Boston Linux & UNIX was originally founded in 1994 as part of The Boston Computer Society. We meet on the third Wednesday of each month, online, via Jitsi Meet.

BLU Discuss list archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Discuss] comcast wifi question



On 11/8/2014 5:29 PM, Edward Ned Harvey (blu) wrote:
> If you don't have the password to some network, the key is derived
> using pbkdf2 with 4096 iterations.  This means a single cpu core can
> guess around 36 guesses per second.

Pyrit w/ coWPAtty on a dual RADEON HD 69xx series can exhaustively 
search 1-6 character PSK in a hair over 3 days:
http://www.tomshardware.com/reviews/wireless-security-hack,2981-8.html
That's substantially faster than coWPAtty's author's 45-60 passwords per 
second on a 2005 vintage Intel box.

There are also several precomputed SSID/PSK tables available to 
accelerate the process:
http://www.renderlab.net/projects/WPA-tables/

Keep in mind that these are exhaustive searches. A more sophisticated 
attack against TKIP can compromise session keys in a matter of a few 
minutes. Like the man says, attacks only get better.

-- 
Rich P.



BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!



Boston Linux & Unix / webmaster@blu.org