Hash Cracking with AWS

Published on 09 March 2020

In a previous post, I showed the steps to capture a WPA handshake and crack it using Hashcat. On my tiny travel laptop I achieved 416H/s, which is…slow.

AWS offers “GPU Optimized” EC2 instances:

  • g4dn.xlarge – $0.53 per hour
  • g3s.xlarge – $0.75 per hour
  • p3.16xlarge – $24.48 per hour (that’s ~$18,000 per month!)
Read More...

Breaking Enterprise Wireless

Published on 08 March 2020

In our previous posts we discussed how WEP is completely broken, known weaknesses with WPA, and bruteforcing WPA using AWS. This time around it’s time to look at “Enterprise” Wireless security. These are networks protected with EAP – Extensible Authentication Protocol.

Read More...

Wireless Security: WPA

Published on 07 March 2020

We previously spoke about WiFi security and how utterly broken WEP is. Now it’s time to take a look at WPA and WPA2 bruteforcing. This isn’t the only weakness of these protocols – but weak keys are common.

Read More...

Wireless Security: WEP

Published on 07 March 2020

It’s well known that the WiFi security protocol WEP is broken. It’s been broken for years. However, if we’re writing a series on wireless security we should start at the beginning. Whilst it stands for Wired Equivalent Privacy, it hardly lives up to its name.

WiFi comes under the IEEE 802.11 family. WEP was part of the original standard and was quickly superseded by WPA – WiFi Protected Access.

Read More...