From: Robin Wood (dninja@gmail.com)
Date: Tue Dec 13 2005 - 12:20:50 EST
I wasn't comparing anything, I was asking how realistic it is to crack
the WPA key in 10 minutes.
I'm asking as I was lead to believe that WEP could be cracked in
minutes with brute force attacks but have found from experience that
that is wrong, I am therefore now doubting the people who claim how
easily WPA can be cracked
Robin
On 12/13/05, Joachim Schipper <j.schipper@math.uu.nl> wrote:
> On Tue, Dec 13, 2005 at 10:09:21AM +0000, Robin Wood wrote:
> > Hi
> > I've just been on a wireless security course where there was a lot of talk
> > about WEP keys being poor security and easily crackable. I got home and
> > decided to put it to practice and use aircrack against my own WEP key.
> >
> > After around 4 hours I got bored ...
>
> > All the examples I've seen seem to suggest that cracking should take minutes
> > not hours and all keys should be crackable. What experiences do other
> > testers have? Have I done something wrong? I abandoned the full attack after
> > 5 hours as it was running with the default fudge factor of 2 so would
> > probably not have managed to crack the key.
> >
> > I've also seen a video on the Remote Exploit site showing a WPA key cracked
> > in 10 minutes using cowpatty and a dictionary attack. How realistic is this?
>
> I am not very good at this, since I do not own or care for wireless, but
>
> *do* take in mind that you're comparing a complete brute-force with a
> dictionary attack. It's not surprising that the dictionary attack is
> much faster, even against a better algorithm.
>
> Joachim
>
> ------------------------------------------------------------------------------
> Audit your website security with Acunetix Web Vulnerability Scanner:
>
> Hackers are concentrating their efforts on attacking applications on your
> website. Up to 75% of cyber attacks are launched on shopping carts, forms,
> login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
> futile against web application hacking. Check your website for vulnerabilities
> to SQL injection, Cross site scripting and other web attacks before hackers do!
> Download Trial at:
>
> http://www.securityfocus.com/sponsor/pen-test_050831
> -------------------------------------------------------------------------------
>
>
------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:
Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:15 EDT