Book Sky Broadband Router SR101 Weak WPA-PSK Generation Algorithm

Vulnerable to an offline dictionary attack if the WPA-PSK handshake is obtained by an attacker

  1. Mr. Penguin

    Mr. Penguin Administrator
    Staff Member VIP Admin

    Joined:
    18 May 2012
    Messages:
    3,093
    Likes Received:
    1,268
    Mr. Penguin submitted a new resource:

    Sky Broadband Router SR101 Weak WPA-PSK Generation Algorithm - Vulnerable to an offline dictionary attack if the WPA-PSK handshake is obtained by an attacker

    Read more about this resource...
     
  2. h4x0rm1k3

    h4x0rm1k3 Active Member

    Joined:
    27 May 2013
    Messages:
    19
    Likes Received:
    2
    Check out Virgin Media, 24^8 the 24 is lower case but doesn't use i or o which leaves 24 characters and with a R9 290x can be cracked in around 6 and a half days at 192,000 H/s! You could also build a dictionary for the attack too as is mentioned for SKY and BT is also vulnerable to this kind of attack now as they use 14^10, the 14 being lower case hex but doesn't use 1 or 0 so would take approx 2 weeks with my card! It's getting to that point now that WPA cracking is going to become a reality and will eventually take a day or 2 unless ISP's buck their ideas and put out their AP's with longer WPA keys!
     
  3. kevsamiga

    kevsamiga Well-Known Member
    VIP

    Joined:
    15 Sep 2013
    Messages:
    409
    Likes Received:
    126
    Running night and day though for 6.5 days at full tilt, just to crack some key (which might have been changed anyhow rendering it all a waste of time),
    is a sure fire way to destroy your components, and probably your gfx card along with it, in a smouldering heap of fire and burnt electrical smells,
    along with a few popped motherboard mosfets around the CPU socket from 6 days of constant cranking.

    Much better to hand off the work to a designated cluster once the algorithm is known, and perhaps just pay a small fee if you value your own gear because the work is intensely heavy, and the risks of burning something out is high for your own systems.
     
    • Like Like x 1
  4. h4x0rm1k3

    h4x0rm1k3 Active Member

    Joined:
    27 May 2013
    Messages:
    19
    Likes Received:
    2

    If not done correctly yes it possibly could but I wouldn't run it full pelt for 6 1/2 days non stop, i'd at least have some delays inbetween attempts! I think it would also come down to the quality of the components that you have to work with too plus the fact that if the dictionary is pre-made then it will take off some of the stress from it having to compute on the fly! You could also say the same for LTC or BTC mining too and they generally work flat out 24/7/365 so I can't see components failing that quickly to be honest although I do know (from experience) that it does happen but in my case it was due to me overclocking heavily and forgetting to drop the clocks back down which caused the card to overheat badly and crap out on me. Suffice to say now that I have watercooling and plenty of airflow in the right areas to help alleviate the heat issues and keep the card and rest of the system nice and cool! But, as I have quite a few connections to latch on to now it's not so bad as I can do a's 1 day, b's another and so on so it shouldn't stress my system out as much as it would have done in the pasty and if I notice it getting too hot I also have a macro set up so that I can pause for 5-10 mins before starting it up again so I do try and keep on the safe side now after being burnt once before! Thanks for the input though as for a lot of people it would apply and it's always better to be safe than sorry!
     

Share This Page

Loading...