Ever find yourself needing a wireless network analyzer that’s easy to use and doesn’t cost an arm and a leg? Well, CommView for WiFi is a great option…It’s a product I’ve talked about for years in both Hacking For Dummies and Hacking Wireless Networks For Dummies. A neat thing about CommView for WiFi are its relatively new WEP and WPA key recovery add-ons. Referred to as WEPKR and WPAKR, they’re a great commercial GUI-based alternative to the oldie but goodie aircrack-ng.
If you’re performing ongoing vulnerability assessments or penetration tests and/or need to show management that WEP or your current implementation of WPA-PSK is putting your business at risk, WEPKR and WPAKR are the perfect tools to do so. Another neat thing about using these tools is that CommView for WiFi supports the latest Wi-Fi adapters including the Atheros and Intel-based 802.11a/b/g/n cards built into a lot of laptops these days. So, no worrying about being limited to 802.11b or having to dig out those old D-Link DWL-650 or Orinoco cards from a decade ago.
The following is a screenshot of a WEP key the program recovered from a lightly-used wireless network in just a couple of hours. With WEP recovery, the more packets the better.
Sidenote: WEPKR and WPAKR are intended for qualified security/networking professionals as well as law enforcement, intelligence, and government organizations which shouldn’t be a problem to prove if the work you’re doing is legit.
I originally had some stability issues with WEPKR but Michael Berg and his team at TamoSoft were very responsive and we were able to quickly work out the kinks. Chock up another one for the “little guy” for TamoSoft’s willingness to go the extra mile. All in all, a neat program worth checking out. You can get a demo of CommView for WiFi here and WEPKR and/or WPAKR here.
“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.
His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”