Re: Rainbowtables for WPA PSK?

Hi,

AFAIK the hashes used during the authentication are salted with the SSID...

It means that building rainbow-like tables would be made SSID-based..It
sounds almost impossible.

fabien

----- Original Message -----
From: "Jeroen" <jeroen@xxxxxxxx>
To: <pen-test@xxxxxxxxxxxxxxxxx>
Sent: Tuesday, December 20, 2005 2:58 PM
Subject: Rainbowtables for WPA PSK?


> Without studying the ins and outs, I think it should be possible to
generate
> rainbowtables for WPA PSKs. Especially since on-the-fly cracking takes
quite
> some time per crypt and most users use a alphanumeric characterset for the
> pass. It my assumption right? Anyone already working on this subject?
Please
> let me know!
>
> Gz,
> Jeroen
>
>
>
> --------------------------------------------------------------------------
----
> Audit your website security with Acunetix Web Vulnerability Scanner:
>
> Hackers are concentrating their efforts on attacking applications on your
> website. Up to 75% of cyber attacks are launched on shopping carts, forms,
> login pages, dynamic content etc. Firewalls, SSL and locked-down servers
are
> futile against web application hacking. Check your website for
vulnerabilities
> to SQL injection, Cross site scripting and other web attacks before
hackers do!
> Download Trial at:
>
> http://www.securityfocus.com/sponsor/pen-test_050831
> --------------------------------------------------------------------------
-----
>


------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

Relevant Pages

  • RE: 3rd party vuln assesment firms
    ... > "We use the same tools hackers bring to bear against your systems. ... >> I'm looking for a firm to conduct annual 3rd party vulnerability ... Up to 75% of cyber attacks are launched on shopping ... >> your website for vulnerabilities to SQL injection, ...
    (Pen-Test)
  • RE: Rainbowtables for WPA PSK?
    ... Subject: Rainbowtables for WPA PSK? ... Audit your website security with Acunetix Web Vulnerability Scanner: ... Hackers are concentrating their efforts on attacking applications on your ... Up to 75% of cyber attacks are launched on shopping carts, forms, ...
    (Pen-Test)
  • RE: 3rd party vuln assesment firms
    ... > "We use the same tools hackers bring to bear against your systems. ... >> I'm looking for a firm to conduct annual 3rd party vulnerability ... Up to 75% of cyber attacks are launched on shopping ... >> your website for vulnerabilities to SQL injection, ...
    (Pen-Test)
  • RE: Penetration test of 1 IP address
    ... Before I do anything very intrusive I personally go to the website ... Also remember once you have found a vulnerability, ... Hackers are concentrating their efforts on attacking applications on ... Up to 75% of cyber attacks are launched on shopping ...
    (Pen-Test)
  • Re: Whitespace in passwords
    ... input password is alphanumeric + special characters -- chances are strong ... >> Hackers are concentrating their efforts on attacking applications on ... Up to 75% of cyber attacks are launched on shopping ... >> your website for vulnerabilities to SQL injection, ...
    (Pen-Test)