| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <50AA6370.1000005@jakoblell.com> Date: Mon, 19 Nov 2012 17:50:56 +0100 From: Jakob Lell <jakob@...oblell.com> To: nauty.me04@...il.com CC: bugtraq <bugtraq@...urityfocus.com> Subject: Re: CVE-2012-4366: Insecure default WPA2 passphrase in multiple Belkin wireless routers Hi! On 19/11/12 17:28, nauty.me04@...il.com wrote: > Jakob whart difference would it make to use a OCLhashcat with rainbow tables for simply cracking the key? The problem with rainbow tables for WPA2-PSK is that a rainbow table can only be created for one specific network name (ESSID). The default wireless network configured by Belkin has a network name such as "Belkin.34cb". Having this additional three or four hex digits means that one had to create 4096 or 65,536 different rainbow tables with each of them containing a large percentage of the 2^32 possible keys. While this may in theory be feasible, creating the rainbow tables would require a significant amount of computation power and storage. > > Why would the hacker make such a hard attempt to crack the key. Can't this be stripped down to simple brute force Given the fact that the key can be calculated solely based on the publicly visible mac address (BSSID) of the wireless network (with some minor variations between the different router models), doing the actual brute force is not required to crack the key. Regards Jakob Lell
Powered by blists - more mailing lists