Skip to main content

How to hack Wireless Network Passwords inexpensive

Is there any way to make hack Wireless Network Passwords, inexpensive?

A German security researcher Thomas Roth, a computer security consultant based in Cologne, states that there is a way to break a commonly used form of password protection for wireless networks using powerful computers of inexpensive.

It is an innovative use for cloud computing: cracking wireless networks that rely on pre-shared key passphrases, such as those found in homes and smaller businesses, the program that runs on the Amazon Elastic Cloud Computing (EC2). Can hack into protected networks using specialized software that he has written that runs on Amazon's cloud-based computers.

It uses the massive computing power of EC2 to run through 400,000 possible passwords per second, a staggering amount, hitherto unheard of outside supercomputing circles and very likely made possible because EC2 now allows graphics processing units (GPUs) to be used for computational tasks. Among other things, these are particularly suited to password cracking tasks.


Is this Hack rely on a flaw in wireless networking technology? oth's software merely generates millions of passphrases, encrypts them, and sees if they allow access to the network. However, employing the theoretically infinite resources of cloud computing to brute force a password is the clever part.

Amazon, spokesman - Drew Herdener
Roth's research would only violate his company's policies if he were to use Amazon Web Services (AWS) and its Elastic Compute Cloud (EC2) computing service to break into a network without permission of its owner.

"Nothing in this researcher's work is predicated on the use of Amazon EC2. As researchers often do, he used EC2 as a tool to show how the security of some network configurations can be improved,"

"Testing is an excellent use of AWS, however, it is a violation of our acceptable use policy to use our services to compromise the security of a network without authorization."

How to use?

There are plans to distribute this software to the public and teach people how to use it.

What Roth says?
Roth said he is publicizing his research in a bid to convince skeptical network administrators that a commonly used method for scrambling data that travels across WiFi network passwords is not strong enough to keep crafty intruders from breaking in to networks.

That encryption method, dubbed WPA-PSK, scrambles data using a single password. If a potential intruder is able to figure out the password, he or she can gain access to computers and other devices on the network.

Networks can be broken into if hackers use enough computer power to "brute force" their way into figuring out the passwords that protect networks.

Those passwords were difficult for the average hacker to break until Amazon.com recently started leasing time on powerful computers at relatively inexpensive rates: It takes the processing capability of multiple computers to perform mathematical calculations needed to break the passwords.

Purchasing the computers to run such a crack would cost tens of thousands of dollars, but Roth claims that a typical wireless password can be guessed by EC2 and his software in about six minutes. He proved this by hacking networks in the area where he lives. The type of EC2 computers used in the attack costs 28 cents per minute.

Roth said that he used his software and Amazon's cloud-based computers to break into a WPA-PSK protected network in his neighborhood. It took about 20 minutes of processing time. He has since updated his software to speed its performance and believes he could hack into the same network in about 6 minutes.

However, while Roth's conclusion is that cloud computing means that kind of computing power exists right now, at least for weak passwords, and is not even prohibitively inexpensive, its to note that Roth very probably cracked open networks with short passwords.

Include a good variety of symbols, letters and numbers in the passphrase, and change it regularly -- monthly, if not weekly. Don't use words you might find in a dictionary, or any words that are constructed cunningly by replacing letters with numbers (that is, passwords like "n1c3"); hackers are way ahead of you on such "substitution" tricks. Passphrases constructed like this are effectively impossible for computers to guess by brute force, even by cloud computing systems running Roth's software, due to the amount of time it would take.

Because WPA-PSK is also calculated using the service set identifier (SSID, or base station name) of the wireless router, it also makes sense to personalize this and ensure it isn't using the default setting (usually the manufacturer's name). This will protect you against so-called "rainbow" attacks, which rely on a look-up table of common SSIDs.

More Posts...

New iPhone iPad App Remove Stress

Economic Satellites Signals to indicate Natural Disaster

How to adjust body position in front of the PC