AlexRodriguez Posted March 21, 2012 Posted March 21, 2012 hello guys i would like to know or if someone can help me test my WPA password someone cracked my last one and they were stealing my internet but now i changed it to a better password please let me know if you were able to crack it. i captured a wpa handshake if you want to try to crack it, good luck and thank for helping me. psk-01.cap file http://www.mediafire.com/?1583f9jolpakt8e Quote
Mr-Protocol Posted March 21, 2012 Posted March 21, 2012 Disable WPS if you haven't already. Or else tools like reaver-wps just make it easy. And hopefully the person "stealing" your internet isn't a forum member here and you just gave him/her the new 4-way handshake for your new password haha. Quote
AlexRodriguez Posted March 21, 2012 Author Posted March 21, 2012 ahaha i know i hope know body here lives near me. well i wanted someone to try to crack it and if they could not that would mean it was pretty strong and if they did crack it i would just make it longer since im not good with long passwords..ahah Quote
digininja Posted March 21, 2012 Posted March 21, 2012 The current recommendation is for a key to be over 16 characters, preferably over 20. If it is then it is out of the realms of a home user to crack it. If you don't mind spending a few dollars then you could send it up to one of these services but I would personally save the cash and just set a very long PSK. https://www.wpacracker.com/ http://tools.question-defense.com/wpa-password-cracker/ Quote
Infiltrator Posted March 21, 2012 Posted March 21, 2012 If you don't want the same person to steal your WIFI internet again, just use WPA-AES and as suggested above set your WPA pass-phrase to something over 20 characters, making sure it has mix-alpha numeric with special characters (!@#$%^&*) Just because someone hacked your wireless, it doesn't mean you should give up, take the right precautions for it not to happen again. I'd also limit the number of IP addresses your router should be leasing, to someone like 3 depending on the number of devices you have in your house. By limiting the number of IP address, that intruder will not be able to connect to your wireless. Quote
digininja Posted March 21, 2012 Posted March 21, 2012 If someone is savvy enough to crack a WPA key then a limited DHCP scope won't stop them, just sniff the traffic to work out the subnet then chose an unallocated IP address. I wrote a tool ages ago that even automates it for you http://www.digininja.org/projects/find_ip.php Quote
Infiltrator Posted March 21, 2012 Posted March 21, 2012 (edited) If someone is savvy enough to crack a WPA key then a limited DHCP scope won't stop them, just sniff the traffic to work out the subnet then chose an unallocated IP address. I wrote a tool ages ago that even automates it for you http://www.digininja.org/projects/find_ip.php You are correct, but we don't know how savvy this attacker really is. He could just be a script kiddie taking advantage of someone weak. Either way, the OP should set his router encryption to WPA-AES, as there hasn't been any case or report of someone having managed to crack it. So for the time being, that attacker will have a hard time cracking the OP's wireless, due to the encryption type being used. Edited March 21, 2012 by Infiltrator Quote
digip Posted March 21, 2012 Posted March 21, 2012 If someone is savvy enough to crack a WPA key then a limited DHCP scope won't stop them, just sniff the traffic to work out the subnet then chose an unallocated IP address. I wrote a tool ages ago that even automates it for you http://www.digininja.org/projects/find_ip.php Doesn't have to be limited by DHCP alone though, it could be done through subnetting and proper subnet mask to limit available hosts on the router. Personally, I would disable DHCP in the first place on a home network and use reservations for devices that require it, like a Bluray player connected to the internet. Quote
Mr-Protocol Posted March 21, 2012 Posted March 21, 2012 Or you could setup a RADIUS server and away you go. :) Quote
redhook Posted April 6, 2012 Posted April 6, 2012 I'd also limit the number of IP addresses your router should be leasing, to someone like 3 depending on the number of devices you have in your house. By limiting the number of IP address, that intruder will not be able to connect to your wireless. Not true, that will only help prevent the DHCP server from assigning an IP address. An intruder could still set the IP/subnet/gateway/DNS manually and gain access. Quote
Infiltrator Posted April 8, 2012 Posted April 8, 2012 Not true, that will only help prevent the DHCP server from assigning an IP address. An intruder could still set the IP/subnet/gateway/DNS manually and gain access. You are right, that won't prevent an attacker from gaining access to the network, even with a dynamic or static IP address set. If the attacker is determined, there is little that could be done. He could also pose as a legit user or device on the network and then how to tell who is who, unless there are other measures/protection in place that could determine between the two. Quote
Batman Posted April 10, 2012 Posted April 10, 2012 Or you could run a program like wireshark, find the idiot who is breaking (if they are a script kiddie, this should be easy) into your router and call the police? It's illegal (I believe it is considered a felony) to break into someone's private network. Quote
Infiltrator Posted April 10, 2012 Posted April 10, 2012 Or you could run a program like wireshark, find the idiot who is breaking (if they are a script kiddie, this should be easy) into your router and call the police? It's illegal (I believe it is considered a felony) to break into someone's private network. Breaking into any one's private network without their authorization is illegal and you will be prosecuted. Quote
DREWSASTER Posted May 21, 2012 Posted May 21, 2012 Testing it now against a 20 billion passkey dictionary, will post results in a few hours. Quote
Radau Posted May 21, 2012 Posted May 21, 2012 I still personally use the old assigning words to model names technique. For example, my old router was a NetgearWNR1000v2, and one of my old passwords was: Ny373ng1N3t0gr1nd31th3r@NdW3N3v3R1o0oV@cA73. Simple: No Engine To Grind Either And We Never Vacate. Total nonsense but it was easy enough for me to remember ;p. As I think Mr-Protocol said be very sure you disable WPS, that's one of the largest router exploits out there at the moment. Aside from that keep an eye on your router logs for connections that are unauthorized, as well as changing your password every few months or so (or whenever/if they ever break in again). Good luck to you! B) Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.