Posts Tagged ‘WPA’

New sweeping WPA Cracker & its alternatives

Tuesday, December 8th, 2009

It’s a well-know fact that WPA-PSK networks are vulnerable to dictionary attacks, though one cannot but admit that running a respectable-sized dictionary over a WPA network handshake can take days or weeks.

A low-cost service for penetration testers that checks the security of wireless networks by running passwords against a 135-million-word dictionary has been recently unveiled. The so-called WPA Cracker is a cloud-based service that accesses a 400-CPU cluster. For $34, it can run a password against all 135 million entries in about 20 minutes. Want to pay less, do it for $17 and wait 40 minutes to see the results.

Another notable feature is the use of the dictionary that has been set up specifically for cracking Wi-Fi Protected Access passwords. While Windows, UNIX and other systems allow short passwords, WPA pass codes must contain a minimum of eight characters. Its entries use a variety of words, common phrases and "elite speak" that have been compiled with WPA networks in mind.

WPA Cracker is used by capturing a wireless network's handshake locally and then uploading it, along with the network name. The service then compares the PBKDF2, or Password-Based Key Derivation Function, against the dictionary. The approach makes sense, considering each handshake is salted using the network's ESSID, a technique that makes rainbow tables only so useful.

Everything seems to be perfect, but for the fact that there exists another alternative to crack WPA passwords which allows to reach the same speed. Just instead of installing a 400-CPU cluster, it’s possible to set 4 top Radeons or about two Teslas and try Elcomsoft Wireless Security Auditor.

Elcomsoft Wireless Security Auditor: WPA-PSK Password Audit

Wireless Security Survey

Wednesday, April 22nd, 2009

The key findings of the survey of the 35860 wireless networks (in 12 Indian cities) are:

  • 37% appeared to be unprotected.
  • 49% were using WEP encryption.
  • Balance 14% were using the more secure WPA/WPA2.

The authors say that this makes around 86% of the observed wireless networks vulnerable, but we’d add that remaining 14% are not totally secure. Why? Check our Wireless Security Auditor :)

Fastest video card

Tuesday, April 14th, 2009

As you may guess, it is ATI Radeon HD 4890 X2. It is not available yet, but coming soon. We’re very impatient to try our WPA password recovery software there.

An article Best Graphics Cards For The Money: April ’09 : March Review/April Updates also worth reading.

ATI, NVIDIA and WPA/WPA2 passwords

Friday, April 10th, 2009

In case if you missed it: new ATI Catalyst drivers (9.4) now available (you can read the release notes for details). For some reason, some driver files have been renamed (well, not in 9.4, but in 9.3 released a bit earlier, though that version was really buggy and we cannot recommend to use it anyway), and our WPA password recovery (audit) software was not able to recognize Radeon cards anymore.

Well, to make the long story short: simply download the latest ATI Catalyst drivers and updated Elcomsoft Wireless Security Auditor :). Just note that this (new) version of EWSA will not work with drivers version 9.1 or older.

In the meantime, NVIDIA CUDA 2.2 (beta) released. Does that actually matter? Yes, because NVIDIA Tesla C1060 and S1070 are now officially supported on Windows. Besides, we need to have a look at Zero-copy support for direct access to system memory, because it may speed-up the GPU-enabled password cracking on some particular algorithms.

WPA Benchmark

Monday, April 6th, 2009

Here are the benchmarks for WPA recovery; we’ve run tests on one of the most powerful modern CPUs and a bunch of GPUs. Even GTX 280 outperformed Core 2 Quad Q6600:

wpa_benchmark2