Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Cracking WEP and WPA keys

from [Robin Wood] Network Security [Permanent Link]
Subject: Re: Cracking WEP and WPA keys
Date: Tue, 13 Dec 2005 17:20:50 +0000 
I wasn't comparing anything, I was asking how realistic it is to crack
the WPA key in 10 minutes.

I'm asking as I was lead to believe that WEP could be cracked in
minutes with brute force attacks but have found from experience that
that is wrong, I am therefore now doubting the people who claim how
easily WPA can be cracked

Robin

On 12/13/05, Joachim Schipper <j.schipper@math.uu.nl> wrote:

On Tue, Dec 13, 2005 at 10:09:21AM +0000, Robin Wood wrote:

Hi
I've just been on a wireless security course where there was a lot of talk
about WEP keys being poor security and easily crackable. I got home and
decided to put it to practice and use aircrack against my own WEP key.

After around 4 hours I got bored ...



All the examples I've seen seem to suggest that cracking should take minutes
not hours and all keys should be crackable. What experiences do other
testers have? Have I done something wrong? I abandoned the full attack after
5 hours as it was running with the default fudge factor of 2 so would
probably not have managed to crack the key.

I've also seen a video on the Remote Exploit site showing a WPA key cracked
in 10 minutes using cowpatty and a dictionary attack. How realistic is this?


I am not very good at this, since I do not own or care for wireless, but

*do* take in mind that you're comparing a complete brute-force with a
dictionary attack. It's not surprising that the dictionary attack is
much faster, even against a better algorithm.

                Joachim

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers 
do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------




------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: 

Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are 
futile against web application hacking. Check your website for vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers do! 
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Cracking WEP and WPA keys, Dave Bush
Next by Date:  Re: Cracking WEP and WPA keys, Erin Carroll
Previous by Thread:  Re: Cracking WEP and WPA keys, Joachim Schipper
Next by Thread:  Re: Cracking WEP and WPA keys, Michael Sierchio
Indexes:  [Date] [Thread] [Top] [All Lists]