jzman Posted June 17, 2009 Share Posted June 17, 2009 If there was a CUDA app to generate WPA2-PSK keys from keywords, and someone had 4 2TB HD's in RAID1 (it would suck if you lost a week of generation and almost 3 weeks of mapping/indexing the keys in order), so 4TB total storage, use john the ripper to generate the keywords, and at 10MB per a sec of generation, you would be done within a week. And then you have to put the keys in order by the WPA key, which will take maybe 1 to 3 weeks. Then you would have to generate a Query map of the keys that you can load into ram, to make searching much faster. Then you probably could open a web site up with google ads and a limit on how many keys an IP address can crack a day/month, and offer a paid service to up the limit. Since so many people want to crack WPA keys and a majority of people use lousy passwords/SSID's your web site would get alot of visits/hits and you would be rich with AD money. Seems like this project idea could be worth the investment to someone. Seems like the hardest part would be the CUDA app and maybe the indexing/storage app, but almost any C++ programmer can learn CUDA real fast and the storage app isnt really hard either. UPDATE : Also http://www.scmagazineuk.com/WiFi-is-no-lon...article/119294/ -and- http://forums.remote-exploit.org/bt4beta-h...rack-4beta.html Quote Link to comment Share on other sites More sharing options...
jzman Posted June 17, 2009 Author Share Posted June 17, 2009 I think darren should do a segment with the remote exploit link i posted, they say its 10 thousand times faster, and darren said with his acer aspire one he could only crack 11 keys per a second, so this is like 110,000 keys a second :D Quote Link to comment Share on other sites More sharing options...
stingwray Posted June 17, 2009 Share Posted June 17, 2009 You could run something like this on AWS very cheaply, your biggest cost would be uploading the data if you had to do it by CUDA, it may even be cheaper to use a large number of instances and hadoop for creating the table. Storage on AWS is very cheap, sadly bandwidth anywhere is not. Transferring stuff around AWS is free though. Quote Link to comment Share on other sites More sharing options...
Darren Kitchen Posted June 17, 2009 Share Posted June 17, 2009 This is awesome. I'm learning up on it now Quote Link to comment Share on other sites More sharing options...
italiano40 Posted June 17, 2009 Share Posted June 17, 2009 also a good idea is to have a company or a site that people have an app (could be written in air) that scans for SSID and the encryption and if the encryption is WPA it takes that SSID and sends them to a site and then using a dictionary it creates WPA list to crack i think that is a cool idea Quote Link to comment Share on other sites More sharing options...
SWFu Posted June 17, 2009 Share Posted June 17, 2009 pyrit http://code.google.com/p/pyrit/ Quote Link to comment Share on other sites More sharing options...
jzman Posted June 17, 2009 Author Share Posted June 17, 2009 pyrit looks nice, now we just need a clutster of i7 mobos with 3 GTX 295's each and a large SAN :) Quote Link to comment Share on other sites More sharing options...
italiano40 Posted June 18, 2009 Share Posted June 18, 2009 pyrit http://code.google.com/p/pyrit/ looks good i am going to install it Quote Link to comment Share on other sites More sharing options...
miT Posted June 18, 2009 Share Posted June 18, 2009 looks good i am going to install it Really wish my server had some nvidia cards in it :( I guess i could try this on my old gaming rig i built a couple years ago, see if it can run faster than my monster server :) The irony is, right after i learn how to pen test wireless, Hak5 seems to do a segment on it. Would of saved me a LOT of reading if i just waiting on them to release an episode about it. None the less, i got the job done on my own :) Great info guys, thanks for sharing. Quote Link to comment Share on other sites More sharing options...
Brian Sierakowski Posted June 20, 2009 Share Posted June 20, 2009 If you were going to make a site that can decode the keys, wouldn't you have to require the user to upload a packet capture? You could have them type the SSID in question, but you would need something for system to crack against... It needs to know when to stop. And I think unfortunately uploading a packet capture would dramatically reduce the amount of traffic the site would receive, because if you're technical enough to do a pcap, you can probably figure out the rest on your own :). Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.