hashcat Forum
Brute forcing 5-12 character WPA in practice ? - Printable Version

+- hashcat Forum (https://hashcat.net/forum)
+-- Forum: Deprecated; Previous versions (https://hashcat.net/forum/forum-29.html)
+--- Forum: General Help (https://hashcat.net/forum/forum-8.html)
+--- Thread: Brute forcing 5-12 character WPA in practice ? (/thread-2997.html)

Pages: 1 2


(kindof) Newbie questions (hardware, amazon ec2 , etc?) - futant - 01-09-2014

Hi folks,

I've been tasked with setting up a system to test the strength of WPA/WPA2 passwords, and I have a budget of a few thousand dollars to build something.

A remote user will (using besside-ng for example) to grab WPA handshakes, then upload them to whatever system we build to attempt to be cracked.

I have a few basic questions about getting started.

1. Is hashcat (or oclhashcat) the best tool for the job? (cracking WPA/WPA2 handshakes).

2. Is building a desktop/server system with multiple video cards truly the best solution? As opposed to using traditional servers (like a dell rack server, as we have several of these in the datacenter that could be repurposed already).

3. Another option is running a small cluster on EC2. Does anyone do this with hashcat, is it practical?




Thanks for your time.


RE: (kindof) Newbie questions (hardware, amazon ec2 , etc?) - radix - 01-09-2014

Its the fastest, I dont know about best.

Generally yes. You could distribute work across multiple systems with a few cards but it would require quite a bit of work. Also, standard rack mount chassis will probably not have enough air flow to properly cool the cards.

You could, people have done it, but tesla instances are 2.10 an hour I think? The speed you get from that is terrible as well.


RE: (kindof) Newbie questions (hardware, amazon ec2 , etc?) - epixoip - 01-09-2014

(01-09-2014, 03:20 AM)futant Wrote: 1. Is hashcat (or oclhashcat) the best tool for the job? (cracking WPA/WPA2 handshakes).

Without question.

(01-09-2014, 03:20 AM)futant Wrote: 2. Is building a desktop/server system with multiple video cards truly the best solution? As opposed to using traditional servers (like a dell rack server, as we have several of these in the datacenter that could be repurposed already).

It is if your budget is that small. Your Dell servers cannot handle high-end GPUs. If you wanted to go the server route, you would need a specially-designed GPGPU server chassis that can handle AMD Radeon GPUs. There are only maybe four chassis out there that work really well for this.

(01-09-2014, 03:20 AM)futant Wrote: 3. Another option is running a small cluster on EC2. Does anyone do this with hashcat, is it practical?

Not a good idea. Too expensive, hardware sucks, performance sucks.


RE: (kindof) Newbie questions (hardware, amazon ec2 , etc?) - radix - 01-09-2014

first


RE: (kindof) Newbie questions (hardware, amazon ec2 , etc?) - epixoip - 01-09-2014

son of a bitch


RE: (kindof) Newbie questions (hardware, amazon ec2 , etc?) - futant - 01-09-2014

Thanks for the information guys. I have a few more questions if you don't mind.

1. What kind of machine is necessary to crack say 95% of WPA handshakes in a single day or less, if I am only cracking one at a time? Even one that has a very non-dictionary passphrase. Is this even theoretically possible? Are some WPA passphrases actually uncrackable in a practical time frame ?

2. Does anyone offer cracking on high-end hardware in some automated fashion? I used cloudcracker.com one time, but it did not crack my passphrase using a 46m word dictionary and it costed $17 for a single attempt. Is anyone else doing this, but way better/more affordable?


RE: (kindof) Newbie questions (hardware, amazon ec2 , etc?) - radix - 01-09-2014

Theres no way to estimate that because it depends on the length. If you knew the structure of each, you could get a ballpark of the maximum running time.

There have been places that have done it, but most dont stick around long as its not incredibly profitable. Also, legitimate users would probably not trust their hashes without strict NDA's. If they went the slightly more shady route and just accepted whatever, paypal accounts wouldnt stay open for long due to fraud.

That being said, you may find a PM from some people on the forum that would be willing to jump through those hoops.


Brute forcing 5-12 character WPA in practice ? - futant - 01-09-2014

I'm curious if anyone has any reasonable time estimates for actual brute force of a WPA passphrase that is between 5-12 characters and is mixalphanumeric , on any kind of hardware that is in used in practice here?

What kind of systems have been built for brute force cracking? I'm curious about specs.


RE: Brute forcing 5-12 character WPA in practice ? - radix - 01-09-2014

Dont make new posts when the conversation can clearly be carried out in the OP.


RE: Brute forcing 5-12 character WPA in practice ? - futant - 01-09-2014

Apologies- thanks for moving thread.