Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

GPU Hacking Wireless!!!

  • 26-01-2009 3:13pm
    #1
    jakedixon2004
    Registered Users, Registered Users 2 Posts: 495 ✭✭


    With the technological advances that have recently been made in the market of computer graphics, current graphics processing units can now be used for something other than powering computer systems designed for gaming applications. It appears that, thanks to a relatively new piece of software, GPUs can be used to crack wireless access points that are secured with WPA or WPA2 passwords. According to the latest info, general purpose computing enabled by GPUs caused some major security issues lately, as they have been used to brute force passwords in record time.

    The application in question is developed by Elcomsoft, which is also famous for its “Advanced eBook Processor” software. The company claims that its app is capable of tapping the unexploited power of the GPU to crack a WPA/WPA2-PSK-enabled password.

    According to Elcomsoft, a Radeon HD 4870 graphics card can be used to try almost 16,000 passwords per second, using an “advanced dictionary attack,” which basically transforms entries from a master wordlist. A higher-performance solution, such as NVIDIA's Tesla S1070 GP-GPU, can raise the number of passwords per second to an impressive 52,000. In comparison, a 65nm-based Intel Core 2 Quad Q6600 processor is only capable of trying 1,100 p/sec.

    Elcomsoft's application is known as the “Elcomsoft Wireless Security Auditor,” which the company claims to be designed for network administrators and IT specialists, trying to find problems with the internal security of the network they are managing.

    The application itself isn't new on the market, but it is claimed to be one of the most efficient solutions available. In order to work, the Wireless Security Auditor requires a tcpdump-formatted communications dump with at least one handshake packet. According to the company, all the processing is done off-line and is completely transparent to the targeted network.

    Price-wise, the Wireless Security Auditor is worth $1199; however, until March 1, 2009, the application can be purchased for “just” $599.99.


Comments

  • #2
    ironclaw
    Registered Users, Registered Users 2 Posts: 8,004 ✭✭✭ironclaw


    I'll take two. I wonder does it include the RainBow Tables though?


  • #3
    mick.fr
    Closed Accounts Posts: 1,974 ✭✭✭mick.fr


    Pretty useless information, no offense meant to you, it is towards this product really.

    This product made lots of noise when it came out, it offers some advantages compared to Intel hacking platform, but this is far to be for Joe Blog at home.

    Do you realize that to achieve 50.000 passwords per second you need to spend over 10.000 euros in hardware?

    Also it would take about 3 months to crack a 8 digits WPA password using a GTX280 card.

    This product using those GPU procs will improve roughly by 100 times the time necessary to crack down a password. Knowing that a 60 digits password using alpha numeric values will take hundred of years still if not more. Especially with Michael...

    And in companies, WPA should be implemented with a mandatory Radius/Certificate server, so even if you find the WPA key, you will not be able to get in without Radius authentication.

    Those GPU would be a very powerful machine if clustered though...Could be used for astronomy etc.


  • #4
    jakedixon2004
    Registered Users, Registered Users 2 Posts: 495 ✭✭jakedixon2004


    Well , while what you are saying is correct , the ATI 4870 is proven to be the fastest at cracking WPA. Imagine two of them in crossfire.They would make bits of any 8 bit password. And as for the certificate server , most companies dont even have security on their networks , nevermind something as tight as that.


  • #5
    Martyr
    Closed Accounts Posts: 1,567 ✭✭✭Martyr


    mick.fr wrote:
    Do you realize that to achieve 50.000 passwords per second you need to spend over 10.000 euros in hardware?

    Also it would take about 3 months to crack a 8 digits WPA password using a GTX280 card.

    dictionary attack would be more successful than brute force..unless somebody finds a weakness in SHA-1

    This product, like alot of elcomsoft's press-releases generated alot of hype.

    Maybe whats needed is an attack against the wireless implementation? rather than the crypto used?

    some fuzzing input on radius network might give interesting results? :)

    Freeradius now supports basic fuzzing..might be worth a look?

    btw, apart from the piratebay links to this product, there are some opensource projects
    pyrit
    lavernasbrute

    no idea if either are any good or whether some other projects exist, but its some source to play with.


Advertisement