Wi-Fi

Welcome to the future: cloud-based WPA cracking is here

A security researcher has brought us in touch with the future of distributed computing: network encryption cracking. Chad Perrin explains how it works.

A security researcher has brought us in touch with the future of distributed computing: network encryption cracking.


In 2008, I speculated about the future of distributed security cracking. That future has arrived, in the form of a $17 "cloud" based service provided through the efforts of a security researcher known as Moxie Marlinspike. It is effective against pre-shared key deployments of both WPA and WPA2 wireless networks.

The mechanism used involves captured network traffic, which is uploaded to the WPA Cracker service and subjected to an intensive brute force cracking effort. As advertised on the site, what would be a five-day task on a dual-core PC is reduced to a job of about twenty minutes on average. For the more "premium" price of $35, you can get the job done in about half the time. Because it is a dictionary attack using a predefined 135-million-word list, there is no guarantee that you will crack the WPA key, but such an extensive dictionary attack should be sufficient for any but the most specialized penetration testing purposes.

If you opt to use the service, you will of course leave a money trail via Amazon Payments -- which is probably a bad idea if you are attempting to gain unauthorized access to a secured network illegally. For the good guys testing the security of a client's network, however, this is an incredibly handy tool to have at one's disposal.

It gets even better. If you try the standard 135-million-word dictionary and do not crack the WPA encryption on your target network, there is an extended dictionary that contains an additional 284 million words. In short, serious brute force wireless network encryption cracking has become a retail commodity.

Some might question whether rainbow tables serve the purpose of penetration testing more effectively. In some cases they might, but rainbow tables face some limitations. From the FAQ for WPA Cracker:

Aren't there rainbow tables now?

Yes, the Church Of Wifi has put a large rainbow table collection online. However, there are a few ways in which this collection has not met our needs. The first is that since each handshake is salted with the ESSID of the network, you have to build a unique set of rainbow tables for each network that you'd potentially like to audit. The Church Of Wifi has gone to heroic efforts to build tables for the 1000 most popular ESSIDs, but we find that this is often not enough. If someone has enabled WPA encryption on their wireless network, chances are that they've changed their ESSID to something that's not very common as well.

Additionally, since they had to build so many sets, they had to limit the size of their dictionary in order to keep the resulting tables manageable. We feel that 1,000,000 words is really not large enough to do a comprehensive search, and that the way the dictionary was constructed discounts some of the specifics for WPA network password requirements. WPA Cracker provides a service that can crack the PSK of a network with any ESSID, using a dictionary that is several orders of magnitude larger.

The FAQ also claims that WPA Cracker uses a dictionary specialized for WPA cracking purposes, making it better suited to this specific purpose than the OpenWall dictionaries, which are "tailored more specifically for Unix logins than for WPA networks."

The interface is simple and clean, and the service does not require any more information from its users than an email address to deliver the results, the network's ESSID, and a network traffic capture that includes the encrypted WPA handshake. Payment information is handled by Amazon. If you have despaired of a simple and quick way to perform a penetration test on a WPA encrypted network without spending entirely too much money, the answer appears to have arrived.

About

Chad Perrin is an IT consultant, developer, and freelance professional writer. He holds both Microsoft and CompTIA certifications and is a graduate of two IT industry trade schools.

102 comments
Alexy69
Alexy69

There is a new and better service on this site www.recoverwpa.com They charge after successful cracking and not up front. So you are paying for guaranteed recovered password and not only for chance of finding it.

Ocie3
Ocie3

According to the FAQ for Moxie Marlinspike's WPA Cracker web site, the service will crack the password of a ZIP file as well as crack passwords for WPA/WPA2 wireless APs. So I submitted a PKWare PKZip file which contains an encrypted file. IIRC, the file was not encrypted before it was compressed, but by PKZip, which created the output .ZIP. During the process of setting the job up, the price went from $17 to $68 and the time from 20 minutes to 2 hours, because, the site said that cracking the password of a compressed file that contains only one file is "more time consuming". Paying that much is not worth the content of that particular file, assuming that the WPA Cracker does crack the password, so I decided to cancel the job. (The web site procedure doesn't have a cancel option at that point, though, so I backed-out of it.) Currently, I am using [i]PKWare for Windows version 9.[/i] It is possible to have [i](1)[/i] a password that must be entered to view the list of files which are in the compressed file (it includes the filenames and other data about them), and [i](2)[/i] another password which must be entered to extract the files which it contains and/or to add files to the compressed file. The respective passwords can be either the same or different. I have no idea whether WPA Cracker can handle that situation, and I don't have the budget to find out from experience. See WPA Cracker at: http://www.wpacracker.com/index.html __________

mnemzow
mnemzow

This service seems a violation of the DCMA.

JCitizen
JCitizen

already up to this on any kind of password cracking. If I understand this article correctly; you can crack a wireless password through and from the WAN to a wireless node on wifi network(internal), from the wifi-router(externally)? Or perhaps more accurately - crack the perimeter wireless router, from another wireless relay for the cloud? I'm confused, which most folks, who know me, won't find surprising. :p The bot-net already is a cloud computing network.

dougogd
dougogd

should be clipped. If information must be shared with another branch of the company then send the information via carrier. If it is real sensitive send multiple carriers with extreme background checks. The carriers of course should also be higher ups in the company. If any leaks are discovered then you know how to and who to charge. relying on cloud is like saying here is all my info come and get it. same thing with having work computers connected to the internet. If your people must connect to the internet then set up multiple computers for use one on private network not connected to the internet one on the network connected to the internet. Eventually everyone will find out how well the cloud will distribute everyone's information to the world. No more corporate advantages after that happens

shido641
shido641

How effective is the service? Whats the point of it? If you follow the rules of security you should be just fine, something to the effect of using a password longer than 8 characters, consisting of numbers, letters, and characters. And to top that, not using dictionary words. For example, my WPA2 password is 23 characters long, which follows that basic rule. You cant possibly tell me you can crack that with a bruteforce attack let alone a dictionary attack.

Slayer_
Slayer_

I mean, aren't all security measures that rely on a password, suffering the same weakness. To me this sounds like an example to the strength of WPA2. Only a brute force attack has any chance of breaking it. As long as your password is long and without words (and might as well be, how often do you need to type it in, windows remembers it). And when you are done, you just have access to the network. Hopefully internal security measures should prevent further progress.

NickNielsen
NickNielsen

This service is hosted in the Canary Islands. As much as the RIAA and MPAA would like it to be so, I really don't think the DMCA applies outside the United States, Sheesh. Another CIO who doesn't know that American law stops at the American border.... edit: type, post, data check.

DNSB
DNSB

If you meant the DMCA, perhaps the DMCA is not a concern where they live? Around here, the DMCA is considered a fine example of the sheer stupidity of American lawmakers -- not that ours are much to write home about either. "Hi, there's this group in China I want to have charged with violating the DMCA." is not going to generate much action.

Ocie3
Ocie3

DMCA! Just picking nits today. .....

Neon Samurai
Neon Samurai

I may be confused also but I'm seeing the process as: capture wifi trafic upload .pcap to moxi's service wait for results to be returned

Neon Samurai
Neon Samurai

Pentesting is proactively proving why one should follow the rules of security. Consider the IT department doing internal pentesting to confirm that settings are tight and effective or showing management why they can't have three character passwords. Potentially an contracted third party pentest for industry regulation, the IT reasons above or other. You want to be tested against the latest tools out there just like a criminal would be using in a hostile breach. A tech confirming that a home user's wireless setup is rock solid (assuming it justify the 35$ cost). Pretty much an legitimate reason to want to break a key for a wireless network you have authority or permission to test.

Zwort
Zwort

There are Wi-Fi streamers that do WPA with passwords that are only 39 characters long. I've read a lot about the odds here and I am still not convinced by arguments that it is safe. Not at all convinced.

dougogd
dougogd

letter numbers, and characters long I got hacked. The person changed my password then to HIMOM So do you really feel secure now. It took less than one day to breach it. edit spelling

Neon Samurai
Neon Samurai

Yes this is cracking; it is getting the cleartext from a cyphertext value or otherwise breaking in past authentication mechanisms. It's cracking specific hash values as a commodity service. Yes, it is a weakness all passwords like authentication suffers from. That's why we have minimum length/complexity, maximum failed tries and similar techniques to mitigate it. Yes, hopefully one only gets access to the network without access to the nodes due to internal security. Sadly, most people still don't think beyond the perimeter. (I'm happy to see that my latest local area scan shows only two WEP home routers so things are improving slowly)

apotheon
apotheon

Tell that to the Russian who was arrested when he set foot on US soil after developing copy protection circumvention techniques for Adobe applications. Now . . . consider the case of countries that have extradition treaties with the US. I'm not entirely sure of the extradition treaty status of the Canary Islands, unfortunately. The US has an extradition treaty with Spain, but the Canary Islands archipelago is considered a Spanish Autonomous Community -- which may or may not fall under the same treaty. I'm afraid I'm just not that familiar with Iberian peninsula politics.

seanferd
seanferd

that the DMCA could not in any way apply to this service.

JCitizen
JCitizen

then it would be a wardrive by, as best as I can guess. I'm not a crook, so I don't always think like one. This is part of the confusion. I suppose it is easy to configure one's own wifi router to do the same thing, if one was contemplating an attack on a neighborhood node in range. ?:|

shido641
shido641

Could you really be sure this was hacked via your conventional wifi attacks? I highly doubt it. Think of it logically an theoretically speaking it is not possible. You probably got owned some other way lol. Sorry for taking it so lightly, i hope you dont get upset. I'm merely saying that there was other possibilities of someone getting your password

Neon Samurai
Neon Samurai

Wow.. What was the wifi encryption? That can't have been a WPA2 setup that fell over. I'd think to break that in a day your looking at cryptographic analysis rather than brute force which puts you in WEP territory or potentially WPA/TKIP.

Zwort
Zwort

My neighbourhood is packed with insecure wireless networks. A lot of strange people can be found, parked in cars or sitting on benches, typing/clacking away furiously at their favoured portable device. So I have abandoned my WPA-AES connection and will obtain a WPA2 capable device sometime. Hence plugs. Edit: I noticed this machine, a quad core, is using AZPR with incredible swiftness to brute crack a PW on a zip file for which an ex decided not to disclose the pw. I'd given up using dual core machines.

Slayer_
Slayer_

My friend recently bought a router and it doesn't even WPA. Only WEP. I couldn't actually join it with my laptop, even with the password, it just got blocked by the wireless saying it was not a secure connection.

apotheon
apotheon

Neologism a la Chad. If you found other instances of it, it's independent invention (and an excellent piece of evidence for the stupidity of copyright and patent law).

santeewelding
santeewelding

After having responded, it is not. Goes back to at least, 2004.

santeewelding
santeewelding

Now, that there, was a good one. Is it yours?

apotheon
apotheon

There's no doubt in my mind that Congress plus Law Enforcement equals Grand Mal Stupidity.

NickNielsen
NickNielsen

to compound Congressional stupidity.

apotheon
apotheon

Doesn't it make it difficult for someone to copy and use the content of a file in a meaningful form? By that definition, it's like a kind of DRM. Encryption is used as part of DRM software a lot of the time, y'know. It is, in fact, a critical piece of certain DRM "solutions".

seanferd
seanferd

as I am aware of the history (I used to laugh about the IE 128-bit encryption export restriction), I can't see how cracking WPA amounts to defeating copy protection on intellectual property. I won't argue that someone wouldn't try to misapply the poorly designed act this way - probably the majority of DMCA lawsuits, takedown notices, etc., try to stretch and contort the law for the benefit of the interested parties, while said parties do not follow the law themselves. Because this occasionally backfires, we get things like ACTA and the DHS working for Disney to protect their IP. (Yeah, I know. How many things can you find wrong in the second half of that sentence?)

apotheon
apotheon

1. Canada didn't have such export restrictions at the time of the move, if I recall correctly. 2. The restrictions obviously don't affect the OpenBSD project and its sub-projects the way US restrictions would, else you wouldn't be able to get OpenBSD all over the world with a simple click-to-download the way you can.

Jaqui
Jaqui

OpenBSD moved to Canada, which in reguard to cryptography has the same export restrictions the US does, it is a military technology here also. The OpenBSD Foundation is a Canadian registered non-profit body. and the OpenBSD, openssl and openssh main project servers are all in Calgary Alberta. [ go figure, Userful, OpenBSD/openssl/openssh and LinuxFromScratch all tied to Calagary. often concidered one of the two most backwards cities in Canada, and in the least desirable Province to live in. ] aka Cowtown. [ the "Calgary Stampede" annual rodeo being the source of that nickname. ] edit for typo

apotheon
apotheon

It could, possibly. The DMCA contains prohibitions against cracking digital copy protection technologies. Such technologies include encryption software. In fact, it's arguable that the FBI was acting in violation of the DMCA when it attempted (and failed) to crack TrueCrypt encryption in a recent Russian spy case. This is just one of several reasons that the United States has been hemorrhaging cryptography talent since the early '90s, if not earlier. Nobody wants to study cryptography in the US (previously the widely-regarded best place for cryptography research and study in the world) any longer. The OpenBSD project moved out of the US in the '90s specifically because of cryptography export restrictions. While that particular problem has been mitigated somewhat, it has not been 100% solved, and the DMCA is easily taking up the slack in terms of legal reasons to avoid the US if you're a cryptography researcher. Researchers have actually been threatened with legal action for presenting their findings in study of copy protection technologies. I guess the idiots in the US Congress want to utterly kill the domestic pool of expertise in cryptography.

Zwort
Zwort

Do you remember when PGP was deemed to be weapons grade software? Looking around at the various other options that are available makes me hope that terrorists are incompetent, and some of the wannabees in the UK have been. However, someone in (ISTR) Brazil had a True Crypt file that even the Feebs gave up on. An interesting test of strength that I'm sure is gratifying to quite a few people.

NickNielsen
NickNielsen

Do you mean that something both digital [u]and[/u] potentially harmful in the wrong hands isn't banned already? :0 ;)

NickNielsen
NickNielsen

Poor choice of words. The address for the domain owner is given as the Canary Islands. I should have said the domain holder is in the Canary Islands.

apotheon
apotheon

You'd probably want to connect to the service and your email via 3G or some other Internet connection independent of the wireless network you're trying to crack -- so, obviously, wardriving or otherwise just trying to get access to the Internet wouldn't be the ideal purpose for this service.

Zwort
Zwort

That's why defence in depth is important; strong password for routers/wireless points of presence/extenders, kept in a secure password database with a strong password, and so on. Whenever a machine is left unattended power down. Ensure that it can't boot from other devices than the HD, is password protected, and so on. Every now and then I'm forced to challenge people's conception of security. Some people feel they can trust their secretary, wife, SO, whatever, but ultimately no one at all is trustworthy. Some 12 years back the SO of someone I knew wanted him to allow her son to use his computer. I was almost speechless, and I told her why this was a bad move. One moment of weakness, of trust, and there go your data.

Neon Samurai
Neon Samurai

It would be interesting to see how the person did the breach. Sure does get one interested in security when they do get breached also. I think every sys admin needs to be hit at least once before it fully sinks in.

JaredH
JaredH

I would think that it would be TKIP, not AES.

Zwort
Zwort

Yes it's quite good. Watch out for Dead Ringers, the bloke does a life like imitation of Tom Baker. He did a spoof to one of the other Drs and fooled him completely.

shido641
shido641

And your estimated time would be?

Neon Samurai
Neon Samurai

I'm all caught up on Dr Who so I'll have to check those out; and always the british version. I've yet to see a show ported over this side of the pond that stacked up against the british original.

Neon Samurai
Neon Samurai

We'll see what full details come out of the presentations but from what people have managed to figure out so far, the risk is from an already authenticated client which already has better ways to attack data rather than through the encrypted wifi traffic. It's a weakness but it's not like WEP or WPA/TKIP which can be exploited to gain access to the network. (been watching this one since it popped up) It is always an arms race though. Current technology is proven weak, new technology replaces it. passwords where five, then eight, now 14 characters recommended. WEP was rock solid, then WPA was the replacement now it's still WPA2. I don't yet have reason not to trust my home WPA2 with max length random passkey. For the plug networking, there where a few articles from Michael a short while back if you didn't see them in passing.

Zwort
Zwort

[I can't respond to your last because I've reached msg limit at that level.] Password lengths were my preoccupation also. If, e.g., the handshake is only 39 characters it is more vulnerable, but now even WPA-AES PSK is becoming vulnerable, and the advent of distributed computing for hire is merely the beginning of a new phase in the arms race. Yes I imagine there may be restrictions on some listed buildings. Fortunately my house still has a guarantee. :-) Thus I'm considering using something like a wallplug package, e.g., a Netgear HomePlug AV, Belkin Powerline AV. All of my property, including the garage, is controlled by a security system, so snooping via a garage plug is unlikely. I have no outside sockets. The point is to have access to a number of things without going into the office. I inevitably end up spending too much time here, it is not healthy and it is not conducive to a healthy sleeping-wake cycle. So, I'm investigating wall sockets, something I initially dismissed when they first appeared. So long as the security perimeter extends beyond the power circuits this would seem at first blush to be a good idea. Time for a few glasses of Peroni, whilst watching series 2 of Ashes to Ashes. If you get the chance watch both it and Life on Mars. The UK version that is. :-)

Neon Samurai
Neon Samurai

If your doing cabling properly but after the walls have been finished; get a professional. It's rarely worth the pain of doing it yourself when a pro can pretty much sneaze and have it done with cable ends crimped. For similar reasons to your own, I hear wireless is very popular in Europe due to buildings with historical status so you can't go drilling and pulling through all the walls.

husserl
husserl

You should see the skill of the bloke who installed my security system. His sense of direction and distance were unerring. I bet there's someone around like that specialising in network cabling. My point was to obviate the need for Wi-Fi. Sure, cables have a set of problems all their own.

Neon Samurai
Neon Samurai

I was talking about password lengths rather than wire lengths. But yes, wires will give you a better and faster connection than wireless. Running a big bit through the wall isn't so bad but pulling cable through more complex paths can really suck.

Zwort
Zwort

I'm fast coming to the conclusion that cables are best, but the idea of drilling holes doesn't appeal to me. I can do engine rebuilds but I'm useless in the house. :-0

Neon Samurai
Neon Samurai

I had the same question so I did a table of length/complexity at work to show current, planned and recommended lenghts and affects on bruteforce times. At longer lengths I had to go with estimated time from Cain.

Neon Samurai
Neon Samurai

My particular experience was with a macbook pro PPC that wouldn't talk to the router when security was reduced. In your case and with WEP being a five minute job (15 if one has to generate there own client traffic), I'd be looking to run wires to those machines or update the OS to something that will manage WPA at minimum. I'm sure your situation isn't by choice though. I don't envy it.

bknabe
bknabe

with 10.5. Not because I want to, I have legacy devices I can't replace at this time.

Neon Samurai
Neon Samurai

For both the WEP only router and buying such hardware from Radio Shack. (er.. TheSource in .ca)

Slayer_
Slayer_

He has since replaced it thankfully after my warning. But it was a 30 dollar router from "The Source". Sold as new. He bought it two years ago.

Ocie3
Ocie3

Regardless, it is technically obsolete, as I'm sure that you are aware. Did your friend know of the limitation?

Ron_007
Ron_007

I bet your friend "saved" money by buying the cheapest router he could find at a discount house. Too bad they were unloading old routers that anyone who has a clue would be willing to pay for. Basically, you friend paid the vendor to haul away the garbage he otherwise would have had to pay to ship to the dump (or recycler). It might be an appropriate choice if he only used the wired connections, but he insisted on using the outdated wireless function.

Neon Samurai
Neon Samurai

My Palm T5 only recognized WEP (11b no less) which osX wouldn't even consider playing with. I could have my T5 online or I could have my osX online; T5 lost network connectivity. A router shipping with WEP only though.. that's madness. What make/model? That should become publicly known. WTF kind of vendor is shipping WEP only hardware with it being so far beyond broken? If it's a software limitation, you may be able to replace the firmware with ddWRT or similar depending on the hardware.