802.11通訊的安全警告--高效率WPA/WPA2破解軟件出籠！|OmniPeek無線數據分析技術

802.11通訊的安全警告--高效率WPA/WPA2破解軟件出籠！|OmniPeek無線數據分析技術
802.11通訊的安全警告-WPA/WPA2破解軟件出籠

最近，俄羅斯安全公司Elcomsoft發佈了一款暴力 破解軟件：Elcomsoft Distributed Password Recovery最新版，這種軟件的破解算法針對Nvidia顯卡進行了特別優化，從而是使WPA和WPA2無線密鑰破解速度提高100倍，而且軟件還允 許數千台計算機聯網進行分佈式並行計算。只要截獲有限的幾個包（tcpdump格式），Elcomsoft Distributed Password Recovery就可以對WPA/WPA2進行破解。這就意味著wpa2將不再成為牢不可破的加密方式。

簡單的wpa2密鑰可能需要幾天 或者幾個星期就可以算出來！這給802.11 加密通訊敲響了警鐘，是不是我們所有的加密算法都不能用了呢？

其實不然，對於一般的公司用 通訊技術而言，wpa和wpa2還是相當牢固的算法，即使使用Elcomsoft Distributed Password Recovery，只要密碼設置適當，是很難算出來的。如果破解者擁有幾千幾萬台配置有Nvidia顯卡的集群系統，哪可能就沒有辦法

其 實密鑰之所以成為密鑰，是因為它的破解難度在一般使用者的破解能力之上，完全不能破解那是不可能的。

不過隨著計算機硬件和破解技術的發 展，加密技術（包括無線通訊的加密技術）也應當不斷地提高算法難度，保證其安全性。

如果要進行高機密級別的802.11通訊，可以啟用 VPN，雖然這樣會造成系統性能下降（尤其是VoIP）方面，不過這可能是當前唯一的選擇。

ElcomSoft Breaks Wi-Fi Encryption Faster with GPU Acceleration ElcomSoft Co. Ltd. accelerates the recovery of WPA and WPA2 encryption used in the Wi-Fi protocol by employing the newgeneration NVIDIA video cards. ElcomSoft patent-pending GPU acceleration technology implemented in Elcomsoft Distributed Password Recovery allows using laptop, desktop or server computers equipped with supported NVIDIA video cards to break Wi-Fi encryption up to 100 times faster than by using CPU only. Moscow, Russia (PRWEB) October 9, 2008 -- ElcomSoft Co. Ltd. accelerates the recovery of WPA and WPA2 encryption used in the Wi-Fi protocol by employing the new-generation NVIDIA video cards. ElcomSoft patent-pending GPU acceleration technology implemented in Elcomsoft Distributed Password Recovery allows using laptop, desktop or server computers equipped with supported NVIDIA video cards to break Wi-Fi encryption up to 100 times faster than by using CPU only. Elcomsoft Distributed Password Recovery supports both WPA and the newer WPA2 encryption used in the majority of Wi-Fi networks, allowing breaking Wi-Fi protection quickly and efficiently with most laptop and desktop computers. The support of NVIDIA graphic accelerators increases the recovery speed by an average of 10 to 15 times when Elcomsoft Distributed Password Recovery is used on a moderate laptop with NVIDIA GeForce 8800M or 9800M series GPU, or up to 100 times when running on a desktop with two or more NVIDIA GTX 280 boards installed. Governments, forensic and corporate users will benefit from vastly increased speed of breaking Wi-Fi protection provided by Elcomsoft Distributed Password Recovery. Breaking Wi-Fi Protection with Elcomsoft Distributed Password Recovery With growing numbers of Wi-Fi networks used by businesses and individuals all over the world, security becomes utterly important. There are currently two methods of protecting Wi-Fi networks, WEP and WPA/WPA2. Unlike enterprise, RADIUS protected networks, consumer-grade WPA and WPA2 protection methods rely on passwords and encryption to protect traffic transferred between users and network access points. However, WEP, the older protection method, is no longer considered secure even for home users, as sometimes it can be broken in less than two minutes due to security flaws discovered in the algorithm. The newer WPA/WPA2 encryption is inherently more secure than WEP. The only way to break WPA and WPA2 encryption is to use a brute force attack, which involves trying all possible passwords in the hope to discover the only correct one. With billions of possible combinations, it can take years to break into a WPA/WPA2 protected network. However, WPA/WPA2 protected networks are not immune against distributed attacks performed with GPU-accelerated algorithms. With the latest version of Elcomsoft Distributed Password Recovery, it is now possible to crack WPA and WPA2 protection on Wi-Fi networks up to 100 times quicker with the use of massively parallel computational power of the newest NVIDIA chips. Elcomsoft Distributed Password Recovery only needs a few packets intercepted in order to perform the attack. The new product of ElcomSoft Co. Ltd. makes it possible to quickly perform security audit of corporate Wi-Fi networks, allowing to test network security against threats such as inappropriate WLAN security policy. Using NVIDIA Cards to Break Wi-Fi Protection Faster Today's video cards such as NVIDIA GeForce GTX280 can process hundreds of billions fixed-point calculations per second. Add as much as 1 GB of onboard video memory and up to 240 processing units, multiply it by two by using a couple of NVIDIA cards, and enter the whole new world of super-parallel computational power for just a few hundred dollars. Until recently, all the power of highly parallel, super-scalar processors in 3D graphic accelerators could only be used for gaming. ElcomSoft Co. Ltd. has invented a way to utilize the massively parallel computational power of NVIDIA gaming cards for increasing the speed of password recovery. Elcomsoft Distributed Password Recovery, its flagship password recovery tool, is able to fully utilize recent NVIDIA chips used in laptop, desktop and server computers, increasing the speed of Wi-Fi password recovery up to 100 times compared to conventional CPUs. About Elcomsoft Distributed Password Recovery: Elcomsoft Distributed Password Recovery is a high-end password recovery solution for forensic and government agencies, data and password recovery services, and corporate users. Featuring patent-pending acceleration technologies and providing massively parallel operation and linear scalability with no overhead, Elcomsoft Distributed Password Recovery offers demanding users the fastest password recovery by a huge margin. Elcomsoft Distributed Password Recovery can retrieve a variety of system passwords such as NTLM and Windows startup passwords, crack MD5 hashes, unlock password-protected documents created by Microsoft Office 97-2007, PDF files created by Adobe Acrobat, and breaks both WPA and WPA2 encryption of protected Wi-Fi networks. With numerous unique technologies, wide range of supported password recovery options and patent-pending GPU acceleration, Elcomsoft Distributed Password Recovery remains the most technologically advanced password recovery tool currently available. About ElcomSoft Co. Ltd.: Founded in 1990, ElcomSoft Co.Ltd. develops state-of-the-art computer forensics tools, provides computer forensics training and computer evidence consulting services. Since 1997, ElcomSoft has been providing products and services to businesses, law enforcement, military, and intelligence agencies. ElcomSoft products are used by most of the Fortune 500 corporations, multiple branches of the military all over the world, foreign governments, and all major accounting firms. ElcomSoft and its officers are members of the Russian Cryptology Association. ElcomSoft is a Microsoft Certified Partner, an Intel Software Partner, and Member of NVIDIA's CUDA Developer Relations Program. For more information and to download an evaluation version of Elcomsoft Distributed Password Recovery, visit ElcomSoft Co. Ltd. at wpa.elcomsoft.com

Mindflex

Mindflex
腦波控制球遊戲。

WPA / WPA2加密高速破解的真相 第5頁|IT168 安全

cWPA / WPA2加密高速破解的真相 第5頁|IT168 安全

WPA / WPA2加密高速破解的真相

責任編輯：林 洪技作者：Christopher Yang 2009-03-19

瑞星慈善義賣

【內容導航】

• 第1頁：密碼可能包含的組合內容
• 第2頁：密碼估算服務設置內容
• 第3頁：著名的「內存-時間平衡」法運算
• 第4頁：針對WPA加密Tables破解的原理

• 第5頁：Cowpatty進行WPA Tables破解
• 
  

展開全部

文本Tag： 安全策略

這種採用了類似Rainbow Tables原理，通過Pre-Compute即預運算的方式，來進行提前運算以生成WPA-PSK加密Hash，從而建立起來的WPA-PSK Hash Tables，可以如事先設想般有效地大幅度提升破解效率。一般來說，可以將以前的100~~300 key/s的普通單機破解速率，提升到30，000~~100，000 key/s，提升了近300~~1000倍!!!這才是國內外無線黑客目前使用的破解技術，就一些地下組織而言，甚至個別秉持執著、探求本質精神的黑客通 過改進優化代碼等方式使得破解速率突破了150，000k/s，而且還有提升空間。這個速度意味著什麼，如果再換置成最新的硬件配置呢?聰明的你一定明 白。
下圖6即為在cowpatty裡對獲取的WPA握手包進行WPA Table破解界面，可以看到在導入Table之後，破解速率達到了6，5228 pass/second。

圖6 在Cowpatty裡進行WPA Tables破解界面

我想，對於很多無線用戶來說，這才是真正的噩夢。古希臘哲學家蘇格拉底曾說過這麼一句話： 「認識你自己。」 ，但實際上很多時候都是黑客背地猖獗，而很多網絡及安全管理人員要麼對攻擊者的技術僅是略知皮毛，要麼就根本一無所知，而且甚至不知道自己在經過所謂安全配置後的 網絡架構，將實際面臨什麼樣的風險。
雖然說公開一些技術也許反而會引起個別心懷惡意的人注意，不過出於對無線安全理念的普及及深入理 解，幫助很多已經完成或者正在進行無線網絡規劃的軍警政機構、大中型企業及特殊部門，更清楚地認識到無線網絡的風險，從而儘可能地完善自身的不足，避免不 必要的損失，才是本書的出發點。
當然，要說明的是，Tables的建立並沒有想像的那麼容易，就建立本身而言，其效率非常低下，加上需 要指定預攻擊AP的SSID，想要建立一套針對所有常見接入點，並採用簡單密碼的WPA-PSK Hash Tables，其生成文件佔據的硬盤空間最少也要1~~3G。需要深入瞭解WPA Table的讀者，可以到這個名為The Church of Wifi的無線黑客組織瞭解更多內容，該組織官方站點為http://www.churchofwifi.org，該組織在過去的兩年裡成功建立了龐大的 WPA Table庫，並將其簡化的WPA-PSK Hash Table版本提供免費下載，對很多無線黑客而言，這確實是個福音，但遺憾的是，即便是簡化版本，其大小也已經超過了30G。
感興趣的 讀者可以到http://umbra.shmoo.com:6969去下載這個簡化版本的Table種子文件，該Table全部下載回來大小有 33.54GB，需要說明的是，生成該Table所依據的字典雖然經過黑客組織的篩選，但是由於國情不同，所以裡面部分內容可能並不適合國內情況的使用。 比如雖然都會有人使用姓名作為密碼，在國外可能是類似於BruceLee這樣的英文名稱，但是到了國內就可能是Lilianjie這樣的拼音了。

圖7 30G WPA Hash下載頁面

不過，對於無線網絡管理員，並不能因此鬆一口氣，真正的噩夢才剛剛開始，因為這個方法也同樣適用於破解WPA2加密。而且，國外一些地下高級黑客組織， 也已經建立了高達500G的詳盡WPA/WPA2攻擊Table庫，甚至一些基本完善的WPA-PSK Hash Tables已經在黑客網站上開始公開出售，只需要支付120美金左右，就會有8張包含WPA-PSK Hash Tables 的DVD光盤通過Fedex直接送到你的手上。
小D：由最後的說明，看出是字典法的改進，WPA安不安全見人見智…

『楓葉』『鋒燁』部落no.2: 迅馳密鑰五分鐘破解法 ,WinAircrackPack 破解你鄰

『楓葉』『鋒燁』部落no.2: 迅馳密鑰五分鐘破解法 ,WinAircrackPack 破解你鄰
WinAirCrackPack工具包是一款無線局域網掃瞄和密鑰破 解工具，主要包括airodump和aircrack等工具。它可以監視無線網絡中傳輸的數據， 收集數據包，並能計算出WEP/WPA密鑰。

小D：建議用以下網站生成的密碼加WPA2來反破解

		Perfect Passwords GRC's Ultra High Security Password Generator
	3,359 sets of passwords generated per day 6,566,946 sets of passwords generated for our visitors

Generating long, high-quality random passwords is not simple. So here is some totally random raw material, generated just for YOU, to start with. Every time this page is displayed, our server generates a unique set of custom, high quality, cryptographic-strength password strings which are safe for you to use:

64 random hexadecimal characters (0-9 and A-F): CD5D114AC245CB78E9AED45307DB2DC053857181E392BFDCC4BAF1239971FF98

63 random printable ASCII characters: 63nHKabqYMeIAzKa78|FW+0]!:r/8Gj7eL:q$W*SODJ<=?*U+";B\}2rVgIZ

63 random alpha-numeric characters (a-z, A-Z, 0-9): yyHBQcgBPAl9TSqcPYQWQGq48ubeQ7hPvnwOICGnM9zn2PXYrSFGkYZtZiOisH0

Click your web browser's "refresh" button a few times and watch the password strings change each time.

傳遞 function template @ novus log :: 痞客邦 PIXNET ::

傳遞 function template @ novus log :: 痞客邦 PIXNET ::

template 
void Output1(const T& obj)
{
cout << obj << endl;
}

template 
void Call(Fun f, const T& obj)
{
f(obj);
}

Call(&Output1, 12345);
Call(&Output1, "goodbye world.");

struct Output2
{
   template 
   void operator()(const T& obj)
   {
      cout <<>
   }
};

template 
void Call(Fun f, const T& obj)
{
   f("header --- ");
   f(obj);
}



Call(Output2(), 12345);