Slashdot Mirror

← Back to Stories (view on slashdot.org)

Hashcat Developer Discovers Simpler Way To Crack WPA2 Wireless Passwords (hashcat.net)

Posted by msmash on from the closer-look dept.

New submitter Woodmeister shares a report: While looking for ways to attack the new WPA3 security standard, Hashcat developer Jens "Atom" Steube found a simpler way to capture and crack access credentials protecting WPA and WPA2 wireless networks. The attacker needs to capture a single EAPOL frame after requesting it from the access point, extract the PMKID from it by dumping the recieved frame to a file, convert the captured data to a hash format accepted by Hashcat, and run Hashcat to crack it. Once that's done, the attacker has the Pre-Shared Key (PSK), i.e. the password, of the wireless network. Depending on the length and complexity of the password and the power of the cracking rig, that last step could take hours or days. "The main difference from existing attacks is that in this attack, capture of a full EAPOL 4-way handshake is not required. The new attack is performed on the RSN IE (Robust Security Network Information Element) of a single EAPOL frame," Steube explained. This makes the attack much easier to pull off, as the attacker doesn't depend on another user and on being in range of both the user and the access point at the exact moment when the user connects to the wireless network and the handshake takes place.

29 of 150 comments (clear)

  1. Use good passwords by dlakelan · · Score: 4, Insightful

    A good password for wifi, since it doesn't really need to be memorized, is one generated by something like keepass2: 15 characters long random letters numbers and punctuation:

    DHDukBDL04Pt2ZT

    for example (note that is not a password I use, just one I randomly generated).

    Since no-one actually has to type this in more than once per device, it's really not a major problem that you can't memorize it.

    --
    ((lambda (x) (x x)) (lambda (x) (x x))) http://www.endpointcomputing.com a scientific approach to custom computing.
    1. Re:Use good passwords by gtwrek · · Score: 3, Interesting

      Someone's going to need to translate the likely length of a crack. The quote "that last step could take hours or days" isn't all that helpful.

      If we have a WPA2 (max) 63 printable ASCII character random password, is the crackable time of this attack still on the order of "a couple of days"?

      i.e. can casual users mitigate this attack by just increasing their WPA2 password length? To what size?

      Or is this attack some sort of end-around where the size of the WPA2 ascii key doesn't matter. It's not clear to me, but then again, I'm no security expert either...

    2. Re:Use good passwords by Anonymous Coward · · Score: 2, Insightful

      I sniff those too. Easy enough to spoof. Sometimes I have to wait for the impersonated device to be offline. Depends on the AP and the device.

    3. Re:Use good passwords by Anonymous Coward · · Score: 4, Interesting

      Very few of them, actually.

      Moreover, if some attacker is going to use this approach, (s)he is likely not looking for the easiest target on the block, but for the ones worthy of his/her attention because (s)he has specific plans. If someone a worthy target, the attacker just passes by the relevant house or office, collects the data, and patiently cracks it. It doesn't matter if it takes them 1 day or 50. If the target is worth and the crack is computationally feasible, they'll do it and wait as long as needed.

    4. Re:Use good passwords by Xenolith0 · · Score: 5, Informative

      MAC whitelists do NOTHING for security.

      First, anyone who can sniff the wifi traffic can see all the mac addresses.
      Second, in Linux you can change your MAC to whatever you want with one command:

      ip link set dev enp0s3 address DE:AD:BE:EF:CA:FE

    5. Re:Use good passwords by skoskav · · Score: 3, Insightful

      You clearly never have guests over.

    6. Re: Use good passwords by Anonymous Coward · · Score: 5, Funny

      What i have at home is a faraday cage with the router and a comfy chair inside it.

    7. Re: Use good passwords by c6gunner · · Score: 4, Insightful

      That's what a guest network is for. Enable it when they show up, disable it when they go away.

    8. Re: Use good passwords by Anonymous Coward · · Score: 5, Funny

      What am I, a network administrator? Who's got time for that

      I give them my neighbor's SSID and password, which I've cracked. Problem solved.

    9. Re: Use good passwords by Anonymous Coward · · Score: 2, Informative

      and use VLANs to ensure the guest network doesn't have access to anything but the internet.

    10. Re:Use good passwords by hawguy · · Score: 4, Insightful

      A good password for wifi, since it doesn't really need to be memorized, is one generated by something like keepass2: 15 characters long random letters numbers and punctuation:

      DHDukBDL04Pt2ZT

      for example (note that is not a password I use, just one I randomly generated).

      Since no-one actually has to type this in more than once per device, it's really not a major problem that you can't memorize it.

      It may not need to be memorized, but it does need to be typed into every Wifi device you own, sometimes through a clunky on screen or "scroll through the letters" LCD interface. So random string passwords are annoying enough that many people avoid them.

    11. Re: Use good passwords by Anonymous Coward · · Score: 3, Insightful

      might as well use ethernet, or tin cans with a string...

      R O

    12. Re:Use good passwords by Anonymous Coward · · Score: 2, Informative

      Basic combinatorics: (size of character set)^(number of characters in password) is the size of the key space. To span an equivalent key space with just ones and zeros, you need log2(size of key space) bits. There are 95 printable ASCII characters: log2(95^63)=413 bits. The actual key derived from the passphrase is just 128 bits long, so that's overkill. You can max out the key strength with just 22 randomly (!) chosen characters from uppercase+lowercase+numbers. If your password is not completely random (it contains words, you typed "randomly", etc.), then you need more characters.

    13. Re: Use good passwords by 93+Escort+Wagon · · Score: 2

      That's what a guest network is for. Enable it when they show up, disable it when they go away.

      Trivially easy to do on some routers, like Apple’s Airport series. Too bad they discontinued them...

      --
      #DeleteChrome
    14. Re:Use good passwords by marklark · · Score: 2

      Why couldn't I defeat port-knocking by watching for the connection behavior of successful users and then mimicking them? - spoofing MAC address, etc, if necessary.

    15. Re:Use good passwords by The-Ixian · · Score: 2

      I just used an NFC tag to put the password in. Stuck the tag to a central location in the house and any guest can just tap their phone to the tag.

      --
      My eyes reflect the stars and a smile lights up my face.
    16. Re: Use good passwords by Bender0x7D1 · · Score: 3, Funny

      might as well use ethernet, or tin cans with a string...

      That would require multiple dongles if he has a Mac.

      --
      Reading code is like reading the dictionary - you have to read half of it before you can go back and understand it.
  2. May as well put this into WiFi driver by mi · · Score: 2

    If it is as easy as described, we may as well add the functionality to the WiFi-drivers:

    1. Searching for WiFi-networks
    2. Connecting to Boo, because it has the strongest signal
    3. Cracking Boo's preshared key
    4. Verifying Internet-connectivity
    5. Connected! (Profit!)
    --
    In Soviet Washington the swamp drains you.
  3. Re:Bypassing login password by booting a different by Anonymous Coward · · Score: 3, Insightful

    You don't seem to understand this attack at all. It makes it possible to precompute the password to a WPA2-PSK network without having to wait for a valid client to authenticate against the network in the first place.

    So you can just walk around an apartment block with your phone asking each AP for the needed packet. Go back home, crack it all offline and come back doing automated attacks on every network. Each visit takes a few minutes each time instead of having to wait for a valid authorized client for each network. Can be dronified of course for extra flare.

    This breaks WPA2-PSK by making attacks trivial to do. I wonder how the Enterprise versions hold up.

  4. Re:How does this apply to full length keys? by TechyImmigrant · · Score: 4, Funny

    Like: 112364AB5F777752452A57CAC066DE0737DE451E0CC21BE86D01278A6050297B

    It won't take very log. You've already given us the password.

    --
    I should use this sig to advertise my book ISBN-13 : 978-1501515132.
  5. Just use a pass phrase, already by alispguru · · Score: 2

    The password for my home network is a correctly capitalized and punctuated sentence.

    Everyone on my network can spell, and knows where the shift key is, even the guests.

    --

    To a Lisp hacker, XML is S-expressions in drag.
  6. Re:How does this apply to full length keys? by IMightB · · Score: 4, Funny

    Like: 112364AB5F777752452A57CAC066DE0737DE451E0CC21BE86D01278A6050297B

    It won't take very log. You've already given us the password.

    All I see is **********************

  7. Simpler way ... by fahrbot-bot · · Score: 2

    ... obviously involves a $5 wrench.

    --
    It must have been something you assimilated. . . .
  8. Re: Bypassing login password by booting a differen by WaffleMonster · · Score: 4, Informative

    Was having fun with analogy.

    The computer user password is not to protect against local access to the data.

    PSK algorithm is not designed to protect against offline brute force campaigns. Well known property of PSK. It's why people have always had to chose increasingly absurdly long passwords to secure their APs.

    You need to encrypt the files or entire drive like you are planning.

    You need to use a secure authentication protocol like what's included with WPA3 to avoid susceptibility to offline brute force campaigns.

    Only for WPA3 they chose a crappy authentication protocol out of the gate opting for a balanced PAKE when better (augmented) versions are readily available on similar terms.

    Difference between balanced and augmented is a bit like the difference between a password file stored as plaintext or hashed.

    If it's hashed (augmented) and stolen someone needs to crack it before they can login as you. If it's plaintext (balanced) as what was selected for WPA3 they can login as you immediately without cracking it.

    A lifetime ago Cisco released an undocumented authentication protocol for username/password wireless authentication (LEAP) that was quickly revealed in all ways that mattered to essentially be MSCHAPv1.

    At the time of release shortcomings of MSCHAPv1 were well known. Surely someone must have known yet they went ahead and did it anyway. While not nearly as egregious the same theme is being repeated with WPA3. Better algorithms with better properties are readily available yet they elect to go forward with the inferior one anyway.

  9. Re: How does this apply to full length keys? by lgw · · Score: 2

    Exactly, unless you have thousands of super computers at hand.

    How important is cracking that password? It's quite easy to get 10000 cores working in parallel for $80 per core-year.

    If you're satisfied with it costing more to crack your password than it would cost for the attacker to just get his own Internet service, a medium-strong password is fine.

    --
    Socialism: a lie told by totalitarians and believed by fools.
  10. Re: How does this apply to full length keys? by ls671 · · Score: 2

    Exactly! The GP mentioned 10,000 cores like it was a big deal so I assumed that he meant CPU cores.

    The smallest Amazon P2 instance has 2500 GPU cores, the biggest has 40,000 GPU cores.

    Re-read the GP post and try to fit the price he mentioned with GPU cores offered by Amazon.

    https://aws.amazon.com/ec2/ins... .9$/2500*24*365 = 3.15360

    3.15$ by GPU core a year, not 80$ per core a year! So IMHO he meant CPU cores.

    Feel free to review my numbers, I did this quickly.

    Cheers,

    --
    Everything I write is lies, read between the lines.
  11. Run an open wifi by mea2214 · · Score: 2

    ...and you never have to worry about password or any of this BS. My open wifi in a densely populated neighborhood has been running for 6 1/2 years getting around 30 unique visitors/day, 200 unique visitors/month. Why are people so stingy with their wifi? Most everything is encrypted end to end nowadays.

    1. Re:Run an open wifi by piers_downunder · · Score: 2

      If I'm already doing illegal things, then locking down the password points the finger directly at me. At least in an open network, I have plausible deniability.

  12. Re:How does this apply to full length keys? by 14erCleaner · · Score: 2

    That used to be my password (or something very similar). It was a pain because I couldn't tell the 0 and O characters apart, and had to try a few dozen times to get it right each time.

    --
    Have you read my blog lately?