cracking security-enabled network keys
-
- Hacker in Training
- Posts: 95
- Joined: Sun Feb 18, 2007 11:35 pm
- Contact:
cracking security-enabled network keys
I have XP SP2, and want to be able to connect to security-enabled networks. I am on a laptop and my wireless card is Atheros AR5005G Wireless Network Adapter. I've read some tutorials about cracking the WEP encryption keys, but they all seem to require installing software and don't seem too specific or seem to go off topic. Can someone help me by telling me what I need with the details of my condition that I'm in? A zip file to download with everything included would be preferred. Also I need to be able to connect to the networks tonight if at all, because its the last day that I have a LAN. Thanks and much appreciation.
- infinite_
- Bat Country
- Posts: 1353
- Joined: Fri Jun 04, 2004 7:19 pm
- Location: Australia
It's hard to provide help if you don't say what your problem is or what's causing grief. There's an abundance of Windows WEP cracking guides on the net.
http://tazforum.thetazzone.com/viewtopic.php?t=6811
http://tazforum.thetazzone.com/viewtopic.php?t=6811
My effort to help you will never exceed your effort to explain the problem.
-
- Hacker in Training
- Posts: 95
- Joined: Sun Feb 18, 2007 11:35 pm
- Contact:
- Aniack
- is a maniac!
- Posts: 558
- Joined: Tue Aug 26, 2003 4:31 pm
- Location: ME
- Contact:
Actually you can bruteforce WPA. So obviously it isn't as quick and painless as modern WEP cracking but it can be done.Chocrates wrote:download back track 2 or nubuntu and find a guide on wep cracking
if they are using wpa as far as i know they are uncrackable at the moment
I got your number. I steal your thunder.
I got your mother's maiden name tattooed on my arm.
I got your mother's maiden name tattooed on my arm.
- IceDane
- Because I Can
- Posts: 2652
- Joined: Wed May 12, 2004 9:25 am
Of course you can, you can brute-force anything given the proper amount of time.Aniack wrote:Actually you can bruteforce WPA. So obviously it isn't as quick and painless as modern WEP cracking but it can be done.Chocrates wrote:download back track 2 or nubuntu and find a guide on wep cracking
if they are using wpa as far as i know they are uncrackable at the moment
Just glancing at the wikipedia page, I've gathered(Perhaps incorrectly) that you can have either 128 bit keys or 256 bit key.
In either case, it's a huge number of possible keys you'd have to brute-force.
Just assuming you'd be able to brute-force 5 million passwords a second(Improbable, unless you're generating the keys and storing them on a hard-drive for faster brute-forcing) and just trying to brute-force the 128 bit key, going through all possibilities would take
68056473384187692692674921486354 seconds or
18904575940052136859076367079,543 hours or
787690664168839035794848628,31428 days or
2158056614161202837794105,830998 years.
Yer.
Please kick me in the teeth in a verbal fashion if my logic is off.
- Aniack
- is a maniac!
- Posts: 558
- Joined: Tue Aug 26, 2003 4:31 pm
- Location: ME
- Contact:
Assuming they are not using personal mode (PSK mode) or are using strong passwords I see no flaw in your logic.IceDane wrote:Of course you can, you can brute-force anything given the proper amount of time.
Just glancing at the wikipedia page, I've gathered(Perhaps incorrectly) that you can have either 128 bit keys or 256 bit key.
In either case, it's a huge number of possible keys you'd have to brute-force.
Just assuming you'd be able to brute-force 5 million passwords a second(Improbable, unless you're generating the keys and storing them on a hard-drive for faster brute-forcing) and just trying to brute-force the 128 bit key, going through all possibilities would take
68056473384187692692674921486354 seconds or
18904575940052136859076367079,543 hours or
787690664168839035794848628,31428 days or
2158056614161202837794105,830998 years.
Yer.
Please kick me in the teeth in a verbal fashion if my logic is off.
...Though using a program like cowpatty with a relatively large dictionary file (with 'words' that are a minimum eight characters in length) against a WAP with WPA protection in PSK mode it should take little more than a day or two to run through the list. Typically home users and small business will use PSK mode and home users are much more likely to use weak passwords.
I got your number. I steal your thunder.
I got your mother's maiden name tattooed on my arm.
I got your mother's maiden name tattooed on my arm.
-
- htd0rg lieutenant
- Posts: 412
- Joined: Thu Feb 23, 2006 5:02 pm
- Location: YXJlbid0IHlvdSBjbGV2ZXIu
Are we discounting the possibility of massive parallel computing via a battery of Field Programmable Gate Arrays? I'm new to the whole "wireless hacking" thing (I got into it for the instant gratification of it, I don't know about any of you), so please correct me if I'm wrong.
Buffalo buffalo Buffalo buffalo buffalo buffalo Buffalo buffalo.
-
- Hacker in Training
- Posts: 95
- Joined: Sun Feb 18, 2007 11:35 pm
- Contact:
- Aniack
- is a maniac!
- Posts: 558
- Joined: Tue Aug 26, 2003 4:31 pm
- Location: ME
- Contact:
That's a novel idea but it comes down to a question of practicality. How many FPGAs would one need to put a serious dent in the amount of time to crack said key, how many FPGAs can be fitted on a board, how large will the board(s) be, how much will it cost to deploy said solution and how much power will the set up need to draw (I.E. will it draw more than a car battery can easily handle)? There's also the fact that a WAP can only handle so much throughput. I'm not too into EE, so I actually am curious.fivefold wrote:Are we discounting the possibility of massive parallel computing via a battery of Field Programmable Gate Arrays? I'm new to the whole "wireless hacking" thing (I got into it for the instant gratification of it, I don't know about any of you), so please correct me if I'm wrong.
I got your number. I steal your thunder.
I got your mother's maiden name tattooed on my arm.
I got your mother's maiden name tattooed on my arm.
-
- htd0rg lieutenant
- Posts: 412
- Joined: Thu Feb 23, 2006 5:02 pm
- Location: YXJlbid0IHlvdSBjbGV2ZXIu
As far as I know, an FPGA only consumes maybe slightly more power than a conventional ASIC, and are only slightly larger (so you could fit many onto a board). Also, since an FPGA's computational power is easily parallelized, it probably wouldn't take more than 20 FPGAs working together more than a half an hour to crack a civilian-strength encryption.Aniack wrote:That's a novel idea but it comes down to a question of practicality. How many FPGAs would one need to put a serious dent in the amount of time to crack said key, how many FPGAs can be fitted on a board, how large will the board(s) be, how much will it cost to deploy said solution and how much power will the set up need to draw (I.E. will it draw more than a car battery can easily handle)? There's also the fact that a WAP can only handle so much throughput. I'm not too into EE, so I actually am curious.fivefold wrote:Are we discounting the possibility of massive parallel computing via a battery of Field Programmable Gate Arrays? I'm new to the whole "wireless hacking" thing (I got into it for the instant gratification of it, I don't know about any of you), so please correct me if I'm wrong.
Of course, cost is an issue. Last I heard, a low-end FPGA costs about $100, and you would need several to achieve these kinds of results. I'm betting most hackers either couldn't afford that, or couldn't rationalize the cost, so yes cost is a major concern as to practicality.
I don't know much about cryptography, so I may be wrong here, but isn't there a way to sniff some of the encrypted wireless traffic and predict its content based on various metrics (such as packet size, computational time taken between packets, etc)? Then from that you could brute force the key? (I don't actually know, this is a question in reply to your throughput concern).
Buffalo buffalo Buffalo buffalo buffalo buffalo Buffalo buffalo.
-
- n00b
- Posts: 1
- Joined: Wed Apr 29, 2009 10:03 pm
Re: cracking security-enabled network keys
that is true you have to have more than two days to run and if according to my experience only the home users are likely to use weak passwords
Juices Drinks
Juices Drinks