WPA password cracking
- Duration: Feb - Apr 2012
- Languages used: C (for Nvidia CUDA programming)
- Platform: Amazon EC2 GPU instances
Brief
We designed and implemented a WPA password cracking tool, as part of our systems security course project, using inexpensive GPU compute power on the cloud. Our tool can crack 8 digit passwords in less than 2 hours, at a cost of less than $2.
Background
WPA is a widely used security protocol to protect wireless communications. Attackers have been working for years to try to crack WPA passwords, however there is no known algorithm vulnerability that can be exploited. Brute force/dictionary attack is considered to be the only available attack.
Experience gained
GPU programming using Nvidia CUDA, working with Amazon EC2 GPU clusters
Details
We designed and implemented a distributed WPA cracking system that can be easily scaled up, to exploit the GPU computation power on the cloud to greatly accelerate the WPA password cracking process. The system uses multiple Amazon EC2 GPU clusters. We believe that due to the efficiency of this attacking system, WPA users are strongly advised to use stronger passwords. Countermeasures to this attack remain an open topic.
Our tool first sniffs for a particular packet in the WPA handshake that contains computational results based on the WiFi password. Then, depending on the password search space and maximum cost specified, it launches an appropriate number of Amazon EC2 GPU instances to work on cracking the password. It utilizes both CPU and GPU compute power. On success, the cracked WiFi password is displayed.
Downloads
For obvious reasons, we did not release the source code of our tool to the public. However, you can read the more detailed report below.