Penetration Testing mailing list archives
Re: Cracking WEP and WPA keys
From: Robin Wood <dninja () gmail com>
Date: Tue, 13 Dec 2005 17:20:50 +0000
I wasn't comparing anything, I was asking how realistic it is to crack the WPA key in 10 minutes. I'm asking as I was lead to believe that WEP could be cracked in minutes with brute force attacks but have found from experience that that is wrong, I am therefore now doubting the people who claim how easily WPA can be cracked Robin On 12/13/05, Joachim Schipper <j.schipper () math uu nl> wrote:
On Tue, Dec 13, 2005 at 10:09:21AM +0000, Robin Wood wrote:Hi I've just been on a wireless security course where there was a lot of talk about WEP keys being poor security and easily crackable. I got home and decided to put it to practice and use aircrack against my own WEP key. After around 4 hours I got bored ...All the examples I've seen seem to suggest that cracking should take minutes not hours and all keys should be crackable. What experiences do other testers have? Have I done something wrong? I abandoned the full attack after 5 hours as it was running with the default fudge factor of 2 so would probably not have managed to crack the key. I've also seen a video on the Remote Exploit site showing a WPA key cracked in 10 minutes using cowpatty and a dictionary attack. How realistic is this?I am not very good at this, since I do not own or care for wireless, but *do* take in mind that you're comparing a complete brute-force with a dictionary attack. It's not surprising that the dictionary attack is much faster, even against a better algorithm. Joachim ------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
Current thread:
- Cracking WEP and WPA keys Robin Wood (Dec 13)
- Re: Cracking WEP and WPA keys Dave Bush (Dec 13)
- Re: Cracking WEP and WPA keys Seth Fogie (Dec 13)
- Re: Cracking WEP and WPA keys Erin Carroll (Dec 13)
- Re: Cracking WEP and WPA keys Robin Wood (Dec 14)
- Re: Cracking WEP and WPA keys Robin Wood (Dec 14)
- Re: Cracking WEP and WPA keys Dave Bush (Dec 13)
- Re: Cracking WEP and WPA keys Seth Fogie (Dec 13)
- Re: Cracking WEP and WPA keys Joachim Schipper (Dec 13)
- Re: Cracking WEP and WPA keys Robin Wood (Dec 13)
- Re: Cracking WEP and WPA keys Michael Sierchio (Dec 13)
- Re: Cracking WEP and WPA keys marko ruotsalainen (Dec 14)
- <Possible follow-ups>
- RE: Cracking WEP and WPA keys Shenk, Jerry A (Dec 13)
- Re: Cracking WEP and WPA keys Alvin Oga (Dec 13)
- Re: Cracking WEP and WPA keys Seth Fogie (Dec 13)
- RE: Cracking WEP and WPA keys cerealkilla (Dec 15)
- RE: Cracking WEP and WPA keys Sahir Hidayatullah (Dec 16)
- RE: Cracking WEP and WPA keys Josh Perrymon (Dec 13)
- Re: Cracking WEP and WPA keys pagvac (Dec 14)
- Radio Signal Pent test (RFID) Louie (Dec 14)
(Thread continues...)
- Re: Cracking WEP and WPA keys Dave Bush (Dec 13)