Results 1 to 3 of 3

Thread: WPA Bruteforce cracking questions

  1. #1
    Blast From the Past
    Join Date
    Jan 2003

    WPA Bruteforce cracking questions

    Its been a verrry long time since I have posted on this site. wayy too long.

    I have gone from Geeksquad to a NOC Tech for Applied Systems, insurance software company. A+ certified. Net+ certified.. I have been busy.

    I will preface this post, with the knowledge that I am on patron. Happy New Year all

    I have been thinking lately.. about WPA cracking.

    I want to crack a WPA key via bruteforce. I have a few Nvidia CUDA compatible gpu's to work with as well.

    But I would also like to see how long I can with something much smaller. Such as a netbook.

    The key complexity I will be working with.

    Password: 10-digit Numbers only.
    SSID: Known - WPA keys are salted. to speed up the cracking time I will test a scenario where I know the SSID in advance.

    If anyone has any good tutorials please link them.

    One thing specifically I would like to test, would be crack time via brute force vs crack time with a database of precompiled keys.

    Is it even possible to setup a bruteforce program to use a pre-compiled database? Or maybe something more simple like just a text or xml file that has the keys within.

    It has been awhile since I have done anything in the security field. Its the new year, I want to take the winter and have some fun.

    Those of you that want to just post "This has already been done" dont bother. I will still attempt the process myself just to have that satisfaction.

    Thank you all for the read. Again, Happy New year!

    work it harder, make it better, do it faster, makes us stronger

  2. #2
    Just Another Geek
    Join Date
    Jul 2002
    Rotterdam, Netherlands
    Quote Originally Posted by hexadecimal View Post
    Is it even possible to setup a bruteforce program to use a pre-compiled database?
    Yes, it's called a rainbow table.
    Oliver's Law:
    Experience is something you don't get until just after you need it.

  3. #3
    I posted a topic the other day, it may or maynot be useful:>

    Yesterday, Stefan over at .braindump released a white paper detailing vulnerabilities in the WiFi Protected Setup (WPS) protocol that allows attackers to recover WPA/WPA2 passphrases in a matter of hours.

    This is a capability that we at TNS have been testing, perfecting and using for nearly a year. But now that this vulnerability has been discussed publicly we have decided to announce and release Reaver, our WPS attack tool, to the open source community. Reaver is capable of breaking WPS pins and recovering the plain text WPA/WPA2 passphrase of the target access point in approximately 4-10 hours (attack time varies based on the access point).
    While we have released Reaver as an open source project, we also offer a commercial version with additional features and functionality as well as a support plan. Since nearly all access points manufactured in the past few years have WPS support enabled by default, attacking WPS provides several advantages over attacking WPA directly:

    1. Cracking the WPS pin is, obviously, much faster.
    2. Once you have the WPS pin you can instantly recover the WPA passphrase, even if the owner changes the passphrase.
    3. Access points with multiple radios (2.4/5GHz) can be configured with multiple WPA keys. Since the radios use the same WPS pin, knowledge of the pin allows an attacker to recover all WPA keys.

    Of course the disadvantage is that WPS can be disabled. However, in our experience even security experts with otherwise secure configurations neglect to disable WPS; further, some access points don't provide an option to disable WPS, or don't actually disable WPS when the owner tells it to.
    To learn more about Reaver, visit our product page, or the open source project on Googlecode.

    Taken from HERE

Similar Threads

  1. Asking smart questions
    By pwaring in forum Other Tutorials Forum
    Replies: 60
    Last Post: October 22nd, 2004, 09:15 PM
  2. Read Me First
    By Negative in forum The Security Tutorials Forum
    Replies: 12
    Last Post: June 2nd, 2004, 01:09 AM
  3. about mozilla
    By moonstar550 in forum AntiOnline's General Chit Chat
    Replies: 10
    Last Post: April 10th, 2004, 02:03 AM
  4. Spy Sweeper- OpenSite spyware???
    By al1aprize in forum Spyware / Adware
    Replies: 23
    Last Post: March 15th, 2004, 01:24 AM
  5. How To: Crack a File
    By SpydaByte in forum AntiOnline's General Chit Chat
    Replies: 1
    Last Post: January 20th, 2003, 10:55 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts