Slashdot Mirror

← Back to Stories (view on slashdot.org)

GPUs Used To Crack WiFi Passwords Faster

Posted by ryuzaki0 on from the security-tools-yeah-right dept.

MojoKid writes "Russian-based ElcomSoft has just released ElcomSoft Wireless Security Auditor 1.0, which can take advantage of both Nvidia and ATI GPUs. ElcomSoft claims that the software uses a 'proprietary GPU acceleration technology,' which implies that neither CUDA, Stream, nor OpenCL are being utilized in this instance. At its heart, what ElcomSoft Wireless Security Auditor does is perform brute-force dictionary attacks of WPA and WPA2 passwords. If an access point is set up using a fairly insecure password that is based on dictionary words, there is a higher likelihood that a password can be guessed. ElcomSoft positions the software as a way to 'audit' wireless network security."

4 of 189 comments (clear)

  1. Re:Brute-force password guessing not a problem by Anonymous Coward · · Score: 5, Informative

    My WPA password is larger than 15 characters.

    Isn't best practice greater than 32 for WPA? The maximum is 63 I believe.

  2. Great Program by JimmyRay_TWTV · · Score: 5, Informative

    I tested this program for a upcoming show and I really liked it. The cost is high for most regular folks, so it is geared more towards Government/Commercial. For a nice open source option, I also recommend Pyrit. I had a few issues importing Aircrack files, but most of those have been resolved.

    --
    Jimmy Ray Ecc 5:19
  3. It counts as a tool, like a hammer or pocketknife. by Medievalist · · Score: 5, Insightful

    they can legally sell this because...

    They live in a culture that has more commercial freedom than yours, apparently. Given that they are in Russia, that's a sad commentary on wherever you live.

    why? just because they claim to be an 'auditor' means they can profit from a cracker?

    Because it's a tool. You can cave people's heads in with a hammer, you can assassinate the pope with a kitchen knife. They are tools, they have no moral dimension. Even a thumbscrew can be used for moral purposes, such as a doorstop that keeps cute fuzzy puppies from running on to train tracks.

    Effective tools amplify your ability to do things you want to do. They don't make it necessary or possible for you to commit crimes; your will and your circumstances are what makes you a criminal.

    I have used wifi crackers to audit networks in my workplace with the full knowledge of my employer. I have never used one to commit a crime, ever. It's just a tool.

  4. Re:Brute-force password guessing not a problem by wastedlife · · Score: 5, Informative

    From the product website:

    Elcomsoft Wireless Security Auditor works completely in off-line, undetectable by the Wi-Fi network being probed, by analyzing a dump of network communications in order to attempt to retrieve the original WPA/WPA2-PSK passwords in plain text.

    TFA is misunderstanding the way the app functions, it listens to the network until a certain amount of information has been sent, then attempts to decrypt that data locally. Sending wave after wave of login attempts is easily detectable and would almost certainly bottleneck somewhere at the network level before CPU.

    --
    Said, "It's just like dice but it's got more sides And it tells me who lives and who dies"