Kevin Beaver's Security Blog

Commercial WEP and WPA key recovery tools

Ever find yourself needing a wireless network analyzer that’s easy to use and doesn’t cost an arm and a leg? Well, CommView for WiFi is a great option…It’s a product I’ve talked about for years in both Hacking For Dummies and Hacking Wireless Networks For Dummies. A neat thing about CommView for WiFi are its relatively new WEP and WPA key recovery add-ons. Referred to as WEPKR and WPAKR, they’re a great commercial GUI-based alternative to the oldie but goodie aircrack-ng.

If you’re performing ongoing vulnerability assessments or penetration tests and/or need to show management that WEP or your current implementation of WPA-PSK is putting your business at risk, WEPKR and WPAKR are the perfect tools to do so. Another neat thing about using these tools is that CommView for WiFi supports the latest Wi-Fi adapters including the Atheros and Intel-based 802.11a/b/g/n cards built into a lot of laptops these days. So, no worrying about being limited to 802.11b or having to dig out those old D-Link DWL-650 or Orinoco cards from a decade ago.

The following is a screenshot of a WEP key the program recovered from a lightly-used wireless network in just a couple of hours. With WEP recovery, the more packets the better.

Sidenote: WEPKR and WPAKR are intended for qualified security/networking professionals as well as law enforcement, intelligence, and government organizations which shouldn’t be a problem to prove if the work you’re doing is legit.

I originally had some stability issues with WEPKR but Michael Berg and his team at TamoSoft were very responsive and we were able to quickly work out the kinks. Chock up another one for the “little guy” for TamoSoft’s willingness to go the extra mile. All in all, a neat program worth checking out. You can get a demo of CommView for WiFi here and WEPKR and/or WPAKR here.