no_one
@qwest.net
| reply to Thane_Bitter
Re: WPA cracking, are you scared yet?
said by Thane_Bitter  :"The SSID and the SSID length is seeded into the passphrase hash. This means that the passphrase of 'password' will be hashed differently on a network with the SSID of 'linksys' than it will on a network with the SSID of 'default'."
»hak5.org/forums/index.php?showto···ry128919If you use a standard SSID like "default", "linksys", or any of the other ones they included in the table it allows a hacker to more efficiently crack a WAP that is using a weak password. Assuming you do use a SSID on the list but have a 63 digit random string (numbers, uppercase & lower case letters, punctuation and the rest of the keys usable on a keyboard) the would still have to crack your WAP via brute force because the rainbow lists would not have the processed shortcuts for your wireless key. By using a unique SSID the rainbow list would have to be recomputed for that SSID, even then it would only allow the hacker to crack your password if the key was in the dictionary that was used to make the list. In short, the rainbow lists works as an efficient universal tool to crack poorly secured wireless networks with greater speed. thanks learned something. |
|
DataRiker
Premium
join:2002-05-19
Metairie, LA
clubs:
| reply to Thane_Bitter
said by Thane_Bitter :In short, the rainbow lists works as an efficient universal tool to crack poorly secured wireless networks with greater speed. I would take it even further. Consider the following password:
ddg7
We would both agree this is a weak password. But using precomputed hash table will surely fail because they can not possible contain significant amount of permutations as the space required to store the table would be astronomically large.
For a dictionary attack yes, but most passwords I have encountered in the wild ( all actually ) would not be found in a dictionary - such as most last names - a first initial and a last name - a name with a number - random spacing and caps. |
|
DataRiker
Premium
join:2002-05-19
Metairie, LA
clubs:
1 edit | reply to Thane_Bitter
Very well put. Technically they are not "rainbow" tables, but rather precomputed hash tables.
These precomputed tables are somewhat of a useless sensation, since many users like to use passwords that include their last name or their last name plus a number.
For example, the biggest freely available PCT for SSID linksys will fail if i just used my last name for a password (like many people do - or even worse my last name plus a number)
PCT's will fail 99.99%.
Why don't they include numbers you ask? or even simple permutations - do you have 1 trillion GB's to spare? |
|
Thane_Bitter
join:2005-01-20
London, ON
 ·Bell Sympatico
| reply to no_one
"The SSID and the SSID length is seeded into the passphrase hash. This means that the passphrase of 'password' will be hashed differently on a network with the SSID of 'linksys' than it will on a network with the SSID of 'default'."
»hak5.org/forums/index.php?showto···ry128919
If you use a standard SSID like "default", "linksys", or any of the other ones they included in the table it allows a hacker to more efficiently crack a WAP that is using a weak password. Assuming you do use a SSID on the list but have a 63 digit random string (numbers, uppercase & lower case letters, punctuation and the rest of the keys usable on a keyboard) the would still have to crack your WAP via brute force because the rainbow lists would not have the processed shortcuts for your wireless key.
By using a unique SSID the rainbow list would have to be recomputed for that SSID, even then it would only allow the hacker to crack your password if the key was in the dictionary that was used to make the list.
In short, the rainbow lists works as an efficient universal tool to crack poorly secured wireless networks with greater speed. |
|
no_one
@qwest.net | reply to CraftyPirate
How does knowing my SSID make a password easier to guess, hack? My password is random gibberish also with the special symbols used.
Sure if you use a password that goes along with the SSID theme but a random password? |
|
Anav
Sarcastic Llama? Naw, Just Acerbic
Premium
join:2001-07-16
Dartmouth, NS
1 edit | reply to CraftyPirate
What scares me is that, although these irresponsible and fearmongering types of post will have no effect on most of us, they may send more sensitive types into a tizzy quite needlessly. Case in point, see pg1.  |
|
Nerdtalker
Working Hard, Or Hardly Working?
Premium,MVM
join:2003-02-18
Tucson, AZ
clubs:
| reply to CraftyPirate
I'm still nowhere near concerned. Sure, WPA and WPA2 aren't invincible, but the level of protection they offer compared to the other options (WEP or nothing) is huge.
Anyone who really cares about what they're doing and sensitive data just uses a VPN. If you really care that much, you'd be doing so.
I use a 20 character PSK with upper and lower case letters, as well as numbers and symbols. Am I concerned in the least? Uh, no.
--
"Some people never see the light till it shines thru bullet holes." -Bruce Cockburn
I'm testing Gmail's spam filters: Broadbandreports1@gmail.com
Spam: 12900+ messages currently using 406 MB. |
|
JohnInSJ
Premium
join:2003-09-22
San Jose, CA
 ·Comcast
| reply to fonzbear2000
said by fonzbear2000 :And if they do anything illegal using your connection and take off, you would be held responsible. I take it you're not a lawyer.
If you're that worried about it, I suggest you unhook your wifi AP, dig a hole in your back yard, and bury it there.
--
My place : »www.schettino.us |
|
fonzbear2000
Premium
join:2005-08-09
Saint Paul, MN
| reply to JohnInSJ
What if it's someone who is in a car with a laptop and they do it and then leave your area. How would they be found? And if they do anything illegal using your connection and take off, you would be held responsible.
--
»Check this out! |
|
JohnInSJ
Premium
join:2003-09-22
San Jose, CA
·Comcast
| reply to fonzbear2000
They they get arrested, since the broke the law (by hacking my network) to gain access.
If I am running an open network then I might be responsible. If someone splices into my cable or hacks my wifi, I don't think I am.
Do you think you are? Really?
--
My place : »www.schettino.us |
|
fonzbear2000
Premium
join:2005-08-09
Saint Paul, MN
| reply to CraftyPirate
For those of you saying things like: "so what if someone hacks my network? Let them" and so on, what if someone hacks your network and starts downloading child porn?
--
»Check this out! |
|
Its a Secret
Whatever
Premium
join:2008-02-23
U B Funny
·Shaw
| reply to Tonice2007
said by Tonice2007 :My question to you is what technology isn't hackable? Depends on how many decades you have to crack it. 
If you can crack a 63 ASCII PW in a reasonable amount of time (days, not millinea), people will pay you a lot. Again, feel free to try.
--
"In the future, that which is not mandatory will be illegal"
"Nobody knows the age of the human race, but everybody agrees that it is old enough to know better" - Anonymous |
|
munky99999
Munky
join:2004-04-10
canada
clubs: | reply to Tonice2007
quote:
My question to you is what technology isn't hackable? The answer is nothing
wpa2(aes) with a radius server. Cant see that being busted atm. |
|
Tonice2007
Premium
join:2005-12-20
Brooklyn, NY
| reply to CraftyPirate
My question to you is what technology isn't hackable? The answer is nothing, elsewise, there wouldn't be new technology such as WPA then WPA2 and before that WEP; it all depends on how many people use the technology and how "secure" the technology is.
Why does Microsoft products have more holes then other manufactures? It's because, it's a bigger target to hackers since the number of users of the software is more then other versions/manufactures, for an instance is a MAC computer more secure then a Windows? Not really, but Windows have more "holes" because more people hack it since Windows holds a bigger market share.
So, in the end what can you do about this security breach with WPA? Use all the characters available to you and don't only use letters, use everything you can and change your "password" every 3 months or so, so that if someone comprises your connection you can respond quickly if needed. |
|
tipstir
join:2004-11-14
Enfield, CT
·Cox HSI
2 edits | reply to CraftyPirate
Those who are really into this crap, why bother talking about this. Most of us only worried about having a stable wireless in the dwelling then to worry about someone trying to get into the wireless. AES-EAP next gen though more expensive.. Time to mow the lawn.. |
|
Anav
Sarcastic Llama? Naw, Just Acerbic
Premium
join:2001-07-16
Dartmouth, NS | reply to CraftyPirate
Can we close this non-thread yet?? My cup of java is almost empty. |
|
Its a Secret
Whatever
Premium
join:2008-02-23
U B Funny
1 edit | reply to antdude
C'mon over to BC. I make a mean dark roast!  |
|
antdude
A Ninja Ant
Premium,VIP
join:2001-03-25
| reply to Its a Secret
said by Its a Secret :*yawn* Please feel free to try to hack my AP. I'll even bring you coffee. Lots of it... Where so we can get free coffee? |
|
Its a Secret
Whatever
Premium
join:2008-02-23
U B Funny | reply to CraftyPirate
*yawn*
Please feel free to try to hack my AP. I'll even bring you coffee. Lots of it... |
|
Lasko
@qwest.net
| reply to CraftyPirate
quote:
so therefore without forehand knowledge of the ssid,
You mean like not receiving the signal from the AP? If you are able to receive the signal from the AP you are able to see the SSID in cleartext. So how do you have no forehand knowledge of the SSID? Could you explain this, please? I think F430 and other are correct - use a unique SSID and don't bother trying to hide it since you are only fooling yourself.
BTW - brute force attacks are nothing new - they are far older then electronic communication. The weaker your passphrase the more likely the attack will succeed. If you use a good passphrase knowing the SSID is not going to have a measurable effect on the success/failure of the attack. |
|
