Re: WPA-PSK audit

From: Jon Uriona (jurionamendi@yahoo.es)
Date: Fri Jan 11 2008 - 05:20:46 EST


Hi all,

There is one point to add to what you said, and is that once the
attacker gets the authentication frames between the client and the AP
the brute force attack is done off-line... That is, all the time in the
world to crack...

Jon

Matthew Leeds escribió:
> While one can Goole on 'crack WPA-PSK' and get lots of hits, and find many who assert that WPA-PSK can be cracked, it appears that the only real risk is a dictionary attack on the passphrase. While it's clear that a passphrase such as - password - would not be wise, and equally many suggest using something like - awgtp'wegu]-wep
> bvpoqwt-qejgqapatjqqw-82wg][#$%UHW#&^#226w62@$T -, there is most likely a middle ground that would allow the use of a human memorizable phrase that is unlikely to be found in a dictionary list. I'd be interested in hearing from the list on the use of passphrases such as - Myfriendwants2havedinnerat42nighT - as it seems unlikely that a dictionary file would have arbitary combinations of words and numbers; but as I have little experience with either building or using such dictionary files I would like to hear from those who do.
>
> I'd also like more information on where operating systems store a WPA-PSK passphrase and in what form they do so. While I'd normally take the position that once someone has gained access to the filesystem of a computer it's game over, in the case of a wireless network where one is trusting others (guests on a home network for example) there is a level of risk that they don't secure their system to the level one would hope for. A regular schedule of changing the passphrase would help to lower the risk in this case (fairly low anyway), but I'm always interested in more info.
>
> ----------
> ---Matthew
> *********** REPLY SEPARATOR ***********
>
> On 1/4/2008 at 12:38 PM kevin horvath wrote:
>
>> various tools can be used to attack wpa-psk such as aircrack-ng,
>> cowpatty, and Cain & Abel. All of these tools use a dictionary attack
>> as Josh mentioned using the SSID as sort of a salt. The ability to
>> crack it depends upon your dictionary list and the strength of
>> passphrase itself. The time it takes to crack the psk (if you do have
>> it in dictionary) depends on your computing resources and where it is
>> in your dictionary file. To help speed this up you can use cowpatty
>> and the pre hashed files from the church of wifi or generate your own
>> off your own dictionary file. You will have to do the latter if the
>> SSID you are auditing is not in the top 1000 ssids from wiggle anyways
>> (as that is what was used to precompute the churche of wifis prehashed
>> files). One alternative to this is using Cain&Abel to do a brute
>> force attack but this can take anywhere from a few hours to a few
>> years (your mileage may vary).
>>
>> As Josh mentioned if an enterprise uses wpa-psk then that is a finding
>> in itself since it is a shared key. On assessments I like to watch
>> for probing clients to see if they are looking for default ssids and
>> then turn my ubiquiti card (or real ap) into ap mode with the default
>> ssid they are probing for and wait for them to connect to me (which
>> the wireless zero in windows does automatically). I then have a peer
>> to peer connection to then and then try to hack the laptop itself.
>> Once I can do that I can pull any wpa-keys or wep keys for any aps
>> they have in there preferred list. With that said I dont even need to
>> crack wpa itself just find an alternative way of getting the PMK.
>> This is also a good way of attacking wpa(2) enterprise as you can
>> steal client certificates and such this way.
>>
>> Kevin
>>
>> On Dec 28, 2007 9:05 PM, Joshua Wright <jwright@hasborg.com> wrote:
>>>>> I'd like to know of any existing tools designed to test the WPA-PSK
>>>>> security mode. I know it's more secure than wep with TKIP and so on but
>>>>> I wonder if there are any tools that are able to crack the WPA key
>>>>> within a reasonable time limit - 2-3 hours? Any ideas and suggestions
>>> on
>>>>> WPA security will be appreciated.
> I think it is unlikely that dictionary attacks will be effective against
> WPA/WPA2-PSK networks, as long as the passphrase is reasonable and not a
> dictionary word. That said, WPA/WPA2-PSK is not a suitable
> authentication mechanism for enterprise networks. Since the PSK is
> shared among all stations on the wireless network, every user with a
> workstation that has the PSK could conceivably know the PSK and share it
> with anyone else. Further, a stolen device could disclose the PSK for
> the network, compromising all later data exchanges.
>
> -Josh
>>>
>>>
------------------------------------------------------------------------
This list is sponsored by: Cenzic
>>>
Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!
>>>
http://www.cenzic.com/downloads
------------------------------------------------------------------------
>>>
>>>
>> ------------------------------------------------------------------------
>> This list is sponsored by: Cenzic
>>
>> Need to secure your web apps NOW?
>> Cenzic finds more, "real" vulnerabilities fast.
>> Click to try it, buy it or download a solution FREE today!
>>
>> http://www.cenzic.com/downloads
>> ------------------------------------------------------------------------

> ------------------------------------------------------------------------
> This list is sponsored by: Cenzic

> Need to secure your web apps NOW?
> Cenzic finds more, "real" vulnerabilities fast.
> Click to try it, buy it or download a solution FREE today!

> http://www.cenzic.com/downloads
> ------------------------------------------------------------------------

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:58:19 EDT