Archive for the ‘wireless’ Category

WE Protect not.

November 3, 2010 Leave a comment

Yes, WEP is deprecated , proved to have some really nasty flaws , old story right ? Searching for “wep crack” in Google brings some 1 million results.A very nice explanation of why WEP is insecure can be found in this book . There is really no interest in discussing the matter anymore.

The interesting part of the story is how many people are still using WEP despite all that. Reasons vary from users ignorance to vendors’ continuing support of WEP in home routers/AP products e.t.c . Moving around the last 2 years I was always surprised by how many WEP – “protected” wireless LANs one can find  in every city/neighborhood. The days when cracking into those was a challenging process are long behind , what I find interesting is having an overview of the amount of WEP usage in any given circumstance. Hence I came up with the following python script that takes advantage of the iwlist utility from the wireless-tools package and provides an overview of the usage of WPA/WPA2 and WEP in the wireless LANs that are detected.

It needs the pyparsing module (python-parsing package in debian/ubuntu)

#!/usr/bin/env python

import subprocess
from pyparsing import Literal, SkipTo, OneOrMore

def wepPercentage(output):
    last_line_a = Literal('Group')+SkipTo(Literal('\n').suppress())
    last_line_b = Literal('Authentication')+SkipTo(Literal('\n').suppress())
    start = Literal('Cell')+SkipTo(Literal('\n').suppress())
    end =OneOrMore(Literal('IE: ')+SkipTo(Literal('\n').suppress()))+~last_line_a|(last_line_b+~Literal('IE:'))
    line = ~end + SkipTo(Literal('\n').suppress())
    expr = start+OneOrMore(line)+end
    wpa_count = 0
    wep_count = 0
    unenc_count = 0
    for l in expr.searchString(output).asList():
        li = ''.join(l)
        if 'Encryption key:on' in l:
            if 'WPA' in li:
                wpa_count += 1
                wep_count += 1
            unenc_count += 1
    tot = wpa_count+wep_count+unenc_count
    print "WPA / WPA2 :%d   Percentage : %d %% " % (wpa_count, (wpa_count*100/tot))
    print "WEP :%d   Percentage : %d %% " % (wep_count, (wep_count*100/tot))
    print "Unencrypted :%d   Percentage : %d %% " % (unenc_count, (unenc_count*100/tot))
if __name__ == '__main__':
    process = subprocess.Popen('iwlist wlan0 scan', shell=True, stdout=subprocess.PIPE)
    output = process.communicate()[0]

I live in a rather densely populated student dorm in Stockholm and at the time my output is something like :

WPA / WPA2 :28   Percentage : 82 %
WEP :6   Percentage : 17 %
Unencrypted :0   Percentage : 0 %

almost 20% of all people here that use some kind of wireless router , chose WEP . Great 🙂

How about your neighborhood ? Feel free to share percentages .

ps. It would probably be easier to use python’s re module instead of pyparsing . But I needed to use pyparsing for a project so I thought i d get my hands dirty with it anyhow.

ps2. It can probably be done in 5-6 lines in a bash shell using awk too .

Categories: programming, python, wireless Tags: , ,