Page 1 of 2 12 LastLast
Results 1 to 10 of 19

Thread: WPA impossible to crack?

  1. #1
    Just burned his ISO
    Join Date
    Jul 2006
    Posts
    17

    Thumbs down WPA impossible to crack?

    I've been reading up on cracking WPA and it seems that in real terms it's still pretty much impossible.

    Assuming that the AP is set up in a reasonably secure way, e.g. a unique ID like BT-Homehub1214 with a 128bit WEP style key or secure password of over 5 chars; it's unlikely that the network will be cracked. Due to the dependancy on the ID of the network, rainbow table style hashes would need to be generated for each network individually. This would take so long that in most cases it wouldn't be worth the effort. A high security network would probably change passwords at a faster rate than you could generate hashes.

    Is this correct or am I missing something major?

  2. #2
    Member
    Join Date
    Apr 2007
    Posts
    155

    Default

    You are leaving out the fact that WPA-TKIP has been partially cracked recently and the fact that GPU accelerated password crackers make cracking even the toughest passwords not much of a chore.

    So i guess thats major.

    Remember, anything is possible.
    This is a hackers forum :P
    root ~# aircrack-ng pwnd-01.cap
    Lenovo Thinkpad R500, OS: Ubuntu 8.10, BackTrack3, Windows XP (VirtualBox), Windows Vista, Windows 7 beta

  3. #3
    Senior Member ShadowKill's Avatar
    Join Date
    Dec 2007
    Posts
    908

    Default

    Quote Originally Posted by JF1980 View Post
    I've been reading up on cracking WPA and it seems that in real terms it's still pretty much impossible.

    Assuming that the AP is set up in a reasonably secure way, e.g. a unique ID like BT-Homehub1214 with a 128bit WEP style key or secure password of over 5 chars; it's unlikely that the network will be cracked. Due to the dependancy on the ID of the network, rainbow table style hashes would need to be generated for each network individually. This would take so long that in most cases it wouldn't be worth the effort. A high security network would probably change passwords at a faster rate than you could generate hashes.

    Is this correct or am I missing something major?
    Also, depending on the router being utilized, ie SKY's v1 routers, the algorithm has been cracked which would take "cracking" the key a matter seconds.



    "The goal of every man should be to continue living even after he can no longer draw breath."

    ~ShadowKill

  4. #4
    Just burned his ISO imported_Silver_Seven's Avatar
    Join Date
    Feb 2008
    Posts
    20

    Default

    WPA is definitely going to want to see more than 5 characters, I always recommend 12 plus with alphanumeric and special characters. Especially nothing in the dictionaries seeing how a salt of the essid with the dictionary or tables will crack a weak pass quickly.

    Also, Shavx is spot on ....... do some reading on the GPU / Nvidia / Distributed cracking for WPA:

    http://hothardware.com/News/Russian-...Crack-WPA-WPA2
    http://www.pronetworks.org/index.php...good_passwords

    These GPU's are born to crunch out some quick processing ........ :-)

  5. #5
    Senior Member ShadowKill's Avatar
    Join Date
    Dec 2007
    Posts
    908

    Default

    Quote Originally Posted by Silver_Seven View Post
    WPA is definitely going to want to see more than 5 characters, I always recommend 12 plus with alphanumeric and special characters. Especially nothing in the dictionaries seeing how a salt of the essid with the dictionary or tables will crack a weak pass quickly.

    Also, Shavx is spot on ....... do some reading on the GPU / Nvidia / Distributed cracking for WPA:

    http://hothardware.com/News/Russian-...Crack-WPA-WPA2
    http://www.pronetworks.org/index.php...good_passwords

    These GPU's are born to crunch out some quick processing ........ :-)
    ElcomSoft has some pretty good software for multip-application password cracking. Look up Distributed Password Recovery by ElcomSoft. It utilizes GPU threading



    "The goal of every man should be to continue living even after he can no longer draw breath."

    ~ShadowKill

  6. #6
    Just burned his ISO
    Join Date
    Jul 2006
    Posts
    17

    Default

    Thanks guys, very interesting. I suppose with enough CPU power available anything is possible (e.g. if the FBI wanted to crack a key they would have the mainframe CPU power on hand to blitz through keys brute force).

    Are you all saying that WPA-TKIP has been cracked? The majority of WPA routers I see use this algorithm. I couldn't see any mention of a fast way of cracking these in the tutorials I've read on this forum; they've all been using brute force / dictionary techniques.

    As for the GPU assistance, the notebook I use to run BT3 has an integrated Intel 945 graphics chipset which I doubt would be much use. The link above says they would need 3 months to crack an 8-char lowercase password which still seems slow to me.

  7. #7
    Just burned his ISO
    Join Date
    Oct 2008
    Posts
    22

    Default

    Quote Originally Posted by JF1980 View Post
    Thanks guys, very interesting. I suppose with enough CPU power available anything is possible (e.g. if the FBI wanted to crack a key they would have the mainframe CPU power on hand to blitz through keys brute force).

    Are you all saying that WPA-TKIP has been cracked? The majority of WPA routers I see use this algorithm. I couldn't see any mention of a fast way of cracking these in the tutorials I've read on this forum; they've all been using brute force / dictionary techniques.

    As for the GPU assistance, the notebook I use to run BT3 has an integrated Intel 945 graphics chipset which I doubt would be much use. The link above says they would need 3 months to crack an 8-char lowercase password which still seems slow to me.
    how bout making a rogue ap, deathenticate the victim so he connects to ur ap and BAM you have successfully cracked(bypassed) the wpa encryption algorithm LOL

  8. #8
    Senior Member ShadowKill's Avatar
    Join Date
    Dec 2007
    Posts
    908

    Default

    Quote Originally Posted by seankilla View Post
    how bout making a rogue ap, deathenticate the victim so he connects to ur ap and BAM you have successfully cracked(bypassed) the wpa encryption algorithm LOL
    How about using the Shift key and proper spelling/grammar? Nevermind describing a scenario that is very much illegal and not at all on the same lines with what the OP was inquiring....



    "The goal of every man should be to continue living even after he can no longer draw breath."

    ~ShadowKill

  9. #9
    Very good friend of the forum killadaninja's Avatar
    Join Date
    Oct 2007
    Location
    London, United Kingdom.
    Posts
    526

    Default

    Password and Password1 both made it into the top 10 most common passwords hahahahahaha.
    Sometimes I try to fit a 16-character string into an 8–byte space, on purpose.

  10. #10
    Junior Member
    Join Date
    Feb 2010
    Posts
    43

    Default

    Did anybody succeed in cracking WPA-TKIP by using tkiptun-ng.

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •