Once again I have been having trouble finding the time to make blog posts, but I thought I should make the effort for a quick one so to speak.
Unless your living under a rock you will be familiar with all the buzz around cloud computing. There is alot of discussion about the benefits, risks etc, but I think no one can deny the possible power that can be leveraged.
A perfect example of this is the new WPA Cracker offering.
WPA Cracker is a cloud cracking service for penetration testers and network auditors who need to check the security of WPA-PSK protected wireless networks.
WPA-PSK networks are vulnerable to dictionary attacks, but running a respectable-sized dictionary over a WPA network handshake can take days or weeks. WPA Cracker gives you access to a 400CPU cluster that will run your network capture against a 135 million word dictionary created specifically for WPA passwords. While this job would take over 5 days on a contemporary dual-core PC, on our cluster it takes an average of 20 minutes, for only $17.
I have not had the opportunity to try this out myself yet, but I think the costs sound reasonable, and the time reduction would be very handy on a pentest.
Hi Dale, I’m in the same situation as you as I’ve not had a chance (or cause) to try the service. But I have pointed a couple of people in it’s direction, unfortunately no feedback yet.
Don’t think this will replace manual cracking for all attempts, but should be useful for a quick and easy test to ensure your network isn’t part of the low hanging fruit.