For a time I was wondering how secure is my router and can someone crack my WPA2 password. There a lot of tools for WEP cracking and WPA/WPA2, WEP can be cracked really fast by using one of many tools like WEPCrack really fast. So my suggestion don’t use WEP for your wireless. WPA/WPA2 can be also easy be targets if you use default password or easy password, like “password” or other type of word with no more than five letters. So, suggestion don’t use words creating passwords in your WPA/WPA2, since it can be really easy to crack it. Needles to say that this is for wireless security auditing basic vulnerability assessment only. Using Backtrack which includes wi-fi cracking tool aircrack-ng and with some dictionary file can be done quite simple.
Basic steps for using aircrak-ng is:
- Put interface in monitor mode
- Find wireless network (protected with WPA2 and a Pre Shared Key)
- Capture all packets
- Wait until you see a client and deauthenticate the client, so the handshake can be captured
- Crack the key using a dictionary file (or via John The Ripper)
So if you use word-like password you are in danger. See picture how secure are passwords:
One more type to crack your password when packets are captured, it is to use brute-force attack, but it my take you a long time. I found site where you can calculate how long it will take brute force my password, I entered http://lastbit.com/pswcalc.asp options and it calculated that it needs more than 100 years to calculate. Since my passphrase include characters in lower case, in upper case and digits, I would suggest you use do the same.
I read that it is possible to use your GPU to speed up this process. Tool like Pyrit takes a step ahead in attacking WPA-PSK and WPA2-PSK. Study and testing has proven that crackers work faster on GPU’s.
Here some nice graph that shows how Pyrit performs on various platforms.
Also Amazon has announced “Cluster GPU Instances“, which will radically change the economics of using EC2 for password cracking and deliver the power of GPU processing in the cloud. What are the cost using cloud based GPU instance see here.
In conclusion some suggestions to secure your wi-fi:
- use WPA2 with some really ugly passsphrase
- don’t broadcast your SSID
- Specify MAC address that are allowed to connect to router, other may not.
- and other security buttons that you can find to push :)