CyberInsecure.com

Daily cyber threats and internet security news: network security, online safety and latest security alerts
December 7th, 2009

Service Cracks Wireless Passwords From The Cloud

A security researcher has unveiled a low-cost service for penetration testers that checks the security of wireless networks by running passwords against a 135-million-word dictionary.

The WPA Cracker is a cloud-based service that accesses a 400-CPU cluster. For $34, it can run a password against all 135 million entries in about 20 minutes. Those willing to wait 40 minutes can pay $17 to access the system at half mode.

In addition to operating in the cloud, the service is also notable because its dictionary has been set up specifically for cracking Wi-Fi Protected Access passwords. While Windows, Unix and other systems allow short passwords, WPA pass codes must contain a minimum of eight characters. Its entries use a variety of words, common phrases and “elite speak” that have been compiled with WPA networks in mind.

WPA Cracker is used by capturing a wireless network’s handshake locally and then uploading it, along with the network name. The service then compares the PBKDF2, or Password-Based Key Derivation Function, against the dictionary. The approach makes sense, considering each handshake is salted using the network’s ESSID, a technique that makes rainbow tables only so useful.

WPA Cracker is being launched by researcher Moxie Marlinspike. More about the service at http://www.wpacracker.com

Credit: The Register

Share this item with others:

More on CyberInsecure:
  • Trojans Likely To Follow Win 7 Activation Hack
  • Web Sessions Over Protected Wireless Networks Can Be Hijacked With An Android App
  • Locked iPhone Allows Passwords Theft And Decryption
  • New Tool For Graphics Cards Threaten Wireless Networks Encryption
  • Microsoft Keyboards, Media Devices Under Attack By Open-source Kit

    • Posted in Hardware, Software, Vulnerabilities | Print This Post Print This Post

    This entry was posted on Monday, December 7th, 2009 at 9:41 pm and is filed under Hardware, Software, Vulnerabilities. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

    If you found this information useful, consider linking to it from your own website.
    Just copy and paste the code below into your website (Ctrl+C to copy)
    It will look like this: Service Cracks Wireless Passwords From The Cloud

    Leave a Reply

    Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.

    *
    To prove you’re a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.

    « «
    » »