cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
904
Views
8
Helpful
4
Replies

Undocumented WEP keys

Mr. Bash
Level 1
Level 1

Is there a way to find out what WEP key was entered on an aironet AP?

For instance, this is a statement on an AP that I have:

encryption key 1 size 128bit 7 28E70FD9203EA78469931F6EC8E1 transmit-key

The key there is encrypted, is there a way to decrypt it so that I can document what WEP key was used?

4 Replies 4

choywy
Level 1
Level 1

Download the utilitiy "GetPass" (think from Boson)...Or do a search in Google.

Cut-paste the string "28E70FD9203EA78469931F6EC8E1" into it and it will show you the clear text..

Thanks.

I tried this already with two different decryption tools, one of them being Getpass. They both give errors when trying to decrypt the string. I have a cisco decrypter that complains about a "hash point" being between 00 and 15.

I think the string is too long or something.

This isnt the standard #7 encryption. I tried to setup a key pair on my router to decrypt the string and that didnt work either.

I use

!

key chain labtest

key 1

key-string 7 0000160516421B12423544471A

!

!

RasBox#sh key chain labtest

Key-chain labtest:

key 1 -- text "decrypt-this"

accept lifetime (always valid) - (always valid) [valid now]

send lifetime (always valid) - (always valid) [valid now]

RasBox#

RasBox#

I guess the option is to use one of the WEP cracking tools. A procedure is outlined at http://www.governmentsecurity.org/archive/t15149.html

As every body is pointing out, this is not standard type 7 type of decoding to be able to uncover the password using Get Pass.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: