1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
|
#!/usr/local/bin/php
<html>
<head>
<title>WLAN Strong Key Generator version 2.2 by Warewolf Labs ( formerly WEP Strong Key Generator )</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<script language="JavaScript">
<!--
/*
version 2.2.1
This file was included as is with only minor changes for pfSense.
All (C) and Author information has been left alone.
==
Title: WLAN Strong Key Generator (wlanSKG) version 2.2
(formerly WEP Strong Key Generator)
Author: Chris Elliott
Warewolf Labs
www.warewolflabs.com
Release Notes:
=== version 2.2
Date: 2005-01-25
Info: 1. Contains minor updates to the instructions in preparation for a full rewrite and
increase in functionality of this script (i.e. WPA-PSK generation, etc.), slated
for a later release (2.3+).
==== version 2.1
Version: 2.1
Date: 2002-12-14
Info: A JavaScript program written to enable Wireless LAN (WLAN) administrators
to quickly create strong keys for implementing Wired Equivalent Privacy
(WEP) as a first line of defense in strengthening the security of their
wireless networks. Keys can be selectively generated for use with 64-,
128-, 152-, and 256-bit WEP key lengths. Additionally, user-defined pass
phrases can be converted to Hex format for use as WEP keys (more info below).
It has been freely released to the public as part of an effort to increase
awareness of WLAN security issues, and to increase the baseline security
of current and future installations.
While this file may be freely distributed, the copyright has been retained
for all code generated by Chris Elliott / Warewolf Labs, and this information
must remain intact (i.e. don't pretend that you or your company wrote this, or
offer it to your clients without giving due credit).
The addition of the custom passphrase code in version 2.1 was based on a
suggestion/initial implementation by Kraix (www.kraix.com); additionally, Kraix
supplied some needed refinements to the instructions included for this program.
Much thanks is in order for those things, as they provided the impetus to update
this script from its original release in order to support 256-bit WEP keys along
with some other touch-ups.
*/
// initialize WEP key variables
var ascWEPkey = '';
var hexWEPkey = '';
// creates an array of 95 possible characters from which to choose for generating our WEP key
var charArray = new Array(' ', '!', '"', '#', '$', '%', '&', '\'', '(', ')', '*', '+', ',', '-', '.', '/', '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', ':', ';', '<', '=', '>', '?', '@', 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z', '[', '\\', ']', '^', '_', '\'', 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z', '{', '|', '}', '~');
// functions
function gen_prn() { // generates a pseudo-random number
return Math.floor(Math.random() * charArray.length); // range is 0 ~ 94
}
function gen_key(keyLengthInBytes) { // generate a WEP key with the specified key length in bytes (5/13/16/29 bytes for 64/128/152/256-bit WEP)
for (i = 0; i < keyLengthInBytes; i++)
{
ascWEPkey += charArray[gen_prn()]; // creates the ASCII version of the WEP key
}
for (i = 0; i < ascWEPkey.length; i++)
{
hexWEPkey += ascWEPkey.charCodeAt(i).toString(16); // creates the HEX WEP key from the ASCII
}
}
function write_key(tf) { // write the WEP key into the form text fields
tf.ascKeyTextField.value = ascWEPkey;
tf.hexKeyTextField.value = hexWEPkey;
}
function reset_key() { // reset the WEP key variables for further use
ascWEPkey = '';
hexWEPkey = '';
}
function go(form, klib) { // trigger function to generate a key, display the output, and then reset the variables
gen_key(klib);
write_key(form);
reset_key();
}
function go_ck(form) { // trigger function to generate a custom key from a user-supplied pass phrase
// checking for proper key lengths is left up to the user
if ( form.customPhraseField.value != '') // did they actually enter anything?
{
ascWEPkey = form.customPhraseField.value;
for (i = 0; i < ascWEPkey.length; i++)
hexWEPkey += ascWEPkey.charCodeAt(i).toString(16); // creates the HEX WEP key from the ASCII
}
else
{
alert("Please enter a pass phrase.");
}
write_key(form);
reset_key();
}
// -->
</script>
<script language="Javascript">
<!--
/*
Highlight and Copy form element script- By Dynamicdrive.com
For full source, Terms of service, and 100s DTHML scripts
Visit http://www.dynamicdrive.com
*/
//specify whether contents should be auto copied to clipboard (memory)
//Applies only to IE 4+
var copytoclip=1
function HighlightAll(theField) {
var tempval=eval("document."+theField)
tempval.focus()
tempval.select()
if (document.all&©toclip==1){
therange=tempval.createTextRange()
therange.execCommand("Copy")
window.status="Contents highlighted and copied to clipboard!"
setTimeout("window.status=''",1800)
}
}
//-->
</script>
<style type="text/css">
<!--
.button { font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 10px; font-weight: bold; color: #FFFFFF; background-color: #990000}
.header { font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 14px; font-weight: bold; color: #000000; background-color: #FFFFFF; border-color: #999999 #999999 #000000 #000000; text-decoration: underline}
.textfield { font-family: "Courier New", Courier, mono; font-size: 12px}
.header2 { font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 12px; font-weight: bold; color: #000000; background-color: #FFFFFF; border-color: #999999 #999999 #000000 #000000; text-decoration: underline}
p { font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 10px; color: #000000}
-->
</style>
</head>
<body bgcolor="#FFFFFF" text="#000000">
<form name="sweps" method="post" action="">
<p class="header">WLAN STRONG KEY GENERATOR v2.2 by Warewolf Labs</p>
<p><b>NEWS & UPDATES</b>:</p>
<p><u>2005-01-25</u>: This program was originally written and freely
distributed in 2001 with the goal of allowing the average consumer to easily
lock down their wireless network with WEP, while at the same time employing
something stronger than simple, easily-guessed words or phrases that were
susceptible to offline dictionary attacks. </p>
<p>Much has changed in the wireless network security landscape since the
inception of this program. Techniques and programs are now available
(cf. the article
<a target="_blank" href="http://securityfocus.com/infocus/1814">here</a>)
which can crack a WEP key in such a short period, that any
last vestiges of credibility that WEP may have once held in providing
effective security have been cast out.</p>
<p>Therefore, it is important to realize that WEP (regardless of key
strength) will only keep out casual
intruders, and any concerted effort will allow an attacker into your network
without too much trouble. With this caveat in mind, the generation of
WEP keys will remain intact in this tool to allow for some (albeit slim)
measure of protection for network devices which are limited to WEP-based
protective measures. </p>
<p>A future release of the WLAN Strong Key Generator will provide the
capability to generate a strong Wi-Fi Protected Access Pre-Shared Key
(WPA-PSK).</p>
<p><b>INSTRUCTIONS</b>:</p>
<p>To generate a <a href="#random">random WEP key</a>, select the bit key length
to generate and press the corresponding button; the ASCII or HEX key can then
be copied to your clipboard manually or via the "<b>copy to clipboard</b>" button to
the right of the <a href="#generated_key">Generated Key</a> text fields.
Note that in order to be as platform-independent as possible, characters
used for generation of these keys are limited to a subset of
the basic ASCII code table (95 elements, including the letters "a" to "z", "A" to "Z",
and most
punctuation and other standard symbols; at the time that this original
program was written, support for Unicode was not widely present
among the installed base of consumer operating systems to allow for the inclusion of extended characters which would increase the strength of WEP
keys generated with this program).</p>
<p>You can also generate a <a href="#custom">custom WEP key</a> based on your
own pass phrase or other input. <u>IMPORTANT:</u> this function simply
converts your supplied input from ASCII to HEX form; it does not apply
any other transformations or algorithms upon it, therefore <i>your custom
key will only be as strong as your source material</i>.</p>
<p>A good primer on WEP key setup and terms is located <a href="http://www.practicallynetworked.com/support/mixed_wep.htm" target="_blank">here</a>.</p>
<p><b>NOTES</b>:</p>
<p><!-- begin / added by Kraix -->
- If your product vendor requests 40-bit keys, use the 64-bit key<br>
- If your product vendor requests 104-bit keys, use the 128-bit key<br>
<!-- end / added by Kraix -->
- Apple users can enter HEX keys into their AirPort setup by prefixing the
generated string with a"<b>$</b>" symbol<br>
(i.e. if the generated HEX code is <span class="textfield"><b>6b5e454532</b></span>
then you would enter <span class="textfield"><b>$6b5e454532</b></span> into
your configuration)</p>
<table border="0" cellspacing="0" cellpadding="0">
<tr>
<td align="right" class="header2" width="120"><a name="random">Random WEP Key</a></td>
<td width="10"> </td>
<td width="150"> </td>
</tr>
<tr>
<td align="right" width="120"><img src="/themes/pfsense/images/misc/key_64.gif" width="81" height="42"></td>
<td> </td>
<td width="150">
<input type="button" class="button" name="gen64" value="generate 64-bit key" onClick="javascript:go(this.form, 5)">
</td>
</tr>
<tr>
<td align="right" width="120"> </td>
<td> </td>
<td width="150"> </td>
</tr>
<tr>
<td align="right" width="120"><img src="/themes/pfsense/images/misc/key_128.gif" width="81" height="42"></td>
<td> </td>
<td width="150">
<input type="button" class="button" name="gen128" value="generate 128-bit key" onClick="javascript:go(this.form, 13)">
</td>
</tr>
<tr>
<td align="right" width="120"> </td>
<td> </td>
<td width="150"> </td>
</tr>
<tr>
<td align="right" width="120"><img src="/themes/pfsense/images/misc/key_152.gif" width="81" height="42"></td>
<td> </td>
<td width="150">
<input type="button" class="button" name="gen152" value="generate 152-bit key" onClick="javascript:go(this.form, 16)">
</td>
</tr>
<tr>
<td width="120"> </td>
<td> </td>
<td width="150"> </td>
</tr>
<tr>
<td align="right" width="120"><img src="/themes/pfsense/images/misc/key_256.gif" width="81" height="42"></td>
<td> </td>
<td width="150">
<input type="button" class="button" name="gen256" value="generate 256-bit key" onClick="javascript:go(this.form, 29)">
</td>
</tr>
<tr>
<td width="120"> </td>
<td> </td>
<td width="150"> </td>
</tr>
<tr>
<td width="120">
<p align="left" class="header2"><a name="custom">Custom WEP Key</a></p>
</td>
<td> </td>
<td width="150"> </td>
</tr>
<tr>
<td colspan="3">
<p align="left"><b>NOTE</b>: 5/13/16/29 characters are needed for 64/128/152/256-bit
WEP</p>
</td>
</tr>
<tr>
<td width="120">
<p align="right">Custom Phrase</p>
</td>
<td> </td>
<td width="150" valign="top">
<p>
<input type="text" name="customPhraseField" size="30" class="textfield" maxlength="29" value="enter your phrase here" onClick="this.value=''"; onChange="document.sweps.customPhraseCCField.value=document.sweps.customPhraseField.value.length;" onBlur="document.sweps.customPhraseCCField.value=document.sweps.customPhraseField.value.length;">
</p>
</td>
</tr>
<tr>
<td width="120">
<p align="right">Character Count</p>
</td>
<td> </td>
<td width="150" valign="middle">
<p>
<input type="text" name="customPhraseCCField" size="2" class="textfield" maxlength="2">
</p>
</td>
</tr>
<tr>
<td width="120"> </td>
<td> </td>
<td width="150" valign="middle">
<input type="button" class="button" name="genck" value="generate custom key" onClick="javascript:go_ck(this.form)">
</td>
</tr>
</table>
<br>
<table width="500" border="0" cellspacing="0" cellpadding="0">
<tr>
<td align="left" colspan="3">
<p></p>
<p class="header2"><a name="generated_key">Generated Key</a></p>
</td>
<td> </td>
</tr>
<tr>
<td align="right" width="125">
<p></p>
<p>ASCII</p>
</td>
<td width="10"> </td>
<td>
<input type="text" name="ascKeyTextField" size="60" class="textfield" maxlength="29">
</td>
<td>
<input type="button" name="copyASCII" value="copy to clipboard" onClick="javascript:HighlightAll('sweps.ascKeyTextField')" class="button">
</td>
</tr>
<tr>
<td align="right" width="125">
<p>HEX</p>
</td>
<td> </td>
<td>
<input type="text" name="hexKeyTextField" size="60" class="textfield" maxlength="58">
</td>
<td>
<input type="button" name="copyHEX" value="copy to clipboard" onClick="javascript:HighlightAll('sweps.hexKeyTextField')" class="button">
</td>
</tr>
</table>
</form>
</body>
</html>
|