Wi-Fi Security: Cracking WPA With CPUs, GPUs, And The Cloud
Test Setup
References in this article to WPA can be read as "WPA/WPA2." Furthermore, the techniques used in this article are unaffected by TKIP or AES encryption.
Desktop Hardware | Notebook(Lenovo ThinkPad T410) | |
---|---|---|
Processor | Intel Core i5-2500K (Sandy Bridge), 3.3 GHz, LGA 1155, 6 MB Shared L3 | Intel Core i5-540M (Arrandale), 2.53 GHz, PGA 988, 3 MB Shared L3 |
Motherboard | Asrock Z68 Extreme4 | - |
Memory | Kingston Hyper-X 8 GB (2 x 4 GB) DDR3-1333 @ DDR3-1333, 1.5 V | Crucial DDR3-1333 8 GB (2 x 4 GB) |
Hard Drive | Samsung 470 256 GB | Seagate Momentus 5400.6 500 GB |
Graphics | Palit GeForce GTX 460 1 GBNvidia GeForce GTX 590AMD Radeon HD 6850AMD Radeon HD 6990 | Nvidia Quadro NVS 3100M |
Power Supply | Seasonic 760 W, 80 PLUS | - |
Network Card | AirPcap Nx USB Adapter | AirPcap Nx USB Adapter |
System Software and Drivers | ||
Operating System | Windows 7 Ultimate 64-bitBacktrack 5 64-bit | |
DirectX | DirectX 11 | |
Windows Drivers | AirPcap 4.1.2Catalyst 11.6Nvidia 275.33 | AirPcap 4.1.2 |
Linux Drivers | Catalyst 11.6Nvidia 275.09.07 | - |
Software | |
---|---|
Cain & Abel | Version: 4.9.40 |
Aircrack-ng | Version: 0.70 |
Elcomsoft Wireless Security Auditor | Version: 4.0.211 Professional Edition |
Pyrit | Version: 0.4.1-dev |
The majority of tests in this article were performed in the field, facilitating an exploration of network security under real-world conditions. There were a few situations where the signal strength of our target network prevented us from proceeding further in our experiments, though. In those rare cases, we used our Cisco Linksys E4200, which we set up to use 802.11g at 2.4 GHz.
Stay on the Cutting Edge
Join the experts who read Tom's Hardware for the inside track on enthusiast PC tech news — and have for over 25 years. We'll send breaking news and in-depth reviews of CPUs, GPUs, AI, maker hardware and more straight to your inbox.
Current page: Test Setup
Prev Page How Secure Is Your Wireless Network? Next Page Network Security: The First Line Of Defense-
fstrthnu Well it's good to see that WPA(2) is still going to hold out as a reliable security measure for years to come.Reply -
runswindows95 The 12 pack of Newcastles works for me! Give that to me, and I will set you up on my wifi! Free beer for free wifi!Reply -
Pyree runswindows95The 12 pack of Newcastles works for me! Give that to me, and I will set you up on my wifi! Free beer for free wifi!Reply
Then either beer at your place is really expensive or internet is really cheap. Need 6x12 pack for me. -
compton Thanks for another article that obviously took a lot of work to put together. The last couple of articles on WiFi and archive cracking were all excellent reads, and this is a welcome addition.Reply -
mikaelgrev "Why? Because an entire word is functionally the same as a single letter, like "a." So searching for "thematrix" is treated the same as "12" in a brute-force attack."Reply
This is an extremely wrong conclusion. Extremely wrong. -
What about the permutations of the words?Reply
i.e ape can be written:
ape, Ape, aPe, apE, APe, aPE, ApE, APE.
Thats 2^3=8 permutations. Add a number after and you get (2^3)*(10^1)=80 permutations.
You can write PasswordPassword in 2^16=65536 ways.
How about using a long sentence as a password?
i.e MyCatIsSuperCuteAndCuddly, thats 2^25 permutations :) -
molo9000 Any word on MAC address filtering?Reply
Can you scan for the MAC addresses? It's probably easy to get and fake MAC adresses, or it would have been mentioned.
*scans networks*
12 networks here,
1 still using WEP
10 allowing WPA with TKIP
only 1 using WPA2 with AES only (my network) -
agnickolov Considering my WPA password is over 20 characters long I should be safe for the foreseeable future...Reply -
aaron88_7 "12345, that's amazing, I've got the same combination on my luggage!"Still makes me laugh every time!Reply