Tuesday, November 13, 2012

SSID Switcher

I am taking a wireless security class and one of the projects I was working on is to defend a wireless network. I thought it would be cool to create some program that would switch the SSID of the router at a set time interval. This combined with not broadcasting your SSID should make it hard for a hacker to break your WLAN. I used a pool of 5 SSID's and had them already loaded on my computer to see how practical this would be. It seemed to be fine with longer time intervals, but I think a designated computer would need to have a physical line to the router to run the program. Anyway the code and a better write up are given after the break.

WLAN Security Defensive Strategy
SSID Switching
1. Overview
Category: WLAN Security Defensive Strategy
Strategy: SSID Switching
Contributors: Chuck Woodraska
Date: November 5, 2012
2. Description
Include a short description about the strategy. Questions you may want to answer in this section include:
This strategy uses a computer that has a direct connection to the router and runs a script to change the SSID every hour.  The script connects to the router through the web browser admin panel. Other computers on the network would have presaved SSIDs saved so that they could change to it without user interaction. The script I have written changes it to a random SSID out a pool of five SSIDs. The computers on the network would then realize that the previous SSID is no longer broadcasting and switch to the new one. This protects the WLAN because it would be hard for an attacker to know that breaking into the wireless once is not enough and the hacker would have to break five different passwords for each of the SSIDs. This in conjunction with disabling broadcasting of the SSID would make it hard for a hacker to figure out your SSID. This strategy uses the principle of security through obscurity because no one would expect for your SSIDs to change like this as almost all companies use static SSIDs. If a hacker knew that you were doing this they could simply continuously monitor the air waves for the different SSIDs and do the traditional password attacks. The nice thing is that since it changes every hour the attacker has a short window for an online attack to work.
3. OS Applied
I believe this can be applied to any OS since you are really changing the router info and not a specific computer’s info. It specifically only works for Belkin +N routers right now, but can easily be extended for other routers.
4. Tools
The tool requires access to the Selenium WebDriver libraries.
5. Procedures

  1. Have a computer that physically hooks into the router.
  2. When deploying computers ensure that they are preloaded with the pool of SSIDs in the script along with the correct passwords.
  3. Run script.


6. Source Code
package Defense;

import java.util.ArrayList;
import java.util.List;

import org.openqa.selenium.By;
import org.openqa.selenium.WebDriver;
import org.openqa.selenium.WebElement;
import org.openqa.selenium.firefox.FirefoxDriver;
import java.util.Random;

public class switchSSID {
       public static void main(String[] args) {
              ArrayList<String> ssidList = new ArrayList<String>();
              ssidList.add("Pluto");
              ssidList.add("Mars");
              ssidList.add("Earth");
              ssidList.add("Venus");
              ssidList.add("Neptune");
             
              String changeSSID = "";
              Random randomNumber = new Random();
              WebDriver driver = new FirefoxDriver();
              WebElement temp;
              List<WebElement> temp2;
              while(true)
              {
                     driver.get("http://192.168.2.1/");
                     driver.switchTo().frame("mainFrame");
                     temp = driver.findElement(By.linkText("Channel and SSID"));
                    
                     temp.click();
                     try{
                           temp = driver.findElement(By.name("pws"));
                           temp.sendKeys("password");
                           temp2 = driver.findElements(By.className("submitBtn"));
                           temp2.get(1).click();
                     }
                     catch(Exception e){
                          
                     }
                    
                     temp2 = driver.findElements(By.className("submitBtn"));
                     try {
                           temp = driver.findElement(By.name("ssid"));
                           temp2 = driver.findElements(By.className("submitBtn"));
                           Thread.sleep(10000);
                     } catch (InterruptedException e) {
                           // TODO Auto-generated catch block
                           e.printStackTrace();
                     }
                     temp.clear();
                     int random5 = randomNumber.nextInt(5);
                     System.out.println(random5);
                     changeSSID = ssidList.get(random5);
                     temp.sendKeys(changeSSID);
                     temp2.get(1).click();
              }
    }
      
}

No comments:

Post a Comment