Page 4 of 11 FirstFirst ... 23456 ... LastLast
Results 31 to 40 of 104

Thread: online wpa cracker

  1. #31
    Member
    Join Date
    Mar 2010
    Posts
    123

    Default

    I will rejig my test lab tonight and give it a go:

    I will try a normal word and an alphanumeric combination.

    At first glance it does look like the Rainbow tables we all know but this could be a handy resource for testing home .cap but like mentioned previously i wouldnt utilise a service like this for a contract pen test. I would inform the company of this service if the SSID/pass could have been cracked by the aforementioned rainbow tables - just to highlight insecurity's to them.

    Ill report back later on with my findings

  2. #32
    Just burned his ISO
    Join Date
    Feb 2009
    Posts
    11

    Default

    Quote Originally Posted by Gitsnik View Post
    Not to mention it just looks like a web interface to the offensive security rainbow tables... which anyone could do... the threadmancer didn't (I think) grasp the full backstory to pureh@te's question, namely using his beast for a public service.

    ?

    im not an frequent (not even infrequent) user of this forum, but i've read the full thread

    actually i stumbled upon this thread AFTER creating this site, and it is indeed just a frontend on a free hoster and will forward the cap files to the cracking server which utilizes COW's (_churchofwifi.org_) 40 GB tables to perform an dictionary attack

    baby stuff indeed, but sufficient for private usage i think

    didnt even know about offensive security's rainbow tables since now..


    EDIT:
    to tell you the full story:
    i've downloaded church of wifi's tables about one year ago - they were never of any use to me

    i own an eeepc 901 with mobile (gsm) internet, it's an nice little toy but has only an small harddisk and an really slow CPU so i made up a little website/script to use the computing power of my desktop pc to crack wpa/wep

    since it's still useless to me (never found just one lousy password) i decided to share it with the world instead of deleting it

    actually i don't expect any professionals using this service, (it would be highly unprofessional to use it, you are submitting key AND data) added the text only to scare script kiddies away and to give myself some kind of insurance if bad things happen - (personally i don't give a **** about what they do with it)

    but if you want to use it on your own company/website (which would really make sense, password protected of course), tell me and i will give you the PHP/bash scripts for a small compensation of my time (not necessarily money)

  3. #33
    Just burned his ISO
    Join Date
    Feb 2009
    Posts
    11

    Default

    looks like some of my tables are fubar'd, imported them with airolib-ng just a few days ago


    if anyone has the full wpa table set from offensive sec. (they are much bigger than COW's tables) and is interested to set up an cracking server i will be glad to give away my scripts in exchange for free usage


    a normal desktop pc with the ability to send mails would be sufficient, btw

  4. #34
    Member
    Join Date
    Mar 2010
    Posts
    123

    Default

    Okies,

    A nice quick and simple .cap file.

    SSID = NETGEAR
    key = [Try and solve yourself - shouldnt take too long tbh]

    RapidShare: 1-CLICK Web hosting - Easy Filehosting

    Mirror @ Mediafire.com

    The other network listed in the cap is my actual home network. The tgt is NETGEAR [i foolishly set it to chan 6 which is same as my home - o well]

    Uploaded the cap to the online cracker:

    Waited 5 mins no email- Will edit on reciept of Mail.

  5. #35
    Just burned his ISO
    Join Date
    Nov 2007
    Posts
    4

    Default private

    What if we try to make it a private server for private use so we can test out the possiblity's? that way we can lose the mis abuse part of the service?

  6. #36
    Member
    Join Date
    Mar 2010
    Posts
    123

    Default

    Im guessing the PC/Crack Server was offline - still no email.

    If needbe i can re-up the .cap to it but i am off to bed as its just hit midnight here

  7. #37
    Developer
    Join Date
    Mar 2007
    Posts
    6,126

    Default

    Wow, so slacker resurrected my online cracker thread with one of his own. Well thats fine but the problem with using the church of wifi tables is that your crack server is only good for the 1000 essid's you generated it with.

    If you will see my other threads on this topic you will see I have built a massive GPU cracker server that works for any essid. The trouble is the author of Pyrit is afraid of repercussions from the current government where he lives so he asked me to make it private. I do give access to a select few people so you can shoot me a PM and I will review your case. I had planned to make it free and public however I have to respect the author wish. He is a swell guy and has helped me out lots of times in my quest to learn gpu stuff.

    Once again if anyone has .cap files they want to give to me I am always accepting testers.


    mummyboy: here is what mine looks like:



    And here is the copy of the email after I cracked it:
    Code:
    Hi purehate,
    
    Thanks for using Kracker. The process for NETGEAR (NETGEAR-20:04:34.cap) has been completed.
    
    Here are the results from the run:
    
    
    The PSK is "password".
    
    
    25771214 passphrases tested in 453.64 seconds:  56810.37 passphrases/second
    
    
    KTHNXBYE!

  8. #38
    Member
    Join Date
    Mar 2010
    Posts
    123

    Default

    @purehate

    I chose a key that i knew was easy.

    That pyrit is the dogs danglys. I am going to seriously look at making a cracking server myself.

    Although - as family guy said
    "we have the technology - we just dont want to spend a lot"

    Just out of intrest how much did your box cost?

    @slacker

    Still no email I am guessing your box was down buddy

  9. #39
    Just burned his ISO
    Join Date
    Feb 2009
    Posts
    11

    Default

    Quote Originally Posted by mummysboy View Post
    Im guessing the PC/Crack Server was offline - still no email.

    If needbe i can re-up the .cap to it but i am off to bed as its just hit midnight here

    it's up, check your spam folder, sender address is "hepha1st0s@darkstar.net", subject "Online WPA crack - result"

    1 minute after submitting the "netgear" cap it responds with

    ---------------------------------------------
    result for essid: NETGEAR
    No networks found, exiting.
    ---------------------------------------------

    it got wrong base64-decoded i guess, will fix my script in a few days - it used to work with my test cap files..


    don't expect too much tough, it's a small table set only (about 130 MB per table) but i can easily replace COW's tables with remote exploit's - just have to download them


    EDIT:
    should be fixed now, it calculated the wrong filelength (forgot to count the '\n's)
    will replace COW's tables with OS's in a few days for better results

    the service will be free but i will add http basic auth (login as guest/guest) for a little privacy

  10. #40
    Just burned his ISO
    Join Date
    Feb 2009
    Posts
    11

    Default

    @pureh@te

    "25771214 passphrases tested in 453.64 seconds: 56810.37 passphrases/second"


    that's quite impressive !

    not much slower than a dictionary attack with precomputed PMK's (got about 71000 passphrases/s here with church of wifi's tables, using aircrack-ng)


    if an table with the matching essid exists it still makes sense to perform an dictionary attack before doing an exhaustive search with pyrit, since most people are using "common" passwords

    so you are welcome to use my little service at lunix.izfree.com as long it's up, it will be free and open to everyone

Page 4 of 11 FirstFirst ... 23456 ... LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •