Page 1 of 3 123 LastLast
Results 1 to 10 of 22

Thread: WPA2 Cracking (can it be cracked?/how?)

  1. #1
    Junior Member
    Join Date
    Mar 2010
    Posts
    43

    Default WPA2 Cracking (can it be cracked?/how?)

    Is it true that brute forcing isn't effective on wpa2 and that dictionary attacks are the only effective means of breaking it? if so why is that.

    and if that is the case; if the my ssid password was:
    6nG*4jkLM35 biteme26(@!nTDjk249w

    It would make it relatively uncrackable (i know, there's no such thing right?) using methods like aircrack (without say, a computer with ridiculous processing power and alot of time) right?

    How else can I/someone else crack my wifi net if not by this means?

  2. #2
    Very good friend of the forum drgr33n's Avatar
    Join Date
    Jan 2010
    Location
    Dark side of the moon ...
    Posts
    699

    Default

    Think you posted in the wrong section defo a newb post

    Is it true that brute forcing isn't effective on wpa2 and that dictionary attacks are the only effective means of breaking it? if so why is that.
    brute forcing is a dictionary attack.

    and if that is the case; if the my ssid password was:
    6nG*4jkLM35 biteme26(@!nTDjk249w

    It would make it relatively uncrackable
    yep

    (i know, there's no such thing right?) using methods like aircrack (without say, a computer with ridiculous processing power and alot of time) right?
    Think your a bit confused with the actual way wpa and wpa2 is attacked try wikpedia.

    How else can I/someone else crack my wifi net if not by this means?
    http://hackaday.com/2008/11/09/new-wpa-tkip-attack/

  3. #3

    Default

    Dr GrEeN; I read about this a while back (I guess probably around last Nov , do you know if anyone has actually come up with an implementation of these techniques?

  4. #4
    Junior Member
    Join Date
    Mar 2010
    Posts
    43

    Default

    Quote Originally Posted by Dr_GrEeN View Post
    Think you posted in the wrong section defo a newb post
    thanks... your posts have been real helpful...
    and yes I am a "newb" as you so eloquently state, but even Kevin Mitnik had to start somewhere... i'll be sure to stay in the newb forums from here on out

    Quote Originally Posted by Dr_GrEeN View Post
    brute forcing is a dictionary attack.
    Actually you said that backwards...
    a dictionary attack is a form of brute forcing.

    Brute force attack generates all of the possible combination of a given set of characters in hopes of guessing the actual pass.

    While dictionary attacks take this a step further and have predefined common password lists. That will speed along the guessing, (if the word is in said list)

    Quote Originally Posted by Dr_GrEeN View Post
    Think your a bit confused with the actual way wpa and wpa2 is attacked try wikpedia.
    Unfortunately wikipedia doesn't cover such a top with the kind of depth I was hoping to find here...


    Quote Originally Posted by Dr_GrEeN View Post
    hackaday.com/2008/11/09/new-wpa-tkip-attack
    Aircracks website is down...

  5. #5

    Default

    Aircracks website is down...
    THIS link allows you to view the linked paper as html

  6. #6
    Junior Member
    Join Date
    Mar 2010
    Posts
    43

    Default

    Quote Originally Posted by cybrsnpr View Post
    is link allows you to view the linked paper as html
    ahh! google cache... i'd forgotten all about it... thanks cybrsnpr.

    and to mr green, great info, thanks for sharing.

  7. #7
    Junior Member Relentless's Avatar
    Join Date
    Jan 2010
    Posts
    59

    Default

    Your passphrase is > 21 characters, whoever plans to crack your wireless AP or wireless router better have mad patient skills.

    In the paper "Practical Attacks Against WEP & WPA" the authors emphasize that the PSK key
    has to be "weak" in order for this to work at the begining of the paper; in addition, to the fact that the clients must be using WPA+TKIP to associate to the AP or wireless router .

    However, In 2003 Robert Moskowitz of ISCA Labs detailed the potential problems of deploying weak passwords/passphrases with WPA in his paper: "Weakness in Passphrase Choice in WPA Interface," where Moskowitz points out that a short passphrase < 21 characters is susceptible to a dictionary attack.

    Furthermore, I also thought that this was an interesting statement at the end of the paper: " Practical attacks against
    WEP and WPA,"- "Our attack on TKIP in Section 5 shows that even WPA with a "strong" password is
    not 100% secure and can be attacked in a real world scenario."

    So one would have to ask, how long was the password/passphrase they tested in their paper "Practical attacks against
    WEP and WPA."

    And how long will it take to crack a passphrase that is greater than 21 charaters, especially in Cynicalpsycho's case where the passphrase has a combination of alphanumerica characters+space+and other random symbols.

    Maybe a lab is in order ;-).

  8. #8

    Default

    I apologize in advance for taking the thread a bit off topic...

    Good points Oktet. Given time, computing power, and disk space, any WPA/WPA2 "personal" (i.e. passphrase) key can be broken. 802.1x ("enterprise") may be a different story. But, when dealing with a private entity (home, personal, non-business) IMHO, all you really need to worry about is "am I faster than the other guy running from the bear?"

    Unless a really determined adversary is after you, a strong non-dictionary based WPA passphrase should suffice for good security. Unless of course, your Govt is after you

  9. #9
    Junior Member
    Join Date
    Mar 2010
    Posts
    43

    Default

    Quote Originally Posted by Oktet View Post
    In the paper "Practical Attacks Against WEP & WPA" the authors emphasize that the PSK key
    has to be "weak" in order for this to work at the begining of the paper; in addition, to the fact that the clients must be using WPA+TKIP to associate to the AP or wireless router .

    However, In 2003 Robert Moskowitz of ISCA Labs detailed the potential problems of deploying weak passwords/passphrases with WPA in his paper: "Weakness in Passphrase Choice in WPA Interface," where Moskowitz points out that a short passphrase < 21 characters is susceptible to a dictionary attack.

    Furthermore, I also thought that this was an interesting statement at the end of the paper: " Practical attacks against
    WEP and WPA,"- "Our attack on TKIP in Section 5 shows that even WPA with a "strong" password is
    not 100% secure and can be attacked in a real world scenario."

    So one would have to ask, how long was the password/passphrase they tested in their paper "Practical attacks against
    WEP and WPA."
    Yeah exactly, they never really specified what a 'strong' password is, i mean i know some people (who's job IS security... in a place where *you would think* security really matters...) consider "68.GO.bang" a 'strong' pass. 2 upper 2 lower -alpha, 2 special chars, and 2 #s with at least 10 chars total.

    Quote Originally Posted by Oktet View Post
    And how long will it take to crack a passphrase that is greater than 21 charaters, especially in Cynicalpsycho's case where the passphrase has a combination of alphanumerica characters+space+and other random symbols.

    Maybe a lab is in order ;-).
    Certainly sounds like something worth looking into. It would help to build a good security policy.

    Knowing how long it would take say a quad core (it would be rather pointless to go into supercomputing) computer to crack such a pass-phrase would make it easy to determine how often you should switch up your.

    You're always hearing people complaining about how inherently insecure wifi is, it would be nice to have at least a little piece of mind on the subject.

    another thing worth looking into is the encryption and wifi's susceptibility to monitoring.

  10. #10
    Junior Member
    Join Date
    Mar 2010
    Posts
    43

    Default

    Quote Originally Posted by cybrsnpr View Post
    I apologize in advance for taking the thread a bit off topic...

    Good points Oktet. Given time, computing power, and disk space, any WPA/WPA2 "personal" (i.e. passphrase) key can be broken. 802.1x ("enterprise") may be a different story. But, when dealing with a private entity (home, personal, non-business) IMHO, all you really need to worry about is "am I faster than the other guy running from the bear?"

    Unless a really determined adversary is after you, a strong non-dictionary based WPA passphrase should suffice for good security. Unless of course, your Govt is after you
    lol, well if you're governments after you, i doubt wifi is going to be your biggest concern. and if that were the case, you just plain shouldn't be on the net. but you're right... what's the average motive for cracking someones wifi?
    boredom, curiosity, fun, free internet... i'm sure most would just break off and go for the easy kill. if not for the already dead (ie: my neighbors who leave their net wide open.)
    another good deterrent could be using those programs that spam out hundreds of false ssid's.

    lol so much for going offtopic.

Page 1 of 3 123 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •