PDA

View Full Version : How I cracked my neighbor's WiFi password without breaking a sweat


News
08-28-12, 12:20 PM
http://cdn.arstechnica.net/wp-content/uploads/2012/08/4way.png The four-way handshake, in which a wireless device (STA) validates itself to a WiFi access point and vice versa.


Last week's feature explaining why passwords are under assault like never before (http://arstechnica.com/security/2012/08/passwords-under-assault/) touched a nerve with many Ars readers, and with good reason. After all, passwords are the keys that secure Web-based bank accounts, sensitive e-mail services, and virtually every other facet of our online life. Lose control of the wrong password and it may only be a matter of time until the rest of our digital assets fall, too.

Take, for example, the hundreds of millions of WiFi networks in use all over the world. If they're like the ones within range of my office, most of them are protected by the WiFi Protected Access (https://en.wikipedia.org/wiki/Wi-Fi_Protected_Access) or WiFi Protected Access 2 (https://en.wikipedia.org/wiki/IEEE_802.11i-2004) security protocols. In theory, these protections prevent hackers and other unauthorized people from accessing wireless networks or even viewing traffic sent over them, but only when end users choose strong passwords. I was curious how easy it would be to crack these passcodes using the advanced hardware menus and techniques that have become readily available over the past five years. What I found wasn't encouraging.

First, the good news. WPA and WPA2 use an extremely robust password-storage regimen that significantly slows the speed of automated cracking programs. By using the PBKDF2 key derivation function (https://en.wikipedia.org/wiki/PBKDF2) along with 4,096 iterations of SHA1 cryptographic hashing algorithm, attacks that took minutes to run against the recent LinkedIn (http://arstechnica.com/security/2012/06/8-million-leaked-passwords-connected-to-linkedin/) and eHarmony (http://arstechnica.com/security/2012/06/eharmony-confirms-member-passwords-compromise/)*password dumps of June would require days or even weeks or months to complete against the WiFi encryption scheme.

Read 13 remaining paragraphs (http://arstechnica.com/security/2012/08/wireless-password-easily-cracked/) | Comments (http://arstechnica.com/security/2012/08/wireless-password-easily-cracked/?comments=1#comments-bar)

http://feedads.g.doubleclick.net/~at/CLlGJSecNhAN6ZHqWe6MrCYyHAk/0/di (http://feedads.g.doubleclick.net/~at/CLlGJSecNhAN6ZHqWe6MrCYyHAk/0/da)
http://feedads.g.doubleclick.net/~at/CLlGJSecNhAN6ZHqWe6MrCYyHAk/1/di (http://feedads.g.doubleclick.net/~at/CLlGJSecNhAN6ZHqWe6MrCYyHAk/1/da)

http://feeds.feedburner.com/~ff/arstechnica/index?i=VgJCLF4O8wM:dxZCKzw2WYc:V_sGLiPBpWU (http://feeds.arstechnica.com/~ff/arstechnica/index?a=VgJCLF4O8wM:dxZCKzw2WYc:V_sGLiPBpWU) http://feeds.feedburner.com/~ff/arstechnica/index?i=VgJCLF4O8wM:dxZCKzw2WYc:F7zBnMyn0Lo (http://feeds.arstechnica.com/~ff/arstechnica/index?a=VgJCLF4O8wM:dxZCKzw2WYc:F7zBnMyn0Lo) http://feeds.feedburner.com/~ff/arstechnica/index?d=qj6IDK7rITs (http://feeds.arstechnica.com/~ff/arstechnica/index?a=VgJCLF4O8wM:dxZCKzw2WYc:qj6IDK7rITs) http://feeds.feedburner.com/~ff/arstechnica/index?d=yIl2AUoC8zA (http://feeds.arstechnica.com/~ff/arstechnica/index?a=VgJCLF4O8wM:dxZCKzw2WYc:yIl2AUoC8zA)
http://feeds.feedburner.com/~r/arstechnica/index/~4/VgJCLF4O8wM

More... (http://feeds.arstechnica.com/~r/arstechnica/index/~3/VgJCLF4O8wM/)