Page 1 of 3 123 LastLast
Results 1 to 10 of 21

Thread: Faster WPA hash cracking

  1. #1
    Just burned his ISO
    Join Date
    May 2010
    Posts
    6

    Default Faster WPA hash cracking

    Well, I'm not that expert, but I think here is the best place where I can discuss about this.

    So, basically to crack a WPA network, you capture the handshake packets in order to obtain the key hash right? After that the only way to retrieve the plain text key is to perform a brute force attack on this hash, wait and pray.

    The brute force attack provided by the aircrack suite usually tests 400 - 600 keys per second.

    Recently I was looking for hash cracking when I found a technique called Time-Memory Tradeoff. They say its cappable of testing up to 100.000 keys per second (WTF?).

    A benchmark is shown in the picture bellow:



    This is from the Raibow Crack project, really worth take a look at it... Rainbow Project.

    I was wondering if that wouldn't be usefull for also cracking WPA hash.

    If I said anything stupid please let me know, I'm just trying to help anyway.

  2. #2
    Super Moderator Archangel-Amael's Avatar
    Join Date
    Jan 2010
    Location
    Somewhere
    Posts
    8,012

    Default Re: Faster WPA hash cracking

    wpa and wpa2 are basically the same thing.
    WPA vs WPA2 (802.11i): How your Choice Affects your Wireless Network Security | Openxtra

    Keep reading and learning though you are trying and that's a good thing.

  3. #3
    Developer
    Join Date
    Mar 2007
    Posts
    6,126

    Default Re: Faster WPA hash cracking

    I think what windhawk is missing is that those graphs and charts do not take into account the time it takes to actually make the "rainbow" table. I may be able to crack at 100,000 keys per second but if it took me a few days to make the table, thats not very accurate.

    The other major difference is that once a ntlm hash table is created it will work with any hash, this is not the case with wpa because the essid is salted into the hash. This means that every time you have a different essid you would have to create a new hash table which is once again , time consuming.

  4. #4
    Just burned his ISO
    Join Date
    May 2010
    Posts
    6

    Default Re: Faster WPA hash cracking

    Quote Originally Posted by purehate View Post
    I think what windhawk is missing is that those graphs and charts do not take into account the time it takes to actually make the "rainbow" table. I may be able to crack at 100,000 keys per second but if it took me a few days to make the table, thats not very accurate.

    The other major difference is that once a ntlm hash table is created it will work with any hash, this is not the case with wpa because the essid is salted into the hash. This means that every time you have a different essid you would have to create a new hash table which is once again , time consuming.
    I see your point. I hadn't realized that WPA used salted hashes, this makes the method mentioned above useless.

    Well, one more question before this topic dies. I don't see many people talking about aircrack-ng + CUDA yet.

    Is there any obvious reason that I'm missing?

  5. #5
    Just burned his ISO
    Join Date
    May 2010
    Location
    Bronx,NY
    Posts
    1

    Default Re: Faster WPA hash cracking

    im not an expert either but , im working in a project ,im trying to set up my ps3 to crack hash file password because i heard from some source that the power of the ps3 processor is awesome , have you ever heard about it ?

  6. #6
    Just burned his ISO
    Join Date
    May 2010
    Posts
    6

    Default Re: Faster WPA hash cracking

    Quote Originally Posted by TheDarkTangent View Post
    im not an expert either but , im working in a project ,im trying to set up my ps3 to crack hash file password because i heard from some source that the power of the ps3 processor is awesome , have you ever heard about it ?
    Sounds really good. How far have you gone?

  7. #7
    Just burned his ISO
    Join Date
    Apr 2010
    Location
    Kansas
    Posts
    11

    Default Re: Faster WPA hash cracking

    Actually WPA and no AES variants of WPA2 are vulnerable to differential cryptanalysis methods as well. If you knew enough plain text you could derive the key just by looking at the traffic.

  8. #8
    Member CKing's Avatar
    Join Date
    Mar 2010
    Location
    downtown, riverfront
    Posts
    83

    Default Re: Faster WPA hash cracking

    Quote Originally Posted by windhawk View Post
    I see your point. I hadn't realized that WPA used salted hashes, this makes the method mentioned above useless.

    Well, one more question before this topic dies. I don't see many people talking about aircrack-ng + CUDA yet.

    Is there any obvious reason that I'm missing?
    look into pyrit

  9. #9
    Just burned his ISO
    Join Date
    May 2010
    Posts
    6

    Default Re: Faster WPA hash cracking

    Quote Originally Posted by CKing View Post
    look into pyrit
    Yeah, there is an obvious reason.

    Talking about that and the previous message.... I saw this guy running pyrit in a PS3.

    He was doing some tweaking but as far as I saw, it was around 30.000 PMK/s.

    Pretty interesting huh?

  10. #10
    Member CKing's Avatar
    Join Date
    Mar 2010
    Location
    downtown, riverfront
    Posts
    83

    Default Re: Faster WPA hash cracking

    pyrit with its cal based core is even more interesting. dealing with ati drivers is a nightmare though.

Page 1 of 3 123 LastLast

Similar Threads

  1. hash cracking tool in bt4
    By zals07 in forum OLD Newbie Area
    Replies: 2
    Last Post: 12-02-2009, 04:02 PM
  2. Replies: 2
    Last Post: 10-16-2009, 12:13 PM
  3. more APs = faster speed
    By zemen in forum OLD General IT Discussion
    Replies: 7
    Last Post: 01-12-2009, 05:56 PM
  4. Cowpatty hash table wpa cracking
    By Stephen1000000 in forum OLD Newbie Area
    Replies: 2
    Last Post: 05-22-2008, 08:35 AM
  5. Cracking MD4 Password Hash
    By loftrat in forum OLD Newbie Area
    Replies: 12
    Last Post: 09-15-2007, 04:01 AM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •