudge
from the holiday-hacking dept.
Randar the Lava Liza writes "Finally there is a tool to put default Apple AirPort hardware into monitoring mode for wireless security analysis. KisMAC is a variant of Kismet that runs natively on Mac OS X. It requires a special driver to be installed to run the AirPort hardware in monitoring mode, and has built-in WEP cracking tools once enough weak packets have been sniffed."
This discussion has been archived. No new comments can be posted.

WEP Cracking for Mac OS X

Comments Filter:
  • Great (Score:1, Troll)

    by AndyAMPohl (573700)
    The submitter makes it sound like this is good news. What's so good about rooting for hackers? Maybe it's crackers I'm thinking of. I never know what is a good faith gesture from these guys. If you're going to try and fix a problem with some security thing, why not just point out what the problem is and how to reproduce it? Why go to the bother of making robust cracking software to exploit that particular problem unless you're actually a bad person doing bad things with a computer?

    Andy
    • Re:Great (Score:5, Insightful)

      by Anonymous Coward on Wednesday December 04, 2002 @07:23AM (#4809073)
      One of the reasons why after a vulnerability has been discussed an easy to use exploit is a good thing is the tendency of higher-ups to disregard security risks which are only exploitable by a select few. WEP is not what its name suggests, but it is still the only line of defense in many wireless networks because the risk of being attacked still appears to be low. That has got to change.
    • Re:Great (Score:3, Insightful)

      by tbmaddux (145207)
      Why go to the bother of making robust cracking software to exploit that particular problem unless you're actually a bad person doing bad things with a computer?
      Such software in general needn't only be used by blackhats. Whitehats can use it to test the security of their own systems.

      In this particular case, it could be used to see how exposed the rest of the internal network is to a lousy security scheme (WEP).

      Besides, these tools already exist on other platforms, so it's not like the blackhats suddenly have something they didn't have before to make our lives miserable.

      • Re:Great (Score:2, Insightful)

        by sco08y (615665)
        Yup. If I wanted to make the case that we still need a VPN even with WEP to a suit, it would be nice to actually crack the WiFi network and give them proof. Especially if I could show that someone could just sit outside the building and break it.

      • Besides, these tools already exist on other platforms, so it's not like the blackhats suddenly have something they didn't have before to make our lives miserable.


        Now they can do it with style. The TiBooks are very C00L ;)

        -S
    • Re:Great (Score:5, Informative)

      by Permission Denied (551645) on Wednesday December 04, 2002 @11:29AM (#4810274) Journal
      Consider this analogy:

      MacOS X Server 10.1 used netinfo for authentication of client machines. The way it worked is that password hashes were stored in netinfo and netinfo was readable to the world (eg, it posted /etc/passwd on the Internet).

      The bosses would not believe this was a problem until I showed them how I could download all the password hashes from any arbitrary machine on the Internet and subsequently ran a cracker which found a large number of weak passwords.

      In fact, they failed to see the scope of the problem (it was completely debilitating) as they only saw me typing a bunch of commands and their eyes glazed over. If there were some point-and-click Mac toy that would download the hashes, run Crack in the background and report results, it may have convinced them of just how serious a problem it was. In fact, I considered writing such a GUI tool because I'm genuinely concerned about shops that buy MacOS X Server and don't have a *nix admin.

      Similarly, some people still don't understand that WEP is 100% useless (you can break it from a Palm for God's sake). I recommend completely turning off WEP so your users understand that any traffic going over wireless is world-readable. This may convince them to avoid plain-text password protocols and check that when they type their credit card numbers the site is using strong SSL. I've seen people send their credit card numbers over email, so this is absolutely necessary.

      WEP crackers are not in any way "hacker" or "cracker" tools, and I doubt they are widely used for illegitimage purposes - I would venture that many more people use netstumbler and airsnort to convince others that WEP is useless. Lowering the bar so there's some point-and-click tool that your grandmother can download is a good thing, since there is nothing "hard" about cracking WEP and people need to understand that.

  • Good/Bad (Score:4, Interesting)

    by Tug3 (567419) on Wednesday December 04, 2002 @07:10AM (#4809051)
    I would say this is good news.

    At least I have been waiting for one. There is definate (legal) use for this, when you have to test you company's / other network. And specially if you have to prove the vulnerability to your boss.

    I know it's been available for ages to Linux platform, but as a TiBook user I had to use someone elses laptop for this. Now it's finally available for OS X...
    OK, I know you can use it for criminal activity too. But, as it is available on other platforms already I don't see the problem with it becoming available for new ones too... ...after all you can use even you car to good or bad - not even mentioning firearms... (Well, seems that I just did.)
  • by siferhex (321391) on Wednesday December 04, 2002 @10:14AM (#4809682)

    Because of the inaccessability of AirPort cards in Apple's laptops it's difficult to attach an external antenna to the cards. Without an external antenna one tends to be much more conspicuous sniffing a network as you've got to be in the thick of it.

    IMHO this release is a good thing, as people mostly want to scout out their own networks to help set up coverage, monitor interference, etc. and Kistmet is an excellent program for doing so.

  • by 1155 (538047)
    anyone got a mirror, this seems to be appledotted... :)

    Actually, this is a good thing, I can finally convince my employer that maybe it's not such a good idea, as anyone with a mac can login.
    • Re:bah! (Score:3, Informative)

      by Pathwalker (103)
      Yep - seems to be down now.

      If you want the binary, you can grab it from my box here [ofdoom.com] - I didn't save any of the web pages.
    • VersionTracker has it:

      http://www.versiontracker.com/moreinfo.fcgi?id=171 99&db=mac [versiontracker.com]


      -Bearded Yak
      • Never mind, thought their site pointed to somewhere else for the file. It just points to the same site, which still has some problems apparently.
  • by Anonymous Coward on Wednesday December 04, 2002 @09:48PM (#4815562)
    Just for the record - kismac is NOT a variant of kismet. Kismac is, to the best of my knowledge, closed source and as such is unrelated to the Kismet GPL codebase.

    For those interested, Kismet SHOULD have native OSX support, also using the viha drivers, in the 2.8 release. Stay tuned to the development changelogs. Anyone interested in furthering development (I don't have an OSX box) are welcome to drop by in #kismet on openprojects.net

    -dragorn
  • Fuck Yeah! (Score:4, Interesting)

    by Anonymous Coward on Thursday December 05, 2002 @03:34PM (#4820430)
    It's about time OS X got decent wifi drivers! From what I can tell, it's really the ViHa driver we have to thank here. KisMAC is just a pretty cocca frontend.

    Since reading the story yesterday, I've already found a number of non-broadcast networks in my area that MacStumbler couldn't see.

    The Viha driver removes your network interface, though, so ifconfig en1 says interface en1 does not exist and you can't sniff with ethereal et al while scanning. KisMAC dumps pcap files though, so you can examine your captured data after the fact with the tool of your choice.

    Thanks much to the ViHa people for writing this awesome driver!

I've got a bad feeling about this.

Working...