Russians start selling Wi-Fi encryption cracker

A Russian security company whose software can recover Wi-Fi encryption keys has started selling it to all-comers.

The Russian security company that caused a stir some months by talking up its cracking tool for recovering Wi-Fi encryption keys, has started selling its software to all-comers in a specially packaged product.

Normally, running a tool to do this on a conventional Intel Core 2 Duo desktop PC would take months to brute force even a single 8-character WPA/WPA2-PSK password, of which there are trillions of possible alpha-numeric combinations at that bit length.

Elcomsoft claims that Wireless Security Auditor 1.0 can perform the same function by capturing traffic from a Wi-Fi connection using a separate packet sniffer, processing the data through up to four high-end graphics cards in order to retrieve the password in a fraction of that time.

Although the software technique behind the software has been around for months, it now has a price - £599 for UK users.

The software supports hardware from either of the leading companies in the field, Nvidia and ATI, specifically the super-fast GeForce 8, 9, and 200, as well as ATI's Radeon HD 3000, with a minimum of 256MB of dedicated onboard RAM, on any version of Windows. The extra processing power simply speeds up the basic dictionary attack method of such software, cycling through combinations at a faster rate.

The company stops short of specifying a time to retrieve a complex password of 8 characters - the minimum allowed by WPA - but admins might infer from running the tool for any length of time that their passwords are at least secure to a minimum standard. Longer passwords, even quite simple ones, would almost certainly be beyond this tool, but therein lies the auditing usefulness of the tool.

One obvious concern is the illegal use of the tool to actually hack Wi-Fi networks, not just 'test' them.

"Elcomsoft Wireless Security Auditor works completely in off-line, undetectable by the Wi-Fi network being probed, by analyzing a dump of network communications in order to attempt to retrieve the original WPA/WPA2-PSK passwords in plain text," says the company release, confirming the tool is designed to be used with invisible sniffers.

A disclaimer on the website makes this issue more explicit.

"The program that is licensed to you is absolutely legal and you can use it provided that you are the legal owner of all files or data you are going to recover through the use of our software or have permission from the legitimate owner to perform these acts. Any illegal use of our software will be solely your responsibility. Accordingly, you affirm that you have the legal right to access all data, information and files that have been hidden."

The answer is to make sure that the risibly weak WEP (wired equivalency protocol) encryption is not being used by Wi-Fi access points, and that WPA passphrases are more than 8 characters, preferably grown-up randomly-generated hashes created by dedicated tools. Hash generation tools typically exceed 20 characters. Admins should consider themselves warned.

Join the PC World newsletter!

Error: Please check your email address.

Tags Wi-Fi

Our Back to Business guide highlights the best products for you to boost your productivity at home, on the road, at the office, or in the classroom.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

John E. Dunn

Techworld
Show Comments

Essentials

Lexar® JumpDrive® S57 USB 3.0 flash drive

Learn more >

Microsoft L5V-00027 Sculpt Ergonomic Keyboard Desktop

Learn more >

Mobile

Lexar® JumpDrive® S45 USB 3.0 flash drive 

Learn more >

Exec

Lexar® JumpDrive® C20c USB Type-C flash drive 

Learn more >

Audio-Technica ATH-ANC70 Noise Cancelling Headphones

Learn more >

Lexar® Professional 1800x microSDHC™/microSDXC™ UHS-II cards 

Learn more >

HD Pan/Tilt Wi-Fi Camera with Night Vision NC450

Learn more >

Budget

Back To Business Guide

Click for more ›

Most Popular Reviews

Latest News Articles

Resources

PCW Evaluation Team

Michael Hargreaves

Windows 10 for Business / Dell XPS 13

I’d happily recommend this touchscreen laptop and Windows 10 as a great way to get serious work done at a desk or on the road.

Aysha Strobbe

Windows 10 / HP Spectre x360

Ultimately, I think the Windows 10 environment is excellent for me as it caters for so many different uses. The inclusion of the Xbox app is also great for when you need some downtime too!

Mark Escubio

Windows 10 / Lenovo Yoga 910

For me, the Xbox Play Anywhere is a great new feature as it allows you to play your current Xbox games with higher resolutions and better graphics without forking out extra cash for another copy. Although available titles are still scarce, but I’m sure it will grow in time.

Kathy Cassidy

STYLISTIC Q702

First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni

STYLISTIC Q572

For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?