Slashdot Mirror

← Back to Stories (view on slashdot.org)

WPA-PSK Cracking As a Service

Posted by kdawson on from the get-out-of-the-cafe-quicker dept.

An anonymous reader writes "Moxie Marlinspike, a security researcher well known for his SSL/TLS attacks, today launched a cloud-based WPA cracking service, where for $34 you can test the security of your WPA password. The WPA Cracker Web site states: 'WPA-PSK networks are vulnerable to dictionary attacks, but running a respectable-sized dictionary over a WPA network handshake can take days or weeks. WPA Cracker gives you access to a 400CPU cluster that will run your network capture against a 135 million word dictionary created specifically for WPA passwords. While this job would take over 5 days on a contemporary dual-core PC, on our cluster it takes an average of 20 minutes.'"

17 of 175 comments (clear)

  1. Build a dictionary! by Anonymous Coward · · Score: 5, Insightful

    So for $34 you can make sure your password is part of their dictionary?

    1. Re:Build a dictionary! by supernova_hq · · Score: 4, Funny

      No no no no, when you submit your password it will only appear as ***** to them.

  2. Re:One problem by ctmurray · · Score: 3, Insightful

    I think the tool is not being sold to people wanting to crack into a WiFi network, rather selling to people so that they can test their WiFi network.

  3. Well at least you can say Moxie has Moxie. by al0ha · · Score: 4, Insightful

    $34 to see if your password can survive a dictionary attack? Hell pay me $20 and I'll gladly save you some money and provide you with a password guaranteed to be unbreakable by brute force. I'll even sign an NDA to ensure I don't disclose it to anyone but rest assured even I won't be able to remember it!

    --
    Did you ever wake up in the morning, with a Zombie Woof behind your eyes? -- FZ
    1. Re:Well at least you can say Moxie has Moxie. by chill · · Score: 5, Interesting

      I'll save 'em the full $34.

      Go here: https://www.grc.com/passwords.htm

      --
      Learning HOW to think is more important than learning WHAT to think.
    2. Re:Well at least you can say Moxie has Moxie. by Urd.Yggdrasil · · Score: 4, Informative

      Pfft, that's only pseudo random data, why settle when you can get true random data.

      https://www.fourmilab.ch/hotbits/secure_generate.html
      https://www.random.org/passwords/

    3. Re:Well at least you can say Moxie has Moxie. by Power_Pentode · · Score: 5, Funny

      Pfft, that's only pseudo random data, why settle when you can get true random data

      No "random" data that you get from the net should be trusted. I throw old 16-sided gaming dice to generate a transparent X-Y grid, which is then set over the top of my cat's litter box. The positions of the cat turds are normalized against a reference litter box and fed into a fancy matrix algorithm, the output of which is SHA4 hashed and truncated to make the WPA2 key.

  4. From the Article... by BulletMagnet · · Score: 3, Interesting

    "Marlinspike declined to say who operates his compute cluster"

    I guess he can't come out and say he's using botted boxes, right?

  5. Re:One problem by Korbeau · · Score: 5, Funny

    I think the tool is not being sold to people wanting to crack into a WiFi network, rather selling to people so that they can test their WiFi network.

    [x] Check this box if you are above the age of 18 and promise not to use this tool for malicious intends.

    [BUY NOW!!!]

  6. Re:One problem by vivian · · Score: 5, Insightful

    Alternatively you could actually not be an asshat, get on with your neighbour and negotiate with them (over a 6 pack of beer) to allow legal access in the event of an outage.

  7. Re:One problem by Gothmolly · · Score: 3, Insightful

    Isn't it cheaper, easier, and less douchebaggy to just get an aircard?

    --
    I want to delete my account but Slashdot doesn't allow it.
  8. Re:400 CPU cluster or 400 node botnet? by mzito · · Score: 5, Informative

    Actually, in this case, it's very straightforward. He's using Amazon EC2. EC2 charges by the hour, and all you have to do is spin up the number of servers you want. In fact, I happened to run the numbers on what the costs are for running 50 "8-core" servers, and it happens to be...$34/hour. So, what he did was say, "If I run two jobs an hour, I make a small amount of money. If I run 4-5 jobs per hour, I make more money"

    This is, of course, a textbook use case for EC2, and I'm surprised no one has done it sooner.

    --
    me@mzi.to
  9. Re:Cloud? (not a) by frosty_tsm · · Score: 4, Interesting

    They don't discuss it, but I wonder if they don't just fire up 400 Amazon instances, do the work, then shut them off. For $34 (an oddly specific number), they can't afford to have 400 CPUs around. However, if they allocate on a job-by-job basis, then their overhead is very low.

    This kind of work (high computation, high parallelization, infrequent request) might be the most brilliant and non-obvious use of cloud computing. Low overhead due to using someone else's hardware (rather than having 400 CPUs laying around). If this is truely what they are doing, I am very impressed.

  10. $34? I can undercut that. by smchris · · Score: 3, Funny

    For $30 I'll run the command-line random number generator I found on the web and send you a 60 digit number.

    If you act today, that's only 50 cents a number!

  11. Re:who uses WPA anyways? by mlts · · Score: 4, Interesting

    Believe it or not, there are some embedded devices which don't have the CPU juice for WPA2, so they were given a BIOS update so they can run something better than WEP as some form of security. WPA has its issues, but it sure beats WEP.

    The best wireless setup is to have two wireless SSIDs. Your internal one that runs off of WPA2-Enterprise, RADIUS server, and smart cards. Then an external one that has a stern packet filter and throttling mechanism. This way, people can log on your open wireless to check E-mail, but Limewire and other P2P apps will be stopped. Of course, someone can jump that, but if they do that, its not your problem anymore.

    I do see one use for MAC address security, and its more of a legal thing than computer protection. If a security breach criminal case winds up in court, and you can prove a potential intruder was bypassing your MAC security, it might land a conviction. Otherwise, someone can make up a story of you allowing people to have your WPA2 passwords, etc.

  12. Re:One problem by Just+Some+Guy · · Score: 3, Interesting

    Living in fear must suck, huh? I have 4 open WiFi networks available to me at the moment (in a subdivision with 1/2-acre lots, not in a dense apartment complex). I've hopped onto a neighbor's network when my phone was out, and I have DHCP logs showing when they've been on mine. If I got hit with a subpoena, it'd be a piece of cake to show how many other people are using my router. That's a lot better approach for me and my neighbors than shutting each other out in a moral panic.

    --
    Dewey, what part of this looks like authorities should be involved?
  13. Re:Cloud? (not a) by wagnerrp · · Score: 4, Interesting

    A medium 'high-cpu' linux instance at Amazon is $0.17/hr.

    ($0.17/hr) x (20min) x (400 instances) = $22.66666... +50% = exactly $34