Results 1 to 8 of 8

Thread: Project: What about WPA online cracking?

  1. #1
    Just burned his ISO
    Join Date
    Jun 2008
    Posts
    15

    Question Project: What about WPA online cracking?

    Hi there,

    I've been searching the web for an equivalent to the online rainbow tables for cracking windows hashes etc., does anybody know if there's something similar for WPA cracking with cowpatty and the precomputed hash tables on the server?

    If not, wouldn't that be a good idea? There had to be a server with the 33GB hash tables and cowpatty and a simple web interface where you upload your handshake .cap file and get the result. That would be great for the start.

    Furthermore there could be an upload section for other precomputed hash tables to extend the lists of essids the can be cracked.

    If someone has a server available, I'd really like to participate in setting this up. What do you think? Let me know!
    I love deadlines. I like the whooshing sound they make as they fly by.

    Douglas Adams

  2. #2
    Senior Member Thorn's Avatar
    Join Date
    Jan 2010
    Location
    The Green Dome
    Posts
    1,509

    Default

    It would only take about 10-20 lines of PHP or other scripting language to do this. However, when you consider that half the job is getting the handshake captured and then the cracking itself is pretty trivial, I'm not sure that there would be much need for it.
    Thorn
    Stop the TSA now! Boycott the airlines.

  3. #3
    Senior Member streaker69's Avatar
    Join Date
    Jan 2010
    Location
    Virginville, BlueBall, Bird In Hand, Intercourse, Paradise, PA
    Posts
    3,535

    Default

    Quote Originally Posted by RaginRob View Post
    If someone has a server available, I'd really like to participate in setting this up. What do you think? Let me know!
    ...and exactly how were you planning to participate?


    Are you going to give a sizable donation for the purchase of the hardware, bandwidth and hosting fees?

    Are you going to write the webinterface?
    A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

  4. #4
    Senior Member kidFromBigD's Avatar
    Join Date
    Jan 2010
    Location
    Texas
    Posts
    159

    Default Crack for hire?

    Good thoughts here.

    Often I've wondered if anyone with the skills/hardware would begin to offer to crack the 4-way. That is to say, I have my own network locked down with WPA, but I supply you the captured handshake, and challenge you to break it.

    So far I have not seen this.

    Having said that, I can see all kinds of flames coming my way: The n00bs who capture the neighbor's 4-way then submit it to the Pro's, and they unwittingly help a skiddie dive deeper into ... whatever unlawful activity.

    Bottom line, I think there's thorny ethical questions for just such a website/service. These forums promote learning and understanding, and the last thing we want is being labled "Den of Thieves"

    Just my $.02

  5. #5
    Member
    Join Date
    Aug 2007
    Posts
    468

    Default

    I think somebody else has already beaten you to the idea of the "out-sourcing" service.

    http://www.darkreading.com/security/...leID=213401744

  6. #6
    Just burned his ISO
    Join Date
    Jun 2008
    Posts
    15

    Default

    I think I'll set up a local version here and play around with it.

    @thorn: Yes, capturing the 4way often is the hardest part, but it's quite annoying to wait for aircrack to finish cracking afterwards. It's much more comfortable to fire up cowpatty with the matching table and wait 10-100 secs. A centralized web-based tool or database would come in quite handy, especially if people keep adding and extending hash tables.

    I'll keep an eye on the metasploit project (thanks BOFH139), sounds pretty interesting and I think there's definitely more to come once their new service server is up and running =)

    @kidFromBigD: I know what you mean and you're right. Of course the had to be a registration and/or authentication before one can use the online cracker. It's not intended to be a cool gadget for script kiddies but admins like me and my colleagues, who have to care about appr. 11000 hosts in a widely spread hospital network environment.
    I love deadlines. I like the whooshing sound they make as they fly by.

    Douglas Adams

  7. #7
    Senior Member Thorn's Avatar
    Join Date
    Jan 2010
    Location
    The Green Dome
    Posts
    1,509

    Default

    Quote Originally Posted by RaginRob View Post
    I think I'll set up a local version here and play around with it.

    @thorn: Yes, capturing the 4way often is the hardest part, but it's quite annoying to wait for aircrack to finish cracking afterwards. It's much more comfortable to fire up cowpatty with the matching table and wait 10-100 secs. A centralized web-based tool or database would come in quite handy, especially if people keep adding and extending hash tables.
    Yeah, I know that coWPAtty is quicker with the tables than aircrack. That's why I came up with the idea of the WPA tables in the first place.

    Which is exactly my point. Carry the WPA tables on your hard drive. Boom, you're done. Can't fit them on you laptop's HD? Get a portable. Even the smallest USB/Firewire portable HDs have more than enough room for the 7GB and 33GB tables.

    Frankly, I don't see a great need for adding and extending the WPA table's hashes. The SSIDs and passwords used in the CoWF's WPA Tables were chosen after careful analysis for the most common (usually default) SSIDs used worldwide and most commonly used passwords. Expanding the tables makes sense only if you have a custom set of SSIDs that you need to test. However, since a hash for a custom SSID tends to be localized, making a such a custom hash available for other people doesn't really do much for other people.
    Thorn
    Stop the TSA now! Boycott the airlines.

  8. #8
    Just burned his ISO
    Join Date
    Jun 2008
    Posts
    15

    Default

    Yeah, I know that coWPAtty is quicker with the tables than aircrack. That's why I came up with the idea of the WPA tables in the first place.
    Ok, got me. Really missed the point here

    Sure, having the tables on your hd works as well as storing them on a server and is probably sufficient for most people. Anyway, for our purposes it would definitely be useful.
    I love deadlines. I like the whooshing sound they make as they fly by.

    Douglas Adams

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •