WPA cracked in 1 second at Weak-Net Labs

[grishnav]

Why is it so freaking hard to do wireless security right? Why can't we just sign x.509 certs and be done with it?

Srsly, what am I missing here? Is it just the fact that it might have to share with other clients?

[trevelyn]

have you seen muts' new project yet? http://www.offensive-security.com/wpa-tables/

[notlist3d]

have you seen muts' new project yet? http://www.offensive-security.com/wpa-tables/

Do you know if he has the "49 Million WPA optimised password dictionary file" up were you can download it or the tables? Im just seeing tables.

[rbcp]

Why is it so freaking hard to do wireless security right? Why can't we just sign x.509 certs and be done with it?

Srsly, what am I missing here? Is it just the fact that it might have to share with other clients?

Has any company ever managed to keep anything secure?  DVDs were cracked, Bluray was cracked, HD DVD was cracked.  People are constantly cracking Satellite TVs, Wiis and Xboxes and remotely hacking into every system imaginable.  You'd think in 2009 (just 6 years until we'll have flying cars and free energy) that it wouldn't be so hard to keep everything locked down, but nothing has ever been secure.  We're doing it wrong.

[handl3r]

Why is it so freaking hard to do wireless security right? Why can't we just sign x.509 certs and be done with it?

Srsly, what am I missing here? Is it just the fact that it might have to share with other clients?

Has any company ever managed to keep anything secure?  DVDs were cracked, Bluray was cracked, HD DVD was cracked.  People are constantly cracking Satellite TVs, Wiis and Xboxes and remotely hacking into every system imaginable.  You'd think in 2009 (just 6 years until we'll have flying cars and free energy) that it wouldn't be so hard to keep everything locked down, but nothing has ever been secure.  We're doing it wrong.

Making things work doesn't make money.

[RushPwnsX]

1 second

YOU LIAR!!!
It took you
t>1.717878s

[trevelyn]

he told me at shmoo that he was seeding 50GB worth of tables for 150 of the most popular ESSID's.. not sure if thats what you mean or not, so far the one i got worked great, once again, in seconds.

[flamoot]

It took four hours to break back into my hotspot on Friday (~20 packets/second). Someone added a password to my hotspot (WEP). I noticed you didn't have to use aireplay. Normally with aireplay-ng I can get 300 packets a second but I couldn't get an association attempt to stick. You have to generate a .xor stream with a chopchop attack (-4) then specify it as an argument (-y) to a replay attack (-3). This wouldn't work on my hotspot on Friday so it took four hours ,_,

[trevelyn]

what?

If you can't get an "authentication to stick" (if it says "Got a Deauthentication Packet!") or whatever, try aireplay-ng with the following arguments:

-1 6000 -o 1 -q 10

here is an example:

aireplay-ng -1 6000 -o 1 -q 10 -a 00:11:22:33:44:55 -h 00:11:22:33:44:55 <dev>

It will then send keep alive packets so you can open another window for the ARP injection.

[flamoot]

Oh! I tried a couple of things like that, leaving it in the background while I tried to replay etc. I am talking about attack -1 yes