×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

GPUs Used To Crack WiFi Passwords Faster

CmdrTaco posted more than 5 years ago | from the security-tools-yeah-right dept.

189

MojoKid writes "Russian-based ElcomSoft has just released ElcomSoft Wireless Security Auditor 1.0, which can take advantage of both Nvidia and ATI GPUs. ElcomSoft claims that the software uses a 'proprietary GPU acceleration technology,' which implies that neither CUDA, Stream, nor OpenCL are being utilized in this instance. At its heart, what ElcomSoft Wireless Security Auditor does is perform brute-force dictionary attacks of WPA and WPA2 passwords. If an access point is set up using a fairly insecure password that is based on dictionary words, there is a higher likelihood that a password can be guessed. ElcomSoft positions the software as a way to 'audit' wireless network security."

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

189 comments

It's red (-1, Offtopic)

Anonymous Coward | more than 5 years ago | (#26464647)

Because it's 'hot' off the presses. Stop asking.

Re:It's red (-1, Troll)

MyLongNickName (822545) | more than 5 years ago | (#26464789)

Hello. I have Karma to burn and this is for a worthy cause.

Khan died yesterday. This should be the biggest news story of the day, clearly bigger than Steve's medical absence. Yet nothing on Slashdot. Where are the stories? Instead, I have to learn about it on CNN. What has Slashdot come to?

Mod me down if you will. But if you are like me, and a little piece of your trekkie sold has died, mod me up, or better yet, tell the story about the first time you saw him in the movie.

Brute-force password guessing not a problem (2, Interesting)

morgan_greywolf (835522) | more than 5 years ago | (#26464681)

But brute force-password guessing isn't a problem if you a choose a long enough password with a large enough character set - letters, numbers, symbols. My WPA password is larger than 15 characters. Good luck without a Beowulf cluster of those -- and even then, it better have a LOT of those GPUs.

Re:Brute-force password guessing not a problem (5, Informative)

Anonymous Coward | more than 5 years ago | (#26464725)

My WPA password is larger than 15 characters.

Isn't best practice greater than 32 for WPA? The maximum is 63 I believe.

Re:Brute-force password guessing not a problem (2)

morgan_greywolf (835522) | more than 5 years ago | (#26464837)

I hadn't heard that, but a totally random 63 character password would be ideal, yes. Note that I didn't say how much greater it is than 15. ;) But anything over 15 characters is probably secure enough for most home users.

Re:Brute-force password guessing not a problem (3, Insightful)

Shakrai (717556) | more than 5 years ago | (#26464973)

But anything over 15 characters is probably secure enough for most home users.

15 characters using the full set of letters/numbers/symbols on your keyboard works out to ~98 bits of entropy. That's probably sufficient. I usually use at least 20 characters (~131 bits) but that's probably just my paranoia. If you are worried about somebody breaking a password that secure then you have bigger problems than your neighbor using your wi-fi connection. In this case I hope you are paying your team of armed guards well and trust that they won't betray you ;)

Re:Brute-force password guessing not a problem (1)

morgan_greywolf (835522) | more than 5 years ago | (#26465133)

In this case I hope you are paying your team of armed guards well and trust that they won't betray you ;)

I have a mote populated with sharks -- with friggin' LASER BEAMS attached to their heads!

Re:Brute-force password guessing not a problem (4, Insightful)

ShieldW0lf (601553) | more than 5 years ago | (#26465819)

Maybe I'm dense, but how the hell does flooding a wireless card with brute force dictionary attacks bottleneck on computation speed? You create your dictionary, once, you stick it on a hard drive, you stream it at your target through the wireless networking card, you wait.

This product seems like a bunch of bullshit to me. Even if they did come up with some particularly clever algorithm for creating more effective dictionaries and speed it up GPUs, there's no need to recreate a dictionary every time you're doing a brute force attack.

Re:Brute-force password guessing not a problem (1)

sholsinger (1131365) | more than 5 years ago | (#26465967)

I guess the idea is that you don't have to wait as long. Which to some people is probably worth something. (time? money?)

If it is really being used to audit your passwords, then time is important. The auditor has other places to be, and other things to do. So waiting for the brute force attack to go through is just non-value-added. So reducing that time is important.

Re:Brute-force password guessing not a problem (5, Informative)

wastedlife (1319259) | more than 5 years ago | (#26466053)

From the product website:

Elcomsoft Wireless Security Auditor works completely in off-line, undetectable by the Wi-Fi network being probed, by analyzing a dump of network communications in order to attempt to retrieve the original WPA/WPA2-PSK passwords in plain text.

TFA is misunderstanding the way the app functions, it listens to the network until a certain amount of information has been sent, then attempts to decrypt that data locally. Sending wave after wave of login attempts is easily detectable and would almost certainly bottleneck somewhere at the network level before CPU.

Re:Brute-force password guessing not a problem (1)

citizenr (871508) | more than 5 years ago | (#26466661)

it listens to the network until a certain amount of information has been sent

no, it listens for certain KIND of information to be send, particularly association. In order to get that info you just have to disconnect a client, sniff for 5 seconds and go home.

Re:Brute-force password guessing not a problem (1)

gsgriffin (1195771) | more than 5 years ago | (#26466281)

You're exactly right, and I have the same thoughts. The wireless signal, at best an 'n', is never going to bottleneck a regular Pentium 4. Even if they are talking about combining words from the dictionary, that is not a lot of processing power. The only difference could be if the article is written wrong, and they are actually trying to take the encryption from an intercepted wireless singal and decode it into words from the dictionary. Then they are decoding and trying variation from the dictionary that might fit the encryption pattern.

Re:Brute-force password guessing not a problem (0)

Anonymous Coward | more than 5 years ago | (#26466689)

A mote? You might want to replace that with a moat. Far more effective.

Re:Brute-force password guessing not a problem (0)

Anonymous Coward | more than 5 years ago | (#26465285)

I dont' have a reference but the problem is that each character in a WPA passphrase doesn't add 8 bits to the key. I think it only adds 2 or 3. This is why you need longer passphrases.

Re:Brute-force password guessing not a problem (1)

morgan_greywolf (835522) | more than 5 years ago | (#26465677)

Well, you're right. Here's your reference [wifinetnews.com]. Each character provides about 2.5 bits of security:

How the PSK is used in WPA and 802.11i

The PSK provides an easily implemented alternative for the PMK as compared to using 802.1X to generate a PMK. A 256bit PSK is used directly as the PMK. When the PSK is a passphrase, the PMK is derived from the passphrase as follows:

PMK = PBKDF2(passphrase, ssid, ssidLength, 4096, 256)

Where the PBKDF2 method is from PKCS #5 v2.0: Password-based Cryptography Standard. This means that the concatenated string of the passphrase, SSID, and the SSIDlength is hashed 4096 times to generate a value of 256 bits. The lengths of the passphrase and the SSID have little impact on the speed of this operation.

The PTK is a keyed-HMAC function using the PMK on the two MAC addresses and the two nonces from the first two packets of the 4-Way Handshake. This is why the whole keying hierarchy falls into the hands of anyone possessing the PSK, as all the other information is knowable.

However, even using an offline attack, this article's author still says a PSK of about 20 characters should be enough for most purposes. I tend to agree.

Re:Brute-force password guessing not a problem (2, Interesting)

sakdoctor (1087155) | more than 5 years ago | (#26464747)

Since you generally never have to type a WPA key in, might as well go for maximum entropy.

https://www.grc.com/passwords.htm [grc.com]

Re:Brute-force password guessing not a problem (4, Informative)

Spazztastic (814296) | more than 5 years ago | (#26464807)

Since you generally never have to type a WPA key in, might as well go for maximum entropy.

https://www.grc.com/passwords.htm [grc.com]

Or not even using something that is transmitted over the internet and is TRULY random:

dd if=/dev/urandom bs=200 count=1 | tr -cd 'A-Za-z0-9!@#$%^&*()_+'; echo

Credits go to someone from the Stupid (Useful) Linux tricks thread.

Re:Brute-force password guessing not a problem (2, Insightful)

Anonymous Coward | more than 5 years ago | (#26464917)

Not to be picky but you would need to use /dev/random and have enough entropy to make this TRULY random (assuming we live in a non-deterministic universe).

Re:Brute-force password guessing not a problem (2, Informative)

AlXtreme (223728) | more than 5 years ago | (#26464957)

Or not even using something that is transmitted over the internet and is TRULY pseudorandom:

There, fixed that for you.

Re:Brute-force password guessing not a problem (0)

Anonymous Coward | more than 5 years ago | (#26465217)

GP surely meant /dev/random, which is a proper non-pseudo RNG.

Re:Brute-force password guessing not a problem (0)

thornomad (1095985) | more than 5 years ago | (#26465289)

dd if=/dev/urandom bs=200 count=1 | tr -cd 'A-Za-z0-9!@#$%^&*()_+'; echo

This didn't work on my mac *frown*. I got an error: tr: Illegal byte sequence

Is tr different on the mac than linux?

Re:Brute-force password guessing not a problem (4, Funny)

buchner.johannes (1139593) | more than 5 years ago | (#26465993)

dd if=/dev/urandom bs=200 count=1 | tr -cd 'A-Za-z0-9!@#$%^&*()_+'; echo

Don't use that, I use that as a password already!

I tried (0)

Anonymous Coward | more than 5 years ago | (#26466209)

But I don't think the passphrase dialog liked the spaces between the words, nor the quote characters... ;-)

Re:Brute-force password guessing not a problem (1)

chill (34294) | more than 5 years ago | (#26466643)

Who are you really and what type of stunt are you trying to pull here!

chill@E520:~$ dd if=/dev/random bs=200 count=1 | tr -cd 'A-Za-z0-9!@#$%^&*()_+'; echo

0+1 records in
0+1 records out
8 bytes (8 B) copied, 5.73129 s, 0.0 kB/s
P

chill@E520:~$
chill@E520:~$ dd if=/dev/random bs=200 count=1 | tr -cd 'A-Za-z0-9!@#$%^&*()_+'; echo
0+1 records in
0+1 records out
8 bytes (8 B) copied, 4.90066 s, 0.0 kB/s
Qd

A password of "P"?! Or a password of "Qd"?!!

[Okay, for those that don't get the humor. The dd command generates 200 binary bytes of random data and the tr command strips out the valid password characters. Since the source is random, there will be a random number of valid characters in the stream. In those two examples, all that was generated as valid was "P" and "Qd". Earlier runs for me generated 50+ character valid passwords. WPA's limit is 63 character password length, so I suggest multiple runs and paste a couple together to get all 63 characters.]

Re:Brute-force password guessing not a problem (4, Informative)

Shakrai (717556) | more than 5 years ago | (#26464815)

I question the wisdom of relying on a third party website to generate passwords for you. At least they are using ssl but how do you know they aren't keeping those passwords? How do you know they are generating them with real entropy?

Diceware [std.com] is a better bet, IMHO. You can generate them offline and with a good set of dice you get real entropy. You can use the instructions on that webpage to generate totally random passwords or to generate passwords with words in them that are easy to remember but still pretty secure/random.

Re:Brute-force password guessing not a problem (2, Insightful)

necro81 (917438) | more than 5 years ago | (#26465033)

I question the wisdom of relying on a third party website to generate passwords for you. At least they are using ssl but how do you know they aren't keeping those passwords? How do you know they are generating them with real entropy?

If you are worried about it, but still don't want (or for some reason, can't) generate a random character string locally, you could always have the website generate several passwords, then combine them yourself in some random way. For instance, you could swap blocks from each string, or reverse the order of one of them and XOR the characters together.

Re:Brute-force password guessing not a problem (1)

evanbd (210358) | more than 5 years ago | (#26465839)

If you're worried about the source or transmission channel being compromised (or malicious) you've just inserted *several* bits of entropy. A good password needs 64 bits or more if you want to protect against this sort of attack. A presumed compromised source of random data supplies zero bits of entropy. This is really something you need to do on your own machine, if not manually. Rolling dice just isn't that hard.

Re:Brute-force password guessing not a problem (2, Insightful)

radish (98371) | more than 5 years ago | (#26465489)

For something like a WPA passphrase (it's not really the key) the actual amount of "randomness" isn't important provided whatever you use isn't in whatever dictionary the attacker is using. Once the dictionary attack is exhausted they're going to have to move onto simple one-by-one testing, and being "more random" or "less random" has no real meaning. Eventually they'll hit the right one, it's just a matter of how long that takes, which is a matter of luck and what order they test them in :)

Re:Brute-force password guessing not a problem (1)

evanbd (210358) | more than 5 years ago | (#26465893)

Modern guessers start modifying the dictionary and evaluating things in a prioritized order based on how far away they are from it. Until your password bears no visible relationship to the dictionary, you're too close; it's not just a simple in vs out question. If you care about your password, you need to make a serious evaluation of how many bits of entropy it contains, and assume the attacker can guess in a priority order that will limit its effectiveness to that many bits. If you only have 30 bits of entropy, you should assume your attacker can guess it in half a billion tries or so; making assumptions that he'll be inefficient is a *bad* idea.

Re:Brute-force password guessing not a problem (1)

radish (98371) | more than 5 years ago | (#26466475)

Oh I agree, I think maybe I wasn't clear. Obviously your password has to look *nothing* like anything in the dictionary, that's a given. I was just saying that using one prng vs another slightly more random one won't make a lot of difference. You don't need a cryptographically strong rng for generating a passphrase.

Re:Brute-force password guessing not a problem (1)

rob1980 (941751) | more than 5 years ago | (#26465687)

I question the wisdom of relying on a third party website to generate passwords for you. At least they are using ssl but how do you know they aren't keeping those passwords?

To what end, though? Gibson is probably too busy trying to scare everybody with latest_security_hole_02782 to bother to hack into your wireless router anyway.

Re:Brute-force password guessing not a problem (0)

Anonymous Coward | more than 5 years ago | (#26465979)

I question the wisdom of relying on a third party website to generate passwords for you. At least they are using ssl but how do you know they aren't keeping those passwords?

To what end, though?

Step 1: Distribute incredibly complex passwords to paranoid users looking to thwart brute force attacks.
Step 2: Add all generated passwords to your brute force library.
Step 3: Profit until someone drags out an old meme and exposes your diabolical scheme!

Re:Brute-force password guessing not a problem (1)

ribasushi (1264638) | more than 5 years ago | (#26465193)

Could you elaborate on the "you generally never have to type a WPA key" bit? I am genuinely interested in how to setup a no-touch-password credential distribution system. Reading links most welcome (superfluous googling didn't help much).

Re:Brute-force password guessing not a problem (2, Informative)

MasterOfMagic (151058) | more than 5 years ago | (#26465419)

Take anything that Steve Gibson claims with at least a grain of salt, preferably a whole shaker [google.com].

This is the same person that flat out accused Microsoft of putting the WMF exploit in Windows purposely so they'd have a way to get into any system. He had to backpeddal quickly from that claim.

Pardon me if I don't trust his judgment or his code.

Re:Brute-force password guessing not a problem (0)

Anonymous Coward | more than 5 years ago | (#26466029)

He also thought that WinXP shipping with raw sockets was going to be the end of the interwebs due to DDoS bots having more power now.

Re:Brute-force password guessing not a problem (2, Informative)

jellomizer (103300) | more than 5 years ago | (#26464943)

guessmypassword
123456789111111
                  012345

isn't a good password.
Most Brute Force attacks are a little smarter then 1,2,3,.....,ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ
Lets go threw the dictionary first (Caps on, Caps Off and caps with the first letter and without it).
Lets go threw the dictionary and followed by numbers between 0,99999999
Do the same with the numbers prefix the dictionary word.
Try Numeric Combinations.
Try Alpha Combinations.
Finally try everything else.

So by adding More CPU's You can crack most passwords in usable order of magnitude faster.

All the GPU is really doing is just working as an addition processor array for calculations. No big deal everyone though about using them for parallel processing once they got near the power of most CPUs.
It is just using them for evil purpose.

Re:Brute-force password guessing not a problem (1)

morgan_greywolf (835522) | more than 5 years ago | (#26465371)

guessmypassword
123456789111111
                                    012345

isn't a good password.

That's why you gotta read my whole post -- you need letters, numbers and symbols. Mixed case also. My password is also not based on a dictionary word and means something only to me.

formulas make brute-force password guessing easy! (2, Insightful)

Medievalist (16032) | more than 5 years ago | (#26465787)

You need letters, numbers and symbols. Mixed case also.

If you follow such a formula black hats know more about your password than if you don't, so their brute force attacks from 10,000 node botnets just got exponentially faster. You made the key space smaller when you eliminated all possible passwords that do not contain letters, numbers, symbols and mixed case.

My password is also not based on a dictionary word and means something only to me.

That's a far better strategy.

Myself, I ignore all "rules" and "formulas" for password generation and use 64 characters or more for important passwords. Until this became possible (I'm old) I always used the maximum number of characters allowed (so old, I had to use six-character passwords for decades).

Back in the day, college students and security auditors used to routinely brute passwords without dictionaries because MVS and RSX had such short passwords.

Re:Brute-force password guessing not a problem (2, Funny)

Anonymous Coward | more than 5 years ago | (#26465467)

Lets go threw the dictionary first ...
Lets go threw the dictionary and ...

Please quit throwing dictionaries. Those things are heavy and they hurt.

Re:Brute-force password guessing not a problem (0)

Anonymous Coward | more than 5 years ago | (#26465757)

... also, the contraction of 'let us' uses an apostrophe.

Re:Brute-force password guessing not a problem (1)

XcepticZP (1331217) | more than 5 years ago | (#26465727)

You can go "through" a dictionary. That's probably what you meant to write.

But then again, English has some really awkward words and pronunciations.

Me thinks we need English 2.0 to come out soon. English 1.0 is way too ambiguous.

Re:Brute-force password guessing not a problem (1)

hannson (1369413) | more than 5 years ago | (#26466309)

One thought about password cracking.

Isn't the collision of the cypher one attack vector in brute force cracking?

I allowed my friend to test his brute force attack on my computer once, he didn't get the password but got another that gave the same hash.

Slashvertisement Alert (1)

Spazztastic (814296) | more than 5 years ago | (#26464711)

ElcomSoft Wireless Security Auditor runs on Windows NT SP4, Windows 2000, Windows XP, Windows Vista, Windows Server 2003, and Windows Server 2008. The software ordinarily sells for $1,199, but is currently selling at half price ($599.5) until March 1, 2009.

And just in time for getting blogged about!

does it count as 0day? (0, Flamebait)

CheshireFerk-o (412142) | more than 5 years ago | (#26464713)

they can legally sell this because... why? just because they claim to be an 'auditor' means they can profit from a cracker?

Why wouldn't they be able to sell it? (0)

Anonymous Coward | more than 5 years ago | (#26465123)

It's not clear why you think it can't be sold or given away.

At least you don't claim it's a DMCA violation.

Re:does it count as 0day? (2, Insightful)

plague3106 (71849) | more than 5 years ago | (#26465521)

What's illegal about it? If you're using it against your own network to test the strenght of your settings, I see nothing wrong with that. The question isn't why can they sell this legally, but why WOULDN'T they be able to do so? Given that any tool can always be used in bad ways, I don't think that should be enough to outlaw the tool itself.

It counts as a tool, like a hammer or pocketknife. (5, Insightful)

Medievalist (16032) | more than 5 years ago | (#26465947)

they can legally sell this because...

They live in a culture that has more commercial freedom than yours, apparently. Given that they are in Russia, that's a sad commentary on wherever you live.

why? just because they claim to be an 'auditor' means they can profit from a cracker?

Because it's a tool. You can cave people's heads in with a hammer, you can assassinate the pope with a kitchen knife. They are tools, they have no moral dimension. Even a thumbscrew can be used for moral purposes, such as a doorstop that keeps cute fuzzy puppies from running on to train tracks.

Effective tools amplify your ability to do things you want to do. They don't make it necessary or possible for you to commit crimes; your will and your circumstances are what makes you a criminal.

I have used wifi crackers to audit networks in my workplace with the full knowledge of my employer. I have never used one to commit a crime, ever. It's just a tool.

I heard you can use this.. (-1, Troll)

Anonymous Coward | more than 5 years ago | (#26464733)

... Steve Job's AIDS infection to crack it faster

Time travel (1)

IceCreamGuy (904648) | more than 5 years ago | (#26464755)

Russian-based ElcomSoft has just released ElcomSoft Wireless Security Auditor 1.0...

"Just" released? Like, a month [arstechnica.com] ago? Or was that just the announcement?
I think the key point with all this, though, is just don't use dictionary words in your passwords... for anything... ever. The same company makes software for all kinds of password systems, so just don't do it.

without dictionary words being involved, cracking is still quite intensive: perhaps three months to crack a lowercase-only random eight-character password using a PC with two Nvidia GTX 280 video cards.

Re:Time travel (1, Interesting)

Anonymous Coward | more than 5 years ago | (#26465889)

Yep. As Bruce Schneier notes in Applied Cryptography, simply cycling a 256-bit counter (eg, random 8 byte password, just express it as a hex string if you like) would take more energy than is released by a typical supernova.

In other words, if your password is susceptible to an offline bruteforce attack, as WPA is, make it long-ish and random. Then rest easy unless some real, non-brute-force attack is discovered.

Full disclosure (4, Insightful)

plover (150551) | more than 5 years ago | (#26464761)

People who whine about these being "irresponsible" or "bad for security" always seem to forget that the bad guys may already have written stuff like this and are putting it to use. By publishing this software, it makes everyone aware that it's never safe to turn a blind eye to poor security practices.

If some security manager reads this, goes back to work, and says "OK, change all our WPA passwords, our current ones may not be secure", he will be making a real improvement to his network. He might even be locking out an existing hacker in the process.

Re:Full disclosure (1)

hacker (14635) | more than 5 years ago | (#26464881)

"If some security manager reads this, goes back to work, and says "OK, change all our WPA passwords, our current ones may not be secure", he will be making a real improvement to his network. He might even be locking out an existing hacker in the process."

Until 3 hours later when THAT password is now cracked.

Lather. Rinse. Repeat.

Re:Full disclosure (1)

Spazztastic (814296) | more than 5 years ago | (#26464939)

"If some security manager reads this, goes back to work, and says "OK, change all our WPA passwords, our current ones may not be secure", he will be making a real improvement to his network. He might even be locking out an existing hacker in the process."

Until 3 hours later when THAT password is now cracked.

Lather. Rinse. Repeat.

Or then implement WPA2 enterprise that authenticates against your Active Directory or RADIUS domain with blacklisting against MAC addresses that aren't registered to that user.

Re:Full disclosure (0)

Anonymous Coward | more than 5 years ago | (#26465693)

Heh, I'll bite.

I listen to the network for mac addresses, clone each one in turn, and fail logins until I get your portal page that says "BANNED". I just DDoS'd your network. Your users will be burning your help desk to the ground any minute now.

Re:Full disclosure (0)

Anonymous Coward | more than 5 years ago | (#26466139)

Until your CEO's phone stops working right and orders you to "fix the internet".

Not to mention MAC blacklisting is like asking someone for their name to check if they're on the guest list but not checking id -- Anyone within eavesdropping range can just use the same credentials later.

Re:Full disclosure (1)

Xabraxas (654195) | more than 5 years ago | (#26466687)

Or then implement WPA2 enterprise that authenticates against your Active Directory or RADIUS domain with blacklisting against MAC addresses that aren't registered to that user.

Mac addresses are easily spoofed. RADIUS can also be brute forced. You also have to use IPSec to encypt the RADIUS message and use strong passwords.

Re:Full disclosure (0)

Anonymous Coward | more than 5 years ago | (#26465103)

Saying it is "irresponsible" is just saying you're uninformed about security. Think of the tools that aren't released for a reason...
I have done some coding with cuda (for the gpu) and it isn't impossible to write a program for a cheap gpu that can out run any optimized program written for a top cpu. The gpu only has a memory bandwidth bottleneck (pcie).

Re:Full disclosure (0)

Anonymous Coward | more than 5 years ago | (#26465143)

Well, that's part of what I was wondering. If someone is capable of getting the hardware, and understands the software enough, probably is also capable of getting a fairly good job to pay for his internet connection instead of attempting to get into his attenuated and non-reliable neighbor's network.

Unless, of course he's planning to do something bad, in which case, he would also have to break into the logging system and remove his brute force attempts and fake his mac address among others (which I know is not hard to do). But after all, if something done is that bad, I'm guessing investigators can always check the neighbors in the event of an investigation.

Is there a point I'm missing here that I should be aware of? Instead of being a complete educational experiment, what are the implications of this?

Re:Full disclosure (1)

Jurily (900488) | more than 5 years ago | (#26465831)

People who whine about these being "irresponsible" or "bad for security" always seem to forget that the bad guys may already have written stuff like this and are putting it to use. By publishing this software, it makes everyone aware that it's never safe to turn a blind eye to poor security practices.

Absolutely. However, they also make it easy for casual attackers. Never underestimate a horde of script kiddies with a good script.

Re:Full disclosure (2, Interesting)

kabocox (199019) | more than 5 years ago | (#26466567)

If some security manager reads this, goes back to work, and says "OK, change all our WPA passwords, our current ones may not be secure", he will be making a real improvement to his network. He might even be locking out an existing hacker in the process.

Until 10 minutes later the CEO calls the head of IT and has them change the WAP password back to Password1 so he can log in. It's nearly a known fact that managers can't type passwords longer than 8 characters successfully. 16 character or longer passwords become difficult for field IT guys to type. o.k. was that new password ffffffddddddcccccc222222555555? I mean it's difficult enough to get them to use their kid's name plus a number as a password and you want a security consult to change a working system because it might be insecure? Damn.

Every system and facility is insecure if you put enough force into cracking it. We've got an offsite gym/vehicle storage building where the only security is a vericard to get the door and a key for the back. There is a stand alone laptop of little value out there, but there is several thousand dollars of gym equipment there. What level of force/ability do you really think that it would take to clone/spoof a vericard and then load up alot of that equipment onto a semi? The reason that we don't employ a full time guard or have the place monitored by 4-8 DVR cameras is that those in charge of the budget don't think that its worth that amount of effort to protect. But even if you had a guard and cameras, how much money do you think it would take to bribe the guard and disable/by pass the cameras? With enough resources/effort anything is possible.

I'm confused (1, Offtopic)

grizdog (1224414) | more than 5 years ago | (#26464857)

First off, does this kind of approach work against any rationally designed secure software? All that would seem to be needed to defeat this is for the the login procedure to have a few seconds of delay before it responds yes or no, and no speedup in the guessing will help. This is why we have shadow password files, right? Or have I just been using *nix too long?

Also, I've seen people using GPUs in all sorts of non-graphics computation environments for some time now. When push comes to shove, is this just about money, and that CPUs have extra features that makes it easier to run an operating system, but aren't needed for pure computation? I'm not a hardware guy, so this is probably a stupid question, but I just don't get it.

Re:I'm confused (1)

Ciarang (967337) | more than 5 years ago | (#26465355)

You're confused because you're thinking in terms of a login system, not encrypted data which you can easily see. (i.e. it's transmitted 'at you')

In simple terms, once you've intercepted some data you can have as many attempts as you like to find the right key to decrypt it.

Re:I'm confused (1)

muridae (966931) | more than 5 years ago | (#26466037)

First off, does this kind of approach work against any rationally designed secure software? All that would seem to be needed to defeat this is for the the login procedure to have a few seconds of delay before it responds yes or no, and no speedup in the guessing will help. This is why we have shadow password files, right? Or have I just been using *nix too long?

Yes, it would work. Someone logs some wireless packets over night, goes home and cracks the password, comes back later and logs in to the network. They only make one or two failed attempts, the rest is passive.

Also, I've seen people using GPUs in all sorts of non-graphics computation environments for some time now. When push comes to shove, is this just about money, and that CPUs have extra features that makes it easier to run an operating system, but aren't needed for pure computation? I'm not a hardware guy, so this is probably a stupid question, but I just don't get it.

That's pretty much the whole of it, yes. GPUs are co-processors, what they do they do very fast, but what they don't do takes a lot more work. And, most cards now days are actually many many processing units running in parallel with the same data and just slightly different steps.

For stuff like cracking passwords, having lots of processors, each checking a different password, and avoiding some of the OS overhead of switching to keep the desktop updated and dealing with all the various interrupts, and you can get a substantial speed increase. A linear increase of speed, I don't think anyone has reduced the complexity of the password cracking problem, but still a speed increase.

The bommon line is.. (0)

Anonymous Coward | more than 5 years ago | (#26464921)

A PS3 running Linux will still crack it 100x quicker than a GPU...

Re:The bommon line is.. (0)

Anonymous Coward | more than 5 years ago | (#26465825)

yeah, but it will get so hot it will burn your house down

You're Not Doing it Right (1)

zwekiel (1445761) | more than 5 years ago | (#26464927)

If your wireless network encryption key can be cracked by a laptop, you're not doing it right.

Choose a longer key, and for god's sake, don't use WEP.

Re:You're Not Doing it Right (1)

srollyson (1184197) | more than 5 years ago | (#26465743)

If you're going to do it right, then you might as well run sshd on your wireless router and enforce traffic tunneling.

Oh, and make the router's sshd key-authentication only.

...better throw a port knocker on that bad boy, too.

...and make the port knocker's socket combination based off of a one-time pad.

...which was generated using diceware or a hardware random number generator.

...and send the encrypted data packets across a short wave signal like a numbers station rather than using 802.11whatever.

Or you could just realize that wireless is designed for convenience, not security. If someone's going to go through the trouble of using their GPUs to crack your key, then you've already got an adversary sophisticated enough to warrant the use of wired ethernet and a secure facility.

No reason you have to use things like CUDA... (1)

Assmasher (456699) | more than 5 years ago | (#26464933)

...to run 'generic' GPU applications. They just make things simpler for people not used to working with GPUs. Back in 2005 (can't recall) I wrote a computer vision algorithm (a simple multi-gaussian system) that uploaded live security video as a set of conglomerated images in a given texture size and output motion maps, just using early pixel shaders on an ATI 9700PRO (old even at the time.) It wasn't hard, although faking arrays via textures was a pain in the rear. ;)

Re:No reason you have to use things like CUDA... (1)

kreyszig (1419293) | more than 5 years ago | (#26464979)

...to run 'generic' GPU applications. They just make things simpler for people not used to working with GPUs.

indeed. see gpgpu.org which is mostly focused on using opengl and directx to do this.

Re:No reason you have to use things like CUDA... (0)

Anonymous Coward | more than 5 years ago | (#26465045)

If my neighbor spends so much time and effort buying the hardware, installing the software and learning how to do that, he may as well pay for his internet connection. I mean, having all those tools and hardware without an internet connection before, is kind of pointless. But if he insists in getting into my network, why not, after all he well deserves it after all that the effort.

This is true but misleading (3, Insightful)

Scott Lockwood (218839) | more than 5 years ago | (#26465171)

The real problem is using WPA with pre-shared keys - that's what this can really do some damage with. That, and they used it to set up a fake root CA. Um, this is almost a month old. WTF? Slashdot: Where you hear it last!

Brute force will be dead anyway (0)

Anonymous Coward | more than 5 years ago | (#26465313)

Smart AP, and LAP tied to wireless switch do have, or will have ability to ignore the attempts after 3-5 times (or whatever policy is set). They ignore that radio attempt to log in, and send out alert to admin of the attempts. They can located within feet the machine attempting to break in.

OpenCL (2)

Adam Hazzlebank (970369) | more than 5 years ago | (#26465377)

I'd say it's particularly unlikely that it's using OpenCL seeing as there are no working implementations yet (unless someone knows better?)

Re:OpenCL (1)

Creepy (93888) | more than 5 years ago | (#26466181)

To be honest, I doubt it's difficult to write a proprietary shader without a GPU programming language for this since the GPU really only can be used to offload the hash computation (using the PSK and passphrase). The real trick is packing and passing data (say passwords) to that shader for processing efficiently, and that could be done in a variety of ways (e.g. stuffing them in a texture or a vertex buffer object).

The real limitation is probably the network interface once you have an efficient way of generating keys.

Generating Passwords (2, Funny)

KiwiCanuck (1075767) | more than 5 years ago | (#26465491)

Isn't there a way of taking a prime number and converting it to ascii? I'm not a software guy, so I use to go to computer services (when I was in uni) and get them to generate a password for me. I have accumulated 8 passwords. Now I just rotate through them. Is this a good idea? Cheers for any advice.

Elcomsoft? (0)

tsstahl (812393) | more than 5 years ago | (#26465525)

How many of their employees are going to get arrested [wikipedia.org] for this one?

Re:Elcomsoft? (0)

Anonymous Coward | more than 5 years ago | (#26466203)

I'm actually running their Advanced EFS Data Recovery utility right now to restore some files from a dead laptop that were encrypted using WiXP Encrypted File System. Very usefull and beats having to find a way to boot the same volume from a different PC so I could log into my account and get my stuff back.

Great Program (5, Informative)

JimmyRay_TWTV (1453481) | more than 5 years ago | (#26465631)

I tested this program for a upcoming show and I really liked it. The cost is high for most regular folks, so it is geared more towards Government/Commercial. For a nice open source option, I also recommend Pyrit. I had a few issues importing Aircrack files, but most of those have been resolved.

Brute Force? (2, Interesting)

Fnord666 (889225) | more than 5 years ago | (#26465745)

... does is perform brute-force dictionary attacks of WPA and WPA2 passwords.

I tried using a non brute force dictionary attack on an encryption key once. I just tried every third word in the dictionary. It didn't seem to work as well as trying them all. In other words, there are brute force attacks and there are dictionary attacks, but there are no brute force dictionary attacks.

Re:Brute Force? (1)

Zironic (1112127) | more than 5 years ago | (#26465959)

A brute force dictionary attack tends to run through the entire dictionary with various prefixes,suffixes, numbers, capitalizations and even word combinations.

Re:Brute Force? (1)

wastedlife (1319259) | more than 5 years ago | (#26466225)

The article and summary have a lot of glaring errors. For one, TFA states that it sends random passwords to the access point. This is false. According to the product page, the app listens to the network in question and creates a dump. Then it works on that dump locally. Also, as you stated, there is no such thing as a brute-force dictionary attack. Brute-force just attempts every possible permutation, while dictionary attacks try using passwords based on words in a dictionary. This uses an "advanced dictionary attack" (this is how the product website describes it), which uses a dictionary along with mutations such as inserting symbols or numbers in place of letters.

Anyway, if you can afford the license for this product, you should really be using WPA-RADIUS or WPA2-RADIUS instead of a preshared key. In fact, you could probably buy a cheap windows server and install IAS for the cost of one license for this app(or a *nix box with better hardware). As far as I can tell, not using a pre-shared key invalidates this product.

Re:Brute Force? (1)

nobodylocalhost (1343981) | more than 5 years ago | (#26466249)

Sure there is.

for example, your dictionary has

12345678
password
helloworld
computer

now you tested those passwphrase using a dictionary attack and they failed. So you know for sure these are not the passphrase. They can then be removed from the brute force efforts so you don't test the same thing twice.

Re:Brute Force? (0)

Anonymous Coward | more than 5 years ago | (#26466743)

No, you just did a brute force dictionary attack on one-third of a dictionary.

Use random string of characters (1)

groffg (987862) | more than 5 years ago | (#26465777)

This is really old news, but a useful reminder that wireless access points should employ non-dictionary passphrases. To defeat even the most sophisticated password-guesser (one that combines dictionary-based and brute force password guessing), you can use a completely random password, such as one generated by by this FOSS utility: http://www.codeguru.com/csharp/csharp/cs_misc/security/article.php/c14557/ [codeguru.com]

GPL-licenced implementation (1)

Zayin (91850) | more than 5 years ago | (#26466089)

May I suggest adding a reference to the GPL-licenced software pyrit [google.com] in the summary? It might be useful for people to know that a) Elcomsoft is not the first to implement this and b) a free software implementation exists (currently only for NVIDIA, but they are planning ATI support).

aircrack? (-1)

Anonymous Coward | more than 5 years ago | (#26466191)

Isn't aircrack already capable of cracking wifi passwords? It takes about 15 minutes of so for a plain WEP key, and a little longer for WPA, depending on your curiosity and dedication.

my password is "cat" (1)

saintsfan (1171797) | more than 5 years ago | (#26466703)

"If an access point is set up using a fairly insecure password that is based on dictionary words, there is a higher likelihood that a password can be guessed." ... no shit
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...