90 likes | 376 Views
Team ClockWork SRA 221 Project. Blake Michener Hunter Walker Eric Gibbs Bryan Beech Matt DeRosa Kevin Foldes. Objectives. Crack WEP encryption on a Wifi network Intercept Xbox Live data packets Analyze captured Packets. Tool Selection. Started with BackTrack 5 but… Kali Linux
E N D
Team ClockWork SRA 221 Project Blake Michener Hunter Walker Eric Gibbs Bryan Beech Matt DeRosa Kevin Foldes
Objectives • Crack WEP encryption on a Wifi network • Intercept Xbox Live data packets • Analyze captured Packets
Tool Selection • Started with BackTrack 5 but… • Kali Linux • Bootable Thumb Drive
Encryption Cracking Results • Used Fern to attack network • Part of Kali Linux suite • First Dictionary Attack with Fern • Fell within five minutes • Obtained WEP key easily • Too much traffic • Difficult to nail down Xbox traffic
Second Attempt • Removed all traffic from network • Bridged Xbox’s internet connection via attacking laptop • Hard-wired • Hunter- internet setting • Pick up much more data • Dictionary attack took too long • Lack of traffic even with packet injection • Switched to chop chop attack- Success!
Chop Chop Attack • Takes last bit of each packet, rendering it invalid • Last bit is then replaced with a new, recorded value • Modified packet is sent through the network • If it is accepted by the Access Protocol, the chopped bit was valid and part of the key • Repeat
Second Attempt • Network access • Opened WireShark • Turned on Xbox and signed in to Live • Data packets begin to accumulate in capture
Types of Packets Received • Registered Account handshakes • Hulu, HBO GO, NETFLIX • Image and GUI downloads • Xbox Live account handshake
What we learned • WEP encryption is an absolute joke • Kali Linux experience with: • Fern • Wireshark • Internet Bridging • Microsoft servers use Kerberos • Xbox Live account download nature