WPA Cracked

Yesterday’s story about wired and wireless network security, and policy-based networking (sort of) was really just preparation for WiFi Net News’ WPA Cracking story. Glenn Fleishman’s lead is quite direct, “we warned you: short WPA passphrases could be cracked — and now the software exists.”

He explains further:

a weakness in shorter and dictionary-word-based passphrases used with Wi-Fi Protected Access render those passphrases capable of being cracked. The WPA Cracker tool is somewhat primitive, requiring that you enter the appropriate data retrieved via a packet sniffer like Ethereal. Once entered, it runs the cracking algorithms.

Remember that to crack WEP, an attacker has to gather many packets, possibly millions, but can then easily crack any key. For WPA, certain shorter or dictionary-based keys are highly crackable because an attacker can monitor a short transaction or force that transaction to occur and then perform the crack far away from the physical site.

What are the solutions?

  • Choose a better passphrase

    Pick passphrases that aren’t entirely comprised of dictionary words…. “My dog has fleas”: very bad. “Mdasf;lkjadfklja;dfja;dfja;d”: very good, but hard to type in. Passphrases should be at least 20 characters.

  • Use randomness to choose a passphrase
  • Use WPA Enterprise or 802.1X + WPA

Or, as is my usual answer to all matters of wired and wireless network security: use good application layer security. Use SSH, SSH tunnelling, SSL, HTTPS, and anything else to make sure your passwords and other sensitive data never travel in the clear on any part of the network.

287 thoughts on “WPA Cracked

  1. Are u guys fukking lame ?

    U gonna upload a VB program to ya router ? LoLz.

    try “google” u dumb asses

    PS. hope a spam harvester gathers all ya email addresses & sends u all summat nice 😀


  2. hie

    just copy and paste this into the network key box

    it is a 64 random hexadecimal characters (0-9 and A-F):

    you see it works because Every one is completely random (maximum entropy) without any pattern, and the cryptographically-strong pseudo random number generator we use guarantees that no similar strings will ever be produced again.

    reply if it works,

  3. Pingback: Basement Blog » Blog Archive » Ubuntu and other Linux-Notes

  4. wow ppl asking for bs programs idiots much lol
    its nothing nd if the user even gives you this so called wep shit its fake its probly a virus that will cripple your systems and do you notice no 1 is responding 2 say that it works

  5. Pingback: Basement Blog » Blog Archive » Ubuntu and Linux related Links

  6. For all you people wondering what program needs to be used and stuff. Just look on youtube and you’ll find a tutorial on WPA cracking. Then, just download Aircrack and Commview.

  7. hahahaha! ohhhhh… this is hilarious.. i hope before ppl post “send me the bs program” they read this, because everyone here that i have an e-mail address will get a fun little supprise….hehehe…. here’s to the fun *COUGH* zero virus *COUGH* *COUGH*…. don’t believe me? it exists…kills sector 0 of your hard drive.. the sector that contains the serial number and (very primitive) firmware……and the motherboard…. you’ve been warned….

  8. hahahhaa,,,,
    Stupid !
    Do you think VB would have the tricks ?
    VB even can’t access the memory !
    Maybe the lamer has just got first tutor in VB and started feel big head !
    IDIOT !
    But then, people who post their e-mail gonna be more fool !

  9. dear

    am achutty from kerala,

    can u plz send me the cracking program….

    bcz my dad didnt allow to use net ……

    how can i hack wap key….

  10. I can’t believe the comments on here – its like The Daily WTF “plz send me the codez” meme – they’re pretty hilarious in a depressing sort of way. the way that they keep posting even though several posters have carefully explained why there isn’t , and can never be, a universal VB router hacking program

  11. please send me the codew about wpa or the grogram because a friend say to me that there isn’t….and i want to crack his password…thanks

  12. so basicly there isnt a wep cracker that works with xp !!!
    and if you want a few clicks wifi crack then forget it

  13. hey guyz,
    plz send me the wpa hacking program so i can also access the wireless neworks around me
    thanks dude

Comments are closed.