1. Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

A cloud service to crack WPA/WPA2

Discussion in 'Networking & Security' started by Hybrid_theory, Jul 26, 2010.

  1. Hybrid_theory

    Hybrid_theory

    Joined:
    Mar 31, 2007
    Messages:
    1,895 (0.63/day)
    Thanks Received:
    163
    Location:
    ontario canada
    Thought this to be interesting. You can use it to test your wireless security. It probably won't work as easily if you use central auth for wireless.

    Rest of the article:http://blogs.techrepublic.com.com/security/?p=4097&tag=results;CR1

     
  2. hat

    hat Enthusiast

    Joined:
    Nov 20, 2006
    Messages:
    17,220 (5.46/day)
    Thanks Received:
    2,205
    Location:
    Ohio
    They just use a dictionary? Good luck getting in to mine.
     
    Crunching for Team TPU More than 25k PPD
  3. Easy Rhino

    Easy Rhino Linux Advocate

    Joined:
    Nov 13, 2006
    Messages:
    13,791 (4.37/day)
    Thanks Received:
    3,614
    yea, the idea of distributed cracking is intriguing, but their setup is fail. no way anybody is getting into mine just by going through a dictionary.
     
  4. slyfox2151

    slyfox2151

    Joined:
    Jan 14, 2009
    Messages:
    2,620 (1.11/day)
    Thanks Received:
    526
    Location:
    Brisbane, Australia
    yeah this is not brute force as they claim :*(... its also not much faster then running your own crack on Cuda using your high end video card instead of the CPU.




    if your using WPA chances are you wont be using a dictionary word if your smart enough... witch pritty much confirms this service would only be usefull to crackers out there who want to abuse it. its worthless to anyone who would use it to test security.

    any WPA encription is pritty much uncrackable over 10 charators long using all forms of charactors (!fh24) ect.. it would take months to years with multiple GPUs/CPUs trying to brute force it.



    i toyed with cracking my own Wifi routers, trying all forms of WEP WPA WPA2 tkip aes...
     
  5. VulkanBros

    VulkanBros

    Joined:
    Jan 31, 2005
    Messages:
    1,449 (0.38/day)
    Thanks Received:
    373
    Location:
    The Pico Mundo Grill
    wait a second....2 month ago I had a network security firm hired to test my company´s wireless networks.

    The lowest encryption we use is WPA2 AES/TKIP with a 13 character encryption code.
    The highest encryption we use is a mix of radius servers, mac filtering, static ip´s and randomly keys.

    WPA2 AES/TKIP: With various packet sniffing and other winky (Linux tools) it took them 13 hours to crack the key.

    The high encryption network: The leaved the Linux laptop with all its fabulous tools for 7 days.
    They did not succeed .......

    And remember - this was a professional network security company

    So it sounds to me - that this "cloud" thing is no other than a money machine....:wtf:
     
    Crunching for Team TPU
  6. slyfox2151

    slyfox2151

    Joined:
    Jan 14, 2009
    Messages:
    2,620 (1.11/day)
    Thanks Received:
    526
    Location:
    Brisbane, Australia
    this cloud is not doing the same thing that your security company did. there are a few different ways to crack WPA2, this is just a simple large word list.
    your security company would not have tried to crack it via a password list if it was long and complex. there is simply to many variations... the word list would be MASSIVE.... over petabytes...... (50 million average words in a .txt file comes 300-500mb uncompressed)


    the last time i checked, a GTX260 did about 120000 passwords per second... if you had a complex password just 8 charactors long it would take over 1933 years to break.
    or if it was not so complex, just letters and numbers, 59 years.

    if you clustered a lot of GPUs together then you may get the time to crack down to a resonable scale.
     
    Last edited: Jul 27, 2010
  7. Easy Rhino

    Easy Rhino Linux Advocate

    Joined:
    Nov 13, 2006
    Messages:
    13,791 (4.37/day)
    Thanks Received:
    3,614
    yes. more than likely the firm ran a shit ton of programs both on and off your network. some were brute force but others were packet sniffing high traffic areas and snooping out local machines that have lame passwords or weak encryption and trying man in the middle attacks on them.
     
  8. RejZoR

    RejZoR

    Joined:
    Oct 2, 2004
    Messages:
    5,773 (1.47/day)
    Thanks Received:
    1,483
    Location:
    Europe/Slovenia
    Good luck with my full ASCII 64 character password :D :p
     
  9. slyfox2151

    slyfox2151

    Joined:
    Jan 14, 2009
    Messages:
    2,620 (1.11/day)
    Thanks Received:
    526
    Location:
    Brisbane, Australia
    PFT i could crack that.... gimme a 9MM handgun :D job done in 5 minutes

    if thats not convincing.. take out the Shotgun
     
  10. razaron

    razaron

    Joined:
    Apr 26, 2008
    Messages:
    1,107 (0.42/day)
    Thanks Received:
    177
    Location:
    london
    there're 1.02*10^77 possibilities for my wireles security, and thats using hex. if it was ascii the possible passwords would equal 4.09*10^151. both of these are alot are alot bigger than the meager 370 million word dictionary.
     
    Last edited: Jul 27, 2010
  11. Dark_Webster New Member

    Joined:
    Jul 29, 2007
    Messages:
    393 (0.14/day)
    Thanks Received:
    51
    Location:
    Portugal
    Gosh, it's better to crack it yourself, keep the money even if it takes some days do decipher the password.
     
  12. Hybrid_theory

    Hybrid_theory

    Joined:
    Mar 31, 2007
    Messages:
    1,895 (0.63/day)
    Thanks Received:
    163
    Location:
    ontario canada
    $17 is a lot cheaper than having company resources dedicated to running to crack the network. It also takes technician time which can be expensive.
     
  13. Geofrancis

    Geofrancis

    Joined:
    Mar 12, 2009
    Messages:
    1,042 (0.45/day)
    Thanks Received:
    153
    Location:
    SCOTLAND!
    i tried the gpu cracking on a 9600gso and it done 6000 per second. with a 8 digit a-z password that come with isp's routers it would take a year.

    i was thinking of building a gpu server with 4x 9800gx2's so i could do it in under a month. but lack of funds screwed that up
     
  14. Easy Rhino

    Easy Rhino Linux Advocate

    Joined:
    Nov 13, 2006
    Messages:
    13,791 (4.37/day)
    Thanks Received:
    3,614
    can't you just set your router to block requests from a mac address after it tried a bunch of times?
     
  15. Hybrid_theory

    Hybrid_theory

    Joined:
    Mar 31, 2007
    Messages:
    1,895 (0.63/day)
    Thanks Received:
    163
    Location:
    ontario canada
    Maybe, depends on the flexibility of the firmware. But if that happened they could spoof their MAC every so often.
     
  16. Easy Rhino

    Easy Rhino Linux Advocate

    Joined:
    Nov 13, 2006
    Messages:
    13,791 (4.37/day)
    Thanks Received:
    3,614
    true, but that would mean it would take a lot longer. it would not be worth it for the cracker and they would just move onto a different target. unless of course you have government secrets on your network :laugh:
     
  17. Hybrid_theory

    Hybrid_theory

    Joined:
    Mar 31, 2007
    Messages:
    1,895 (0.63/day)
    Thanks Received:
    163
    Location:
    ontario canada
    The thing to keep in mind with this service too, is that you capture traffic for X amount of hours and then send it to the cloud to analyze it and break the key. So preventative measures such as MAC filtering won't work in this situation.

    But if an attacker is trying to brute force a wireless network and gets kicked off. Well they could probably integrate into the script to change MAC every so often. Or they would move to another target if financial gain is not enough.
     
  18. Easy Rhino

    Easy Rhino Linux Advocate

    Joined:
    Nov 13, 2006
    Messages:
    13,791 (4.37/day)
    Thanks Received:
    3,614
    hrm, but to capture traffic you have to be on the network unless using a man in the middle attack. but in that case you already have to know a bunch of information about the network.
     
  19. Hybrid_theory

    Hybrid_theory

    Joined:
    Mar 31, 2007
    Messages:
    1,895 (0.63/day)
    Thanks Received:
    163
    Location:
    ontario canada
    Wireless broadcasts beacons and other SSID information packets. So you can basically sniff that stuff for a long time and then analyze it. The service though is that you do this to your own network, and send the data to the cloud.
     
  20. Jizzler

    Jizzler

    Joined:
    Aug 10, 2007
    Messages:
    3,593 (1.24/day)
    Thanks Received:
    702
    Location:
    Geneva, FL, USA
    I don't believe it wouldn't matter. One would only need to grab enough data and have the service (or their own tools) hack away at it. If successful, return and rape the network.

    Like WEP, except that WEP fails so fast that you can find a WLAN, sit there, wait for the key to be figured out, then break in.



    Edit, heh, a little late hitting the post button.
     
  21. 3volvedcombat

    3volvedcombat New Member

    Joined:
    May 10, 2009
    Messages:
    1,514 (0.67/day)
    Thanks Received:
    261
    Location:
    South California, The desert.
    Just take fits mega reg.

    equip it with some 4 GTX 480's

    Overclock them just a tad and have them on water cooling

    You would have alot of cores for a cluster of processing



    but that is still not fast enough so.

    but just a though hmmm :)
     
  22. Hybrid_theory

    Hybrid_theory

    Joined:
    Mar 31, 2007
    Messages:
    1,895 (0.63/day)
    Thanks Received:
    163
    Location:
    ontario canada
    Might be cheaper to buy a bunch of like 5 year old pcs for $200 each and cluster em or something :p
     
  23. blkhogan

    blkhogan New Member

    Joined:
    Aug 11, 2007
    Messages:
    2,314 (0.80/day)
    Thanks Received:
    648
    Location:
    If I told u.. I'd have to kill u
    That would work. Until you ran into someone (like me) that has bigger and badder guns waiting. :laugh:
    I had a friend for shits and giggles try and crack my network. He's cracked it before in about 3 days time. He had a dedicated gpu box with 3 or 4 260's working on it. He bet me $100 that he could crack it under 7 days max. Hahahaha.... I won. Still havent seen a dime from him though. Im more than safe in the area I live in. Its a neighborhood of older retired folks. :)
     
  24. Hybrid_theory

    Hybrid_theory

    Joined:
    Mar 31, 2007
    Messages:
    1,895 (0.63/day)
    Thanks Received:
    163
    Location:
    ontario canada
    Retired hackers that worked for crimelords in the 80s :p
     
  25. claylomax

    claylomax

    Joined:
    Apr 10, 2010
    Messages:
    1,656 (0.86/day)
    Thanks Received:
    279
    Location:
    London
    Just right now, from my room I can detect 10 WiFi connections: 4 use WPA, 4 use WEP and the other 2 use no security key at all. Most of the people don't know about this and they just set up the router and leave it on a shelf and that's it. By the way they all use the same channels: 1, 6 and 11.
     

Currently Active Users Viewing This Thread: 1 (0 members and 1 guest)

Share This Page