Boost Your Cybersecurity Skills: Hands-on WEP and wpa2 WiFi Hacking
1. About the Workshop
The theory behind exploiting WEP and WPA2 has been available for a number of years. However, it has not been easy to offer students the opportunity to apply these theories in a real environment. In this workshop, you will (1) learn how to locate and identify WiFi access points (a.k.a. reconnaissance), (2) understand the conditions under which WEP and WPA2 can be hacked, and (3) hack up to four WEP access points (with different settings), in addition to a WPA2 access point.
Dates: Saturday 1/16/2021 (10am - 7pm EST) and Sunday 1/17/2021 (10am - 3pm EST)
Audience: High-school and college students (2-year and 4-year institutions) enrolled in a U.S. institution (with necessary prerequisite knowledge).
Hardware Requirements: Participants must have a computer with at least 25GB of disk space available, VirtualBox installed, Zoom installed, and a stable Internet connection.
Venue: Zoom (link will be provided to accepted registrants).
Fee: $0. This workshop is sponsored by a Dakota State University (DSU) NSF Award #1730105.
In this workshop, you will learn:
1. How the WEP protocol works
2. WEP Weakness
3. How the WPA2 protocol works
4. WPA2 Weakness
5. WiFi scanning and reconnaissance
6. Exploiting WEP access points with connected clients
7. Exploiting WEP access points with no connected clients
8. Exploiting WEP access points with different key sizes
9. Exploiting WPA2 access points with a given wordlist
3. Prerequisite Knowledge
To participate in the hands-on activities in this workshop, you will (a) download and import a custom Kali VM, (b) connect to a VPN, then (3) SSH into a dedicated machine (one machine per participant) which is equipped with all necessary packages and hardware to engage in the workshop activities within the sandboxed WiFi environment built for this workshop. Thus, participants are expected to be familiar with using the terminal, command line interface, and Secure Shell (SSH). This prerequisite knowledge will not be covered during the workshop.
A few days before the workshop, participants will receive a link to download and install the software and Virtual Machine required to participate in this workshop. Thus, participants must have a computer with at least 25GB of disk space available, VirtualBox installed, Zoom installed, and a stable Internet connection.
4. Tentative Agenda
During day 1, the instructor will introduce the theory behind WEP and its weakness. Then, we will walk through the basics for WiFi Scanning and Reconnaissance. Afterwards, the participants will have a guided hand-on session to apply what they learned by scanning, locating, and hacking a WEP access point with a 64-bit key size and a connected client. The day will end with an “Observation and Conclusions” session. Participants will continue to have access to the sandboxed environment to test their skills by scanning, locating, and hacking a WEP access point with a 128-bit key size and a connected client. The tentative schedule for day 1 of the workshop (times are EST) will be as follows:
* This period will be used as a break for participants who have already imported the VM before the workshop and can successfully connect to the VPN. The instructor will be helping participants who need technical assistance or still need to download or import the VM.
† Participants will use their dedicated machines to perform this hands-on activity. Instructor will be answering questions and providing support.
During day 2, the instructor will introduce the theory behind how WPA2 works, its weakness, and the condition under which it can be broken. Then, the participants will have a guided hands-on session to apply what they learned by scanning, locating, and hacking a WPA2 access point given a wordlist which has the access point’s password. Finally, the day will end with a “Workshop Conclusion” session. After the workshop conclusion, participants will continue to have access to the sandboxed environment until the end of the day to test their skills by scanning, locating, and hacking two WEP access points without connected client (according to instructor’s guidance discussed during the workshop). The tentative schedule for day 2 of the workshop (times are EST) will be as follows:
Interested in participating in this WiFi Hacking workshop?
Fill out the application form here: https://pitt.co1.qualtrics.com/jfe/form/SV_4U8fCdB5xC3C13T
If you have questions, email Ahmed Ibrahim at [email protected] with subject line "DSU Workshop for Students".
6. Post Workshop Analysis
The workshop had 37 participants from 25 institutions in 15 states. Out of those, 31 participants submitted a post workshop survey. The following analysis is based on the information provided by those who filled out the post workshop survey.
In the application form, participants were asked to self-report their confidence in (a) scanning for wireless networks, (b) cracking a WEP access point that has connected clients, (c) cracking a WEP access point that has no connected clients, and (d) cracking a WPA2 access point that has connected clients by choosing from five values: definitely not (value 1), probably not (value 2), might or might not (value 3), probably yes (value 4), definitely yes (value 5).
After the workshop, participants were asked to self-report their confidence for the same four skills in a post workshop survey. The differences in the self-reported confidence responses for the four questions are shown below. Blue bars represent the average of the values reported in the application form while the green bars represent the average of the values reported in the post workshop survey.
Below are responses, from the survey, to a question which says "What helped you learn and achieve your goals in this workshop?".
"By far the CTF and on-hands practice was very helpful. The youtube videos also were very clear and very nicely explained."
"All the components of this workshop helped me learn, especially the step by step guides on the website."
"Excellent planning and documentation with student access to a large amount of materials towards that end of being more prepared. Friendly, knowledgeable, and hands on/approachable instructor."
"Being able to interact with the professor and other participants especially assisting other participants if they needed any help or got stuck. It also really helped to get the background information first and then dive into the lab aspect of the workshop. I also really enjoyed that there was a CTF component to the workshop even if it was just for fun."
"The hands-on activities were very helpful in order to understand the concepts and apply the knowledge in real world situations."
"The setup very well and when the professor Ahmed teach and then do the challenges that very helpful"
"Great job facilitating this in real-time! You are truly skilled at keeping your cool and getting to the root of the question and technical issue at hand."
"Being able to practice everything we learned hands on in real time made learning and remembering everything much easier."
"The personal research I had to do during the hands on exercise. This helps me have a stronger understanding of the concepts and be able apply a learning method to it."
"Professor Ibrahim was an excellent teacher. He was patient, was able to communicate the material in multiple ways and encouraged questions and comments to help each of us understand the material. I was hopeful that I would gain and understanding of wireless connectivity and the weaknesses they hold - and these goals were met."
"The hands-on experiences through the CTF challenges helped me to learn and achieve my goals in this workshop."
"The professor's enthusiasm when teaching the material, both theoretical and practical, made it much easier to stay engaged. Some professors are more monotone and difficult to listen to."
"The theoretical explanation AND hands-on experience based on teaching. The instructor has greatly helped me to achieve the goals in this workshop."
"The hands on experience and the professor answering our questions."
"The hands on part was quite easy, but the most valuable info was the explanation for what is actually going on. Having the instructor explain the topic on slides with other students chiming in with questions was the most valuable part in my opinion."
"The structure and organization of the event helped keep it on pace and kept everyone together. The instructor was very patient and loved answering questions which helped facilitate understanding."
"I learned so much in the past two days than a lot of courses that I took."
"Prof Ibrahim being available to answer all of the random questions and reset various machines/network adapters"
"The well organized setup of the virtual environment helped put the wifi hacking skills into use easier. The structure of understanding the theory before working with the machines was also beneficial."
"The workshop was so well organized and well taught that I think it was easy to follow along and learn from. The hands-on parts were simple to follow step-by-step but required enough critical thinking to keep it interesting. (That being said I haven't done Rome or Miami yet and I know those are much harder.)"
"I loved the ability to practice hands on and apply the theory in a lab setting."
"The step by step instructions coupled with the live instruction was highly helpful."
"Hands on experience. Not just a presentation"
"Repetition helps, along with the hints that Dr. Ibrahim gives. He lays the path, but doesn't give the full answer"
"I appreciate the resources on the website, and the youtube videos."
"Ahmed has been extremely clear during the duration of the entire workshop and was always willing to go above and beyond to help his students."