How to crack a shitty Wifi password

Originally published at: http://boingboing.net/2017/08/11/dictionary-attacks.html

It is not this easy, I have tried. I even consulted with a friend of mine who built a fire breathing 8 gpu cracking box for this purpose (for a defense contractor friend).

Why is it not this easy? Because not every wireless card has a driver capable of the necessary packet injection.

How can you tell if your card is capable? You just have to try it and see. There is no way of knowing beforehand. Similar is true of other attacks - - it is a crapshoot of whether the driver works or not.

This is why guys that are into wireless hacking have piles of wireless adapters. Because even the experts have to play roulette before they get it right.

The alternative is to just let your box run capturing packets until it says it captured an Auth packet.

4 Likes

Oh yeah, and definitely change your WiFi password from the default that your manufacturer or ISP sets. They can tell the manufacturer from the MAC address, and intuit the complexity based on ISP or manufacturer docs.

The ISP in the Raleigh area I was on uses a default password that can be intuited based off the router model and MAC address: both of which are broadcast by default. AT&T is better, but you can still glean the default length and charset used from just the MAC address.

3 Likes

This is all predicated by the idea you are willing to wait 45min to 3 days to log into a wireless network.

5 Likes

Right. And someone up to no good (most commonly someone too cheap to pay for Internet in their new apartment) would indeed be willing.

3 Likes

Right, but when I typically need to access wifi and there isn’t any free – I’m unwilling to spend 15min “hacking” to get it. There is a Starbucks closer.

4 Likes

You’re not wrong. Like I say, it takes even longer than this guy suggests even for expert level hackers. They’ve invested hundreds (or thousands) in hardware and likely dozens of hours perfecting their setup (possibly even patching drivers). Presuming a well-crafted laptop setup (with beefy CPU and large battery) you could feasibly casually crack WPA2 in the aforementioned 45 minutes to 3 days. But… Chances are you are not one of those people. I really only know 1 of those people, and he does it for a living and wrote a book on it (which I won’t link, because he’s kind of a D-bag).

3 Likes

Coincidentally, I feel like d-bags are probably the only ones willing to invest so much time into such a useless process as this for such a small reward, just to satisfy their pride

4 Likes

I think you have the wrong use case. It’s for torrenting using your neighbor’s wifi. You crack it once and then do your dirty work on their connection. You don’t really want your Bing searches for clown porn tied to your IP, do you?

5 Likes

His reward was not small. He didn’t make much money off his book (despite being a pretty definitive book on the topic), but his notoriety from that did command a high price as a contractor for the couple of TLA’s he worked for.

As they say, “pride cometh before the fall”. Last I heard, he was no longer employed as a government contractor on account of having gotten too big for his britches.

I just mean anybody using this method to break into WiFi when there’s probably free WiFi somewhere very closeby. More a statement to yourself than anything else, clown porn aside.

1 Like

The lovely thing about wifi security is that unlike your bank*, you can use just about any password, including really long passwords. So get thee a nice long passphrase, and stop worrying. (My wifi passphrase is mixed case, includes numbers, symbols, and spaces, and is over 20 characters long. Because it’s a passphrase, I am able to memorize it. It’s annoying to type in, but I only have to do that a few times a year).

*We have a Bank of Montreal credit card. The password for online banking there must be exactly 6 characters long, no more, no less, because something, compatibility with telephone banking systems from the 90s something reasons.

I know of one family who have used this technique to get internet access because they can’t afford the twenty bucks a month for a connection of their own. So you’re probably mostly right, but not totally.

1 Like

Back in the day (before laws against it), I spent weeks cracking a password on the school board’s HP2000 on 300 baud dial-up. (Computer security didn’t expect that the other guy had a computer too back then.)

Still, if it was just Internet access needed, why bother?

I didn’t take that into account, that’s a good point. Reminds me of this xkcd.

This topic was automatically closed after 5 days. New replies are no longer allowed.