In the context of Mnorel Ltd cooperation with UCLan Cyprus, a 1-day training workshop was held at our offices, under the supervision of Dr. Eliana Stavrou.The workshop subject was the different approach of commercial applications and hardware versus corresponding free tools. Specifically, two processes of decrypting wpa2 protocol were demonstrated.The corresponding approaches of Kali Linux/aircrack-ng and Cain/Elcomsoft Wireless Security Auditor (EWSA) were compared using the AirPCap NX USB adapter.
In particular, for the lab purposes, a wireless network named UclanLAB was created with wpa2 encryption. A tablet and a mobile phone got connected to it.
Through the Cain application and using the AirPCap NX USB adapter we interrupted the connection of the two devices by sending a DeAuthentication command.
At the same time, EWSA via the same adapter was monitoring the same broadcast channel, resulting in capturing the wireless handshake package. Then through the EWSA and using mask attack we decrypted the packet and found the encryption key. The decryption time was recorded.
Then, with EWSA we connected to another computer equipped with a state-of-the-art graphic card and having activated the card as accelerator we realized significantly faster decryption, where the difference from the previous method was huge.
Finally, there was some discussion on the differences between free/open source applications in relation to commercial ones and what is available on the employment market in the areas of Penetration Testing and Digital Forensics.