main
Report a problem

GPU-Accelerated Wi-Fi password cracking goes mainstream

Andrew Lyle   on 24 January 2009 - 08:43 · 36 comments & 11864 views

Advertisement (Why?)
The once thought 8 character length password may no longer be safe, after the GPU-accelerated password recovery attack can break weak WPA/WPA-2 PSK passwords.

The Elcomsoft Wireless Security Auditor mentioned that its software can work completely off-line and find passwords by analyzing a dump of network communications, and display them in plain-text. The Wireless Security Auditor does require the source of a valid log of wireless communication.



Experts have urged IT managers to move from 8 character WMP passwords to 12 or 15, in a quote from David Hobson: "It's a wake-up call to IT managers, pure and simple. IT managers should now move to 12 and even 16 character keys as a matter of urgency. It's not very user-friendly, but the potential consequences of staying with eight character keys do not bear thinking about."

Places like Mumbai, India, have pushed law enforcement to take action with a wardriving police unit that locates insecure wireless networks, with laptops around the city, and notifies the owner of the network to secure their routers. Recent report suggestions that an estimated 88% of wireless networks in Mumbai are unsecured and encouraged police to take action to prevent the commission of a cognizable offence.


Share this Article

  • Technorati
  • Magnolia
  • Stumble upon it
  • Reddit
  • Blink List
  • Delicious
  • Slashdot
  • Furl
  • Facebook
  • Windows Live
  • Google
  • Newsvine
  • Yahoo
  • RawSugar
  • Netvouz

About the Author

Full name: Andrew Lyle
User name: Andrew Lyle
Contact: via forum PM
Submissions: View All
More: View Bio   New!

Related news

 

Post a comment · Send to friend Comments · There are 36 additional comments
(2 replies) #1 xSuRgEx on 24 Jan 2009 - 16:14
this is old news same artical was posted on other security website's a week or so ago.
#1.1 Navan on 24 Jan 2009 - 16:50
xSuRgEx said,
this is old news same artical was posted on other security website's a week or so ago.

So what?
Glad to read about the steps taken in Mumbai.
#1.2 tiagosilva29 on 24 Jan 2009 - 17:10
If that is true, theyarecomingforyou will (rightfully) post in this thread about plagiarism in 3, 2, 1...
#2 McDave on 24 Jan 2009 - 17:15
Well if you have not heard about this before it's good to know.

I don't understand why people don't secure their networks and use a strong key. Like a 63 random alpha-numeric. That gives (52^63) = 1.283x10^108 combinatins if you exclude numbers.
#3 creamhackered on 24 Jan 2009 - 17:17
in Windows 7 the router security stuff is cool, you can use the button (on new routers) to auto configure Windows 7 clients
#4 Michael1406 on 24 Jan 2009 - 17:27
In Mumbai they warn you if your wireless is insecure, but in the UK they'd rather hack your wireless network to see if there is anything illegal there. Hmm.
(2 replies) #5 PrEzi on 24 Jan 2009 - 18:17
Has no-one noticed that a single 4870 is up to 30% faster than a GTX280 ?
#5.1 Intelman on 24 Jan 2009 - 18:23
Yeah, so? ATI has a great lineup with the 4xxx.
#5.2 PrEzi on 24 Jan 2009 - 19:44
Intelman said,
Yeah, so? ATI has a great lineup with the 4xxx.

Exactly (I own one) but I didn't think it will outperform 280's by a such large margin.
(2 replies) #6 gollux on 24 Jan 2009 - 18:34
Time to start writing whole novels for use as a password. We probably should start with about 2048 words.
#6.1 Intelman on 24 Jan 2009 - 18:47
Is this even effective for passwords that look like serial numbers.
#6.2 michaelof36 on 25 Jan 2009 - 03:34
I was just thinking about that! Password requirements reaching a minimum of 2048 letters and numbers! Screw that!
(1 reply) #7 Tikitiki on 24 Jan 2009 - 18:53
So basically it sniffs a few encrypted packets and then brute forces combinations until it gets a proper standard header from the packet?

Yikes... I think it's time to move on from words and start using sentences for our passwords lol
#7.1 xSuRgEx on 24 Jan 2009 - 20:57
Tikitiki said,
So basically it sniffs a few encrypted packets and then brute forces combinations until it gets a proper standard header from the packet?

Yikes... I think it's time to move on from words and start using sentences for our passwords lol



no the program only brute forces. you need to capture the data packets with another tool. commview for wifi etc.....
(1 reply) #8 roadwarrior on 24 Jan 2009 - 18:55
The once thought 8 character length password may no longer be safe,


What exactly were you trying to say there, because that makes no sense?
#8.1 Davo on 24 Jan 2009 - 22:36
It's easy to understand, it's just in Yoda speak. It should probably read, "The 8 character length password, once thought to be safe, may no longer be."
#9 aarste on 24 Jan 2009 - 19:08
err wow, those GPUs sure outperform CPUs, when can we start running our ATI cards as CPUs? :p
(5 replies) #10 IbSta on 24 Jan 2009 - 19:10
What if you have MAC filtering enabled?
#10.1 Digitalfox on 24 Jan 2009 - 19:38
IbSta said,
What if you have MAC filtering enabled?


Good question.. I was thinking the same..
#10.2 PrEzi on 24 Jan 2009 - 19:51
Digitalfox said,
Good question.. I was thinking the same..


It's the easiest to break.
You sniff up the network, find some MACs that connect to it and spoof it.
Bang ! You're in. Simple - ain't it ?
Did that in a few minutes.
#10.3 fc77 on 24 Jan 2009 - 20:03
PrEzi said,
It's the easiest to break.
You sniff up the network, find some MACs that connect to it and spoof it.
Bang ! You're in. Simple - ain't it ?
Did that in a few minutes.


MAC filtering will just give you a false sense of security. It should be banned because some people use it as the only security measure for their wireless network.
#10.4 lylesback2 on 24 Jan 2009 - 21:28
That is a good question, but hard to test, because the problem is $599. I think someone said something about a free trial, but not sure how the results will return.
#10.5 Team C0re on 25 Jan 2009 - 23:39


Last edited by Team C0re on 25 Jan 2009 - 23:52
(4 replies) #11 Intelman on 24 Jan 2009 - 19:51
I want try the trial out, but I need something to capture packets with, any suggestions?

Maybe something that works with the 4965AGN, or atheros chipset.
#11.1 PrEzi on 24 Jan 2009 - 19:53
Intelman said,
I want try the trial out, but I need something to capture packets with, any suggestions?

Maybe something that works with the 4965AGN, or atheros chipset.


Commview for Wifi, Wireshark, there are lots of tools. Google for them.
#11.2 Tikitiki on 24 Jan 2009 - 20:39
PrEzi said,
Intelman said,
I want try the trial out, but I need something to capture packets with, any suggestions?

Maybe something that works with the 4965AGN, or atheros chipset.


Commview for Wifi, Wireshark, there are lots of tools. Google for them.


Actually Wireshark doesn't work afaik. It's not on their list of supported tools and Wireshark doesn't seem to have the ability to export the formats that this app requires.
#11.3 S7un7 on 25 Jan 2009 - 00:16
In reply to the card needed..........it must support promiscuous mode. The Intel card only supports it in latest Linux Kernels. The intel 3945 doesn't support it at all (afaik). Atheros has supported it for years. As far as programs, Aircrack works great under Linux as does TCPdump. Both have been ported to Windows but you may need to find special drivers for your wireless card to get it in promiscuous mode under Windows. My suggestion is use Linux. You can always move the capture files to another platform to process if needed.
#11.4 Intelman on 25 Jan 2009 - 04:45
I just want to do it to do it, to see it in action. Do any live distros come with these tools. Maybe Knoppix...
#12 9UnknownMen on 24 Jan 2009 - 23:46
That detail must be awesome. War driving a major city basically surfing the net all day and still be called police detective. Mumbai has to worry about regulating their cell networks more than wi-fi.
#13 darkpuma on 25 Jan 2009 - 00:47
brute force... so cant they just limit the number of attempts/timeframe rather than making sentence long passwords?? SHouldn't be that hard IMO, but im drunk so maybe im just not htinking clearyly

-nm am drunk, just reread the article and i understand now. crazy stuff
(1 reply) #14 skynetXrules on 25 Jan 2009 - 09:34
what if the password is non-English word , wouldn't that raise the possibilities/ make it so hard ?
#14.1 S7un7 on 26 Jan 2009 - 02:37
Brute force will eventually hit the right combination of letters. You only have 52^n combinations where n is the length of the key. This software is going through 3,144,000 combinations per minute. So yes, it makes it a tiny bit harder but not close to impossible like using random letters, numbers, and symbols @ a length of 63 characters.
(1 reply) #15 -Vivicidal- on 25 Jan 2009 - 12:50
Why does no-one use the full 63 charcters? I know I do!
#15.1 lylesback2 on 25 Jan 2009 - 19:11
-Vivicidal- said,
Why does no-one use the full 63 charcters? I know I do!

because then you need to write it down, or save it in a text file for copy and paste, and that isn't very secure
#16 neoraptor on 26 Jan 2009 - 10:20
Funny!

The chars are around 70, meaning the combinations are 70^8. When I calculated with 50 chars and a 8000 pass per sec i got 159 years if i have not mistaken something.
#17 boho on 27 Jan 2009 - 11:20
I've never managed to do it, even using the tools used by security experts. More scare stories. If you apply for a job at my company, we give you a computer AND a password. We even allow employees to login via Terminal Services and VPN, over the internet. Another scare mongering non story...

Commenting has either been disabled on this article or you are not logged in. Click here to login or register, its free!

Note: Anonymous commenting is disabled in order to keep the quality of responses to a high standard.

Advertisement (Why?)
News powered by Neowin Management System (Build - 5.0.1390) © 2000 - 2008 Neowin.net