Slashdot Mirror


WPA-PSK Cracking As a Service

An anonymous reader writes "Moxie Marlinspike, a security researcher well known for his SSL/TLS attacks, today launched a cloud-based WPA cracking service, where for $34 you can test the security of your WPA password. The WPA Cracker Web site states: 'WPA-PSK networks are vulnerable to dictionary attacks, but running a respectable-sized dictionary over a WPA network handshake can take days or weeks. WPA Cracker gives you access to a 400CPU cluster that will run your network capture against a 135 million word dictionary created specifically for WPA passwords. While this job would take over 5 days on a contemporary dual-core PC, on our cluster it takes an average of 20 minutes.'"

4 of 175 comments (clear)

  1. Re:One problem by Korbeau · · Score: 5, Funny

    I think the tool is not being sold to people wanting to crack into a WiFi network, rather selling to people so that they can test their WiFi network.

    [x] Check this box if you are above the age of 18 and promise not to use this tool for malicious intends.

    [BUY NOW!!!]

  2. $34? I can undercut that. by smchris · · Score: 3, Funny

    For $30 I'll run the command-line random number generator I found on the web and send you a 60 digit number.

    If you act today, that's only 50 cents a number!

  3. Re:Build a dictionary! by supernova_hq · · Score: 4, Funny

    No no no no, when you submit your password it will only appear as ***** to them.

  4. Re:Well at least you can say Moxie has Moxie. by Power_Pentode · · Score: 5, Funny

    Pfft, that's only pseudo random data, why settle when you can get true random data

    No "random" data that you get from the net should be trusted. I throw old 16-sided gaming dice to generate a transparent X-Y grid, which is then set over the top of my cat's litter box. The positions of the cat turds are normalized against a reference litter box and fed into a fancy matrix algorithm, the output of which is SHA4 hashed and truncated to make the WPA2 key.