Question about my home security vs Hashcat
#1
hey all
i have been reading up about hashcat and looking at some of the stats and have a question about WPA crunching ability via brute force.
my router is set with a password that is 10 characters long, each one a random letter. let's say for the sake of argument that they are lower case to simplify it, so if i am not mistaken, this means that there are 141167095653376 combinations to check via brute force. if i use a radeon hd 7970 and go through ~130k/s this means it should take 1085900735.7952 seconds or 12,568 days - ie. my home setup is safe, even if someone is using a pretty powerful setup? or am I missing something fundamental here...

thanks in advance Smile
#2
Random WPA passwords are near to impossible to crack, even at a length of 10 characters. But do never use the password set by the manufacturer because they almost always have some weaknesses that can be exploited!
#3
hi thanks for the quick reply. the pass was set by me, the router had no pass by default!

you say a random pass is hard to crack, but what if it were 6 characters long? am i missing something here...

26 x 26 x 26 x 26 x 26 x 26 = 308915776 combinations. 308915776 / 130000 = 2376 so only 39 mins to crack with the radeon 7970... ?
#4
correct, there would be 26^10 possible combinations to check. but, there are a few things you should keep in mind.

no one is going to attempt an exhaustive brute force a 10 character WPA key. they are going to use wordlist and rule-based attacks, or they're going to do a low-threshold markov attack. so what it comes down to is, how random is your "random password"? was it generated by a computer, or did you "randomly" select keys on a keyboard?

also, something else to think about... do you live in a densely populated area? are there lots of people looking to steal wifi where you live? do you live on a campus where there's already free internet, so no real incentive to steal wifi? keep in mind who you are trying to keep out. just something to think about.
#5
thanks for the advice, when I created the pass, i literally tapped randomly on the keys then took a 10 digit segment out, so i am pretty confident it is random. it's certainly not in any word list i am aware of. the area i am in is not that built up so i guess i am pretty safe there too, there is probably free wifi at any number of fast food places near here.

what is a low threshold markov attack?
#6
if you tapped out "randomly," then it's not random. you are not capable of doing random. you may not be able to readily identify it, but your brain picked a pattern. that pattern may be guessed by a keywalk generator.

markov attacks allow us to reduce a keyspace by trying only the most probable characters in each position, in order from most probable to least probable. think of it as an intelligent brute force. the lower the threshold you provide, the smaller the keyspace is. this model is really good at cracking human-generated passwords in a short amount of time.
#7
excellent food for thought. thank you both.