Author Topic: WPA cracked in 1 second at Weak-Net Labs  (Read 7883 times)

Offline grishnav

  • Junior Phone Loser
  • **
  • Posts: 23
  • 1337 13V3L: +2/-2
Re: WPA cracked in 1 second at Weak-Net Labs
« Reply #15 on: April 07, 2009, 01:59:38 PM »
Why is it so freaking hard to do wireless security right? Why can't we just sign x.509 certs and be done with it?

Srsly, what am I missing here? Is it just the fact that it might have to share with other clients?

Offline trevelyn

  • Administrator
  • Elite Cactus Squad
  • Ninja Phone Loser
  • *****
  • Posts: 1687
  • 1337 13V3L: +183/-22
  • He likes cans and taking pictures in cans!
    • WeakNet Labs
Re: WPA cracked in 1 second at Weak-Net Labs
« Reply #16 on: April 13, 2009, 05:10:40 AM »
have you seen muts' new project yet? http://www.offensive-security.com/wpa-tables/

Offline notlist3d

  • Junior Phone Loser
  • **
  • Posts: 22
  • 1337 13V3L: +0/-0
Re: WPA cracked in 1 second at Weak-Net Labs
« Reply #17 on: April 13, 2009, 09:38:39 AM »
have you seen muts' new project yet? http://www.offensive-security.com/wpa-tables/

Do you know if he has the "49 Million WPA optimised password dictionary file" up were you can download it or the tables? Im just seeing tables.
« Last Edit: April 13, 2009, 09:44:17 AM by notlist3d »

Offline rbcp

  • Head Custodian
  • Administrator
  • Ninja Phone Loser
  • *****
  • Posts: 5259
  • 1337 13V3L: +454/-81
  • I'm not stupid! I'm not stupid! Hematology!
    • Homepage
Re: WPA cracked in 1 second at Weak-Net Labs
« Reply #18 on: April 13, 2009, 09:57:03 AM »
Why is it so freaking hard to do wireless security right? Why can't we just sign x.509 certs and be done with it?

Srsly, what am I missing here? Is it just the fact that it might have to share with other clients?

Has any company ever managed to keep anything secure?  DVDs were cracked, Bluray was cracked, HD DVD was cracked.  People are constantly cracking Satellite TVs, Wiis and Xboxes and remotely hacking into every system imaginable.  You'd think in 2009 (just 6 years until we'll have flying cars and free energy) that it wouldn't be so hard to keep everything locked down, but nothing has ever been secure.  We're doing it wrong.

Offline handl3r

  • Elite Cactus Squad
  • Cactus Zombie
  • *****
  • Posts: 385
  • 1337 13V3L: +53/-11
Re: WPA cracked in 1 second at Weak-Net Labs
« Reply #19 on: April 13, 2009, 12:41:20 PM »
Why is it so freaking hard to do wireless security right? Why can't we just sign x.509 certs and be done with it?

Srsly, what am I missing here? Is it just the fact that it might have to share with other clients?

Has any company ever managed to keep anything secure?  DVDs were cracked, Bluray was cracked, HD DVD was cracked.  People are constantly cracking Satellite TVs, Wiis and Xboxes and remotely hacking into every system imaginable.  You'd think in 2009 (just 6 years until we'll have flying cars and free energy) that it wouldn't be so hard to keep everything locked down, but nothing has ever been secure.  We're doing it wrong.
Making things work doesn't make money.

Offline RushPwnsX

  • Shitty Bassist
  • PLA South American Ambassador
  • *****
  • Posts: 505
  • 1337 13V3L: +18/-31
  • 1337 13V3L: +9999/-1
Re: WPA cracked in 1 second at Weak-Net Labs
« Reply #20 on: April 13, 2009, 05:39:41 PM »
1 second
YOU LIAR!!!
It took you
t>1.717878s
Atonal apples.

Offline trevelyn

  • Administrator
  • Elite Cactus Squad
  • Ninja Phone Loser
  • *****
  • Posts: 1687
  • 1337 13V3L: +183/-22
  • He likes cans and taking pictures in cans!
    • WeakNet Labs
Re: WPA cracked in 1 second at Weak-Net Labs
« Reply #21 on: April 14, 2009, 01:59:32 PM »
he told me at shmoo that he was seeding 50GB worth of tables for 150 of the most popular ESSID's.. not sure if thats what you mean or not, so far the one i got worked great, once again, in seconds.

Offline flamoot

  • brilliant
  • Senior Phone Loser
  • **
  • Posts: 51
  • 1337 13V3L: +0/-11
    • flamooting
Re: WPA cracked in 1 second at Weak-Net Labs
« Reply #22 on: April 30, 2009, 05:43:53 AM »
It took four hours to break back into my hotspot on Friday (~20 packets/second). Someone added a password to my hotspot (WEP). I noticed you didn't have to use aireplay. Normally with aireplay-ng I can get 300 packets a second but I couldn't get an association attempt to stick. You have to generate a .xor stream with a chopchop attack (-4) then specify it as an argument (-y) to a replay attack (-3). This wouldn't work on my hotspot on Friday so it took four hours ,_,

Offline trevelyn

  • Administrator
  • Elite Cactus Squad
  • Ninja Phone Loser
  • *****
  • Posts: 1687
  • 1337 13V3L: +183/-22
  • He likes cans and taking pictures in cans!
    • WeakNet Labs
Re: WPA cracked in 1 second at Weak-Net Labs
« Reply #23 on: April 30, 2009, 11:51:30 AM »
what?

If you can't get an "authentication to stick" (if it says "Got a Deauthentication Packet!") or whatever, try aireplay-ng with the following arguments:

-1 6000 -o 1 -q 10

here is an example:

aireplay-ng -1 6000 -o 1 -q 10 -a 00:11:22:33:44:55 -h 00:11:22:33:44:55 <dev>

It will then send keep alive packets so you can open another window for the ARP injection.

Offline flamoot

  • brilliant
  • Senior Phone Loser
  • **
  • Posts: 51
  • 1337 13V3L: +0/-11
    • flamooting
Re: WPA cracked in 1 second at Weak-Net Labs
« Reply #24 on: May 01, 2009, 05:17:27 AM »
Oh! I tried a couple of things like that, leaving it in the background while I tried to replay etc. I am talking about attack -1 yes