+- hashcat Forum (https://hashcat.net/forum)
+-- Forum: Deprecated; Previous versions (https://hashcat.net/forum/forum-29.html)
+--- Forum: General Help (https://hashcat.net/forum/forum-8.html)
+--- Thread: Brute forcing 5-12 character WPA in practice ? (/thread-2997.html)
Pages:
1
2
RE: Brute forcing 5-12 character WPA in practice ? - epixoip - 01-09-2014
impossible to have a 5 character WPA password, minimum length for that algorithm is 8 characters.
8x R9 290X will take an average of 2.66 years to brute force an 8-character alphanumeric password (no special characters), and over 5 years to exhaust the whole keyspace. so as you can see, brute force is largely not possible with WPA.
RE: Brute forcing 5-12 character WPA in practice ? - zeroprobe - 01-09-2014
Most default passwords are not alphanumeric and in my experience, 90% of passwords given out by the ISP's are never changed by the user. You need to research what each ISP uses.
Most ISP's use
8 characters lower
8 characters upper
8 characters HEX
10 characters HEX
10 characters digits
I've had success with all of the above in reasonable timeframes. Below is a very good site for calculating time taken, just input your custom keys per second and calculate.
http://calc.opensecurityresearch.com/
Example:
4x 290X's at 200k/s would crack 8 characters lower OR upper in 3 days max. 1.5 days average.
RE: Brute forcing 5-12 character WPA in practice ? - epixoip - 01-09-2014
the notion of an ISP handing out a wifi router is rather foreign to me. is this mostly practiced in Europe? the only ISP i know that does this in the US is AT&T, with their DSL gateways which have built-in wifi. well i guess mobile hotspots also have generated numeric passwords as well. anyway, 99.9999% of the access points i encounter are purchased by their owners who have created their own passwords for these devices. but i suppose ymmv.
RE: Brute forcing 5-12 character WPA in practice ? - zeroprobe - 01-09-2014
(01-09-2014, 03:07 PM)epixoip Wrote: the notion of an ISP handing out a wifi router is rather foreign to me. is this mostly practiced in Europe? the only ISP i know that does this in the US is AT&T, with their DSL gateways which have built-in wifi. well i guess mobile hotspots also have generated numeric passwords as well. anyway, 99.9999% of the access points i encounter are purchased by their owners who have created their own passwords for these devices. but i suppose ymmv.
Wasn't aware of that.
With the UK at least, ISP's dish out routers with pre set keys.
RE: Brute forcing 5-12 character WPA in practice ? - futant - 01-10-2014
Another newb question:
Is there any performance advantage (or even possible) to run oclHashcat on a Macbook pro that has an nvidia chipset as opposed to running hashcat on the cpu? In any operating system, I have osx mavericks, backtrack and win7 on this machine.
RE: Brute forcing 5-12 character WPA in practice ? - futant - 01-10-2014
Scratch that last question. Until I get a mutli-GPU box purchased, I'm running hashcat on a supermicro server. Unfortunately it is in an ESXi server so I put a Linux virtual machine on it, and gave it access to all 8 cores on the machine.
Currently running a dictionary attack and I'm seeing the overall server pegged hard on CPU.
Input.Mode: Dict (rockyou.txt)
Index.....: 4/5 (segment), 3488132 (words), 33550343 (bytes)
Recovered.: 0/1 hashes, 0/1 salts
Speed/sec.: 5.60k plains, 5.60k words
Progress..: 2986168/3488132 (85.61%)
Running...: 00:00:08:53
Estimated.: 00:00:01:29
I'm curious, is this speed very slow ?
RE: Brute forcing 5-12 character WPA in practice ? - zeroprobe - 01-10-2014
Yes it is, cracking using CPU's is very slow and not worth doing.
I get 420K / sec with two 7970's and a 7850.
RE: Brute forcing 5-12 character WPA in practice ? - epixoip - 01-10-2014
(01-10-2014, 10:20 AM)futant Wrote: I'm curious, is this speed very slow ?
it is horrendously slow.