is best suited for home users who probably will not be able to setup a dedicated 802.1x
authentication mechanism using a Radius sever. Though, PSK is secure for most use cases, unfortunately it's security can be compromised if a weak passphrase is chosen. An attacker who can capture the WPA PSK handshake packets and has a dictionary of commonly used passphrases may be successful in cracking the key within a couple of hours. Recently, the process of PSK cracking was made faster by the application of FPGAs and specific rainbow tables created with commonly used SSIDs and Passphrases
. One of the early tools used for WPA PSK dictionary attack was Cowpatty.
I think the code was then merged into the then version of Aircrack-NG.
In this video the author
shows how it is possible to use airreplay-ng to launch a deauthentication attack on a connected client and capture the PSK handshake packets. Then using a dictionary of commonly used passphrases, he demonstrates how the key can be cracked using aircrack-ng in a matter of minutes.
This hack is based on a human choosing a simple passphrase. Moral of the story - you cannot secure the naive and stupid.
Tags: tools ,
Latest from the SecurityTube Blog:
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.