Penetration Testing mailing list archives

Re: Rainbowtables for WPA PSK?

From: "Fabien Degouet" <fdegouet () conthackto com mx>
Date: Tue, 20 Dec 2005 23:49:58 -0600

Hi,

AFAIK the hashes used during the authentication are salted with the SSID...

It means that building rainbow-like tables would be made SSID-based..It
sounds almost impossible.

fabien

----- Original Message ----- 
From: "Jeroen" <jeroen () isvet nl>
To: <pen-test () securityfocus com>
Sent: Tuesday, December 20, 2005 2:58 PM
Subject: Rainbowtables for WPA PSK?

Without studying the ins and outs, I think it should be possible to

generate

rainbowtables for WPA PSKs. Especially since on-the-fly cracking takes

quite

some time per crypt and most users use a alphanumeric characterset for the
pass. It my assumption right? Anyone already working on this subject?

Please

let me know!

Gz,
Jeroen



--------------------------------------------------------------------------

----

Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers

are

futile against web application hacking. Check your website for

vulnerabilities

to SQL injection, Cross site scripting and other web attacks before

hackers do!

Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
--------------------------------------------------------------------------

-----



------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: 

Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are 
futile against web application hacking. Check your website for vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers do! 
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

Current thread:

Rainbowtables for WPA PSK? Jeroen (Dec 20)
- RE: Rainbowtables for WPA PSK? Rocky (Dec 21)
  - Free Wi-Foo Book Giveaway Seth Fogie (Dec 23)
- Re: Rainbowtables for WPA PSK? Marlon Jabbur (Dec 21)
- Re: Rainbowtables for WPA PSK? Fabien Degouet (Dec 21)
- <Possible follow-ups>
- RE: Rainbowtables for WPA PSK? Meidinger Chris (Dec 21)
  - Re: Rainbowtables for WPA PSK? Seth Fogie (Dec 22)
  - Re: Rainbowtables for WPA PSK? Joshua Wright (Dec 23)