Comments on: How WPA wireless networks are hacked, and how to protect yourself http://tech.blorge.com/Structure: /2009/02/07/how-wpa-wireless-networks-are-hacked-and-how-to-protect-yourself/ Technology news Sun, 22 Nov 2009 16:15:02 -0700 http://wordpress.org/?v=2.8.5 hourly 1 By: Rayver http://tech.blorge.com/Structure:/2009/02/07/how-wpa-wireless-networks-are-hacked-and-how-to-protect-yourself/comment-page-1/#comment-186973 Rayver Fri, 12 Jun 2009 13:36:41 +0000 http://tech.blorge.com/Structure: /2009/02/07/how-wpa-wireless-networks-are-hacked-and-how-to-protect-yourself/#comment-186973 i want to access to my neighbors wireless Inet but I dont know the password!!!! you can email me at rayver_cruz99@yahoo.com if you want to help me. Thanks i want to access to my neighbors wireless Inet but I dont know the password!!!!
you can email me at rayver_cruz99@yahoo.com if you want to help me. Thanks

]]> By: Chris http://tech.blorge.com/Structure:/2009/02/07/how-wpa-wireless-networks-are-hacked-and-how-to-protect-yourself/comment-page-1/#comment-171197 Chris Sat, 11 Apr 2009 07:02:00 +0000 http://tech.blorge.com/Structure: /2009/02/07/how-wpa-wireless-networks-are-hacked-and-how-to-protect-yourself/#comment-171197 Kraven's got the right idea, the keys generated at GRC are pretty decent. The problem with Ken's idea is that he's using words that will likely be in a dictionary... and if it's a damn big dictionary file (the 33GB file you refer to is pretty massive but the last project I witnessed was taking up the entirety of a 160GB WD laptop drive, bar the OS) then it's more likely to be subject to a successful attack. My advice is to go with Kraven and even if you don't use GRC's generated keys, make them as random as possible - Don't use words. Kraven’s got the right idea, the keys generated at GRC are pretty decent. The problem with Ken’s idea is that he’s using words that will likely be in a dictionary… and if it’s a damn big dictionary file (the 33GB file you refer to is pretty massive but the last project I witnessed was taking up the entirety of a 160GB WD laptop drive, bar the OS) then it’s more likely to be subject to a successful attack. My advice is to go with Kraven and even if you don’t use GRC’s generated keys, make them as random as possible – Don’t use words.

]]> By: ken http://tech.blorge.com/Structure:/2009/02/07/how-wpa-wireless-networks-are-hacked-and-how-to-protect-yourself/comment-page-1/#comment-158298 ken Mon, 09 Feb 2009 03:26:54 +0000 http://tech.blorge.com/Structure: /2009/02/07/how-wpa-wireless-networks-are-hacked-and-how-to-protect-yourself/#comment-158298 The best bet for most home users is to use a phrase or slogan, take the spaces out and capitalize the first letter of what used to be words and sprinkle a number or two. Of course they won't be reading this. The best bet for most home users is to use a phrase or slogan, take the spaces out and capitalize the first letter of what used to be words and sprinkle a number or two.
Of course they won’t be reading this.

]]> By: George Gardner http://tech.blorge.com/Structure:/2009/02/07/how-wpa-wireless-networks-are-hacked-and-how-to-protect-yourself/comment-page-1/#comment-158200 George Gardner Sun, 08 Feb 2009 13:11:40 +0000 http://tech.blorge.com/Structure: /2009/02/07/how-wpa-wireless-networks-are-hacked-and-how-to-protect-yourself/#comment-158200 I'd like to add that the use of aireplay-ng (should come in the suite) can be used to deauthenticate the client, resulting in a capture of a 4-way handshake significantly quicker. On the note of actually cracking the key, I would suggest using a rainbow table. The Church of Wifi has a nice <a href="http://www.churchofwifi.org/default.asp?PageLink=Project_Display.asp?PID=90" rel="nofollow">pre-computed hash file</a>. You could certainly find them by searching any torrent site. (they're upwards to 33 gig) Also, if you knew the name of the network you were trying to hack (and yes you do) you could start churning out your own hash file before you even obtain the 4-way handshake. Since the SSID is used as the salt of WPA, I would suggest (for security) changing the default SSID of your network (as the Church of Wifi had pre-computed hash files for the top 1000 most common SSIDs). I’d like to add that the use of aireplay-ng (should come in the suite) can be used to deauthenticate the client, resulting in a capture of a 4-way handshake significantly quicker.

On the note of actually cracking the key, I would suggest using a rainbow table. The Church of Wifi has a nice pre-computed hash file. You could certainly find them by searching any torrent site. (they’re upwards to 33 gig)

Also, if you knew the name of the network you were trying to hack (and yes you do) you could start churning out your own hash file before you even obtain the 4-way handshake.

Since the SSID is used as the salt of WPA, I would suggest (for security) changing the default SSID of your network (as the Church of Wifi had pre-computed hash files for the top 1000 most common SSIDs).

]]> By: Kraven http://tech.blorge.com/Structure:/2009/02/07/how-wpa-wireless-networks-are-hacked-and-how-to-protect-yourself/comment-page-1/#comment-158189 Kraven Sun, 08 Feb 2009 10:26:32 +0000 http://tech.blorge.com/Structure: /2009/02/07/how-wpa-wireless-networks-are-hacked-and-how-to-protect-yourself/#comment-158189 I use the below to generate WPA keys: https://www.grc.com/passwords.htm I use the below to generate WPA keys:

https://www.grc.com/passwords.htm

]]>