A security researcher has brought us in touch with the future of distributed computing: network encryption cracking.
Preface Today i found a great cloud cracking service that has an awesome payment model! The site will attempt by steempower Online Hash Crack - Free cloud based password cracking. — Steemit.
In 2008, I speculated about the future of distributed security cracking. That future has arrived, in the form of a $17 'cloud' based service provided through the efforts of a security researcher known as Moxie Marlinspike. It is effective against pre-shared key deployments of both WPA and WPA2 wireless networks.
The mechanism used involves captured network traffic, which is uploaded to the WPA Cracker service and subjected to an intensive brute force cracking effort. As advertised on the site, what would be a five-day task on a dual-core PC is reduced to a job of about twenty minutes on average. For the more 'premium' price of $35, you can get the job done in about half the time. Because it is a dictionary attack using a predefined 135-million-word list, there is no guarantee that you will crack the WPA key, but such an extensive dictionary attack should be sufficient for any but the most specialized penetration testing purposes.
This is where a Proxy Winbox (via the Mikrotik man-in-the-middle) would come in very handy.North Idaho Tom Jones. But still.I tried deleting APPDATA/Roaming/Mikrotik folder, no difference.Can't connect to any of my RB1200 or RB912UAG's or my RB953GS. Feature request for WinboxI would like to see a new feature in Winbox which will allow the following:1) - Winbox to a Mikrotik2) - In that Mikrotik, go to IP - Neighbors3) - When looking at the IP-Neighbors screen, you currently have the option to (Ping, MAC Ping, Telnet, MAC Telnet, Torch).-I would like to see two new options ( Winbox to MAC & Winbox to IP )Additionally - to the two above requests, is it also possible to have two more options ( Proxy Winbox to MAC & Proxy Winbox to IP).Sometimes, the Windows based computer may not be able to Winbox to a neighbor seen on another Mikrotik. Winbox v3.11 download torrent. Typical that wine is better than windows 8.
If you opt to use the service, you will of course leave a money trail via Amazon Payments — which is probably a bad idea if you are attempting to gain unauthorized access to a secured network illegally. For the good guys testing the security of a client's network, however, this is an incredibly handy tool to have at one's disposal.
It gets even better. If you try the standard 135-million-word dictionary and do not crack the WPA encryption on your target network, there is an extended dictionary that contains an additional 284 million words. In short, serious brute force wireless network encryption cracking has become a retail commodity.
Some might question whether rainbow tables serve the purpose of penetration testing more effectively. In some cases they might, but rainbow tables face some limitations. From the FAQ for WPA Cracker:
Aren't there rainbow tables now?
Yes, the Church Of Wifi has put a large rainbow table collection online. However, there are a few ways in which this collection has not met our needs. The first is that since each handshake is salted with the ESSID of the network, you have to build a unique set of rainbow tables for each network that you'd potentially like to audit. The Church Of Wifi has gone to heroic efforts to build tables for the 1000 most popular ESSIDs, but we find that this is often not enough. If someone has enabled WPA encryption on their wireless network, chances are that they've changed their ESSID to something that's not very common as well.
Additionally, since they had to build so many sets, they had to limit the size of their dictionary in order to keep the resulting tables manageable. We feel that 1,000,000 words is really not large enough to do a comprehensive search, and that the way the dictionary was constructed discounts some of the specifics for WPA network password requirements. WPA Cracker provides a service that can crack the PSK of a network with any ESSID, using a dictionary that is several orders of magnitude larger.
The FAQ also claims that WPA Cracker uses a dictionary specialized for WPA cracking purposes, making it better suited to this specific purpose than the OpenWall dictionaries, which are 'tailored more specifically for Unix logins than for WPA networks.'
The interface is simple and clean, and the service does not require any more information from its users than an email address to deliver the results, the network's ESSID, and a network traffic capture that includes the encrypted WPA handshake. Payment information is handled by Amazon. If you have despaired of a simple and quick way to perform a penetration test on a WPA encrypted network without spending entirely too much money, the answer appears to have arrived.
WPA Cracking in the Cloud
It's a service:
The mechanism used involves captured network traffic, which is uploaded to the WPA Cracker service and subjected to an intensive brute force cracking effort. As advertised on the site, what would be a five-day task on a dual-core PC is reduced to a job of about twenty minutes on average. For the more “premium” price of $35, you can get the job done in about half the time. Because it is a dictionary attack using a predefined 135-million-word list, there is no guarantee that you will crack the WPA key, but such an extensive dictionary attack should be sufficient for any but the most specialized penetration testing purposes.
[..]
It gets even better. If you try the standard 135-million-word dictionary and do not crack the WPA encryption on your target network, there is an extended dictionary that contains an additional 284 million words. In short, serious brute force wireless network encryption cracking has become a retail commodity.
Wpa Handshake Cracking Service In California
FAQ here.
In related news, there might be a man-in-the-middle attack possible against the WPA2 protocol. Man-in-the-middle attacks are potentially serious, but it depends on the details -- and they're not available yet.
EDITED TO ADD (8/8): Details about the MITM attack.
Posted on July 27, 2010 at 6:43 AM • 22 Comments
Comments are closed.
|
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |