EH-Net

Question to those who do regular Wireless Pen Tests, when do you decide to throw in the towel when it comes to WPA based attacks, and is this predefined contractually with the client?

The reason I ask is that, obviously you have the dictionary and brute force attacks, and as you can sniff the handshake and then work offline you really do have forever to test various rainbow tables, keyword lists and other techniques, but when do you decide enough is enough, and you will happily tell your client based on the techniques used the choice of passphrase in use is acceptable.

Of course you could simply review the passphrase if they offered it to you and make a judgement call on how likely it would appear in someones lists when attacking, but that would kinda defeat the Wireless Pen Test.

Certainly, this depends on the negotiated terms and goals of the engagement with the customer.  I have a few dictionaries I'll try and have pre-established mechanisms to accelerate the testing process (using nVidia GPU's, available hosts and FPGA's), and I'll run that to completion for a test.


Determining if the passphrase choice is acceptable requires more evaluation than just what you can determine from a penetration test.  I try to work out with the client what the resources would be of a potential adversary ($1,000? $10,000? $1,000,000?) and then use math to figure out how long it would take to figure out the selected passphrase (usually, this is by ignoring the entropy of the selected passphrase, and just using the character selection and length of the passphrase, factoring in probability).


For me, PSK's aren't acceptable in anything by the environments of least risk (perhaps a guest network, or a home network with little to no valuable resources).  It's less about being able to brute-force the PSK, and more about how the PSK (or derived PMK) is stored on each and every workstation.  I can use a combined pen-test approach to leverage physical security with wireless attacks and a tool like Aircrack-ng's WZCOOK to extract a PMK which is shared by all the other usrers on the network, all without having to resort to dictionary attacks.

Good post.

-Josh

Josh,

thanks for your response.
I was just trying to get an insight to how Pen Testers like yourself approach this sorts of situations.

Thanks for taking the time to respond.

This is a good question.

As the password approaches true randomness, the statistical possiblities become
overwhelming, even for an eight-character password.  For example, if one considers
that all of the keys on the keyboard can be used to construct the password, then
there are 95-raised-to-the-8th-power possibilities.  This is 6,634,204,312,890,625
possible passwords.  (I don't even know what the number is?  A quadrillion?)  Aircrack-ng,
which is the best cracker I've found so far, tests about 220 keys per second on a
1.9GHz cpu.  At that rate, it would take 956,223 years ,... or about the time for
another Ice Age to come and go ... to crack it.

Adding just one character increases that time exponentially. 

But, of course, most humans don't choose passwords randomly.  In fact, humans really
don't anything randomly.  They opt for patterns which loom in their memories.  Thus,
the development of brute force dictionaries. 

I have a dictionary of wpa 8-char passcodes which is 1.2 million entries and have yet
to crack an interesting WPA-TKIP-PSK access point with it.  So obviously people
with valuable data do not use crap passwords.

If anyone has any ideas on this, I'd be interested in hearing them.