Cloud based computing can have a serious impact on the time it takes to perform calculations. We have seen join efforts in the past to use cloud computing in research. But research is not the only area that benefits from the processing power of the cloud.
WPA Cracker is an online service that offers to run a 140 million word dictionary against a WPA handshake that is submitted by the customer. The service is powered by a cluster of 400 CPUs that can perform the brute force attack in a matter of minutes compared to the days it would take otherwise.
The price of the service depends on the the utilization of the cpu cluster. Full utilization comes at $34 which will process the 135 million words in about 20 minutes. The other option is half utilization which will cost half the price but take twice as long as only half of the servers are used in the attack.
This opens up a can of worms as it is now possible to crack passwords in a very short time.
As Dante who tipped us puts it “This is especially good for free wi-fi locations. You can use this to easily set up a man-in-the-middle attack and intercept everyone’s Internet communications. Makes for a great retirement plan – there are always idiots out there who do their finances/purchases in public locations like cafes, hotels, airports, et al.)”.
The service works even for WPA2 if PSK is being used:
Actually, while WPA2 introduced CCMP mode as a replacement for the problematic TKIP, when run with authentication based on Pre-Shared Keys (PSK), it is still vulnerable to dictionary attacks. Our service works against both WPA and WPA2 when PSK is being used.
Disclaimer: Please note that it is illegal to hack someone else’s wireless network. This article merely reports about the new possibility but does not encourage the use of the service for illegal activities (although it likely will be used for that as well).
Related Articles:
IObit Cloud, Online Antivirus File AnalysisiTunes Match, US Only Cloud Synchronization Service
Windows 8 To Feature Cloud Based Online Backup
Amazon Cloud Drive, Free Online Storage
Gladinet Cloud Desktop Adds Amazon Cloud Drive Integration
Enjoyed the article?: Then sign-up for our free newsletter or RSS feed to kick off your day with the latest technology news and tips, or share the article with your friends and contacts on Facebook, Twitter or Google+ using the icons below.
Hopefully, the fools who use public networks for finances (including reading email from their banks or credit card companies) will read this and finally wake up. It is annoying to constantly hear fools chattering about how “paranoid” I am about public wi-fi’s and that I should just “relax”. But than I think of the money and credit scores lost by these fools and I feel much better.
nice post. Thanx for sharing…
…is time to throw away my 1tb harddisk with rainbow tables…
Dictionary only…. lame. Hope it fails and hope subscribers get ripped off.
why it fails…?
how lame. 400 computers, 140 mil words, 20 min. my SINGLE gtx 260 can do the same in less than 3 hours. btw, my dicitonary contains almost 400 mil WPA passphrases, which is usually insufficient.
This type of brute-force attack does not apply to WPA/WPA2-Enterprise networks, which use 802.1X authentication. Even small businesses and consumers can now easily implement this advanced security using outsourced services like AuthenticateMyWiFi (http://www.NoWiresSecurity.com).
… wow this service is handy but could be so much better.
its handy because i dont have to crack the key and have my computer be completely inactive for 4 hours.
but then again…
Im using dual 5870 ati card’s. the potential is over 100,000 kps. im using a 650 million password list crunched together witht he most acurate possible combinations, including all possible 8 digits combination (practically).
now, for these guys to ask for money and only have 135 million word.. thats a gip. yeah mabye only 20 minuts, but jeez id rather have my 4 hours of wateng and save some dollers.
if its this easy to make money online, il just chuck together 4 or 5 ,5870 cards and force 250+ thousand pmk/s. and creat a site saying all run a 1 billion word password list and have it done in under 2 hours..
you think an online service would be better then this?
(for those wondering how a graphics card can brute force or dictionary attack, look up pyrit.
and hope to god u are using ati, nvidia is shit. cal++ for the win!)
Only 135 million words? Are they having a laugh?
This amount of words could easily done within few hours using a home computer.
I think they stay way behind other similar WPA cracking services for example: www.recoverwpa.com now offers 3 billion words to test from for much lower costs.