Monday, July 30, 2012

New cloud-based hacking service can crack VPN passwords within 20 hours

As example of a leverage power of cloud-based services can be mentioned the twitter message we have posted today:

https://twitter.com/reanvent/status/229923837465198593

The advantages of the scalability of such services and the low costs oriented by "pay as you go" can be used to attack an keys, passwords and networks at companies or at private users.

To demonstrate how it works, we would like to describe the possible handling of such attacks. As example I would like to use the example of CloudCracker Service.
The online form of the service looks like:



How the fields in the form have to be filled can be found bellow.

How do I submit a WPA/WPA2 Job?
In order to submit a WPA/WPA2 job for processing, you'll need to capture a WPA handshake for the network you're interested in cracking. There are many publicly available tools for acquiring a network handshake such as aircrack-ng, along with online tutorials for how to use them.

Once you've gotten a network capture, simply submit the .cap (or .pcap) file along with the SSID/ESSID of the network. If your network capture is greater than 5MB, you'll have to reduce it by stripping out the handshakes. On Linux, you can use the script here to do this.

How do I submit a LM/NTLM Job?
Submit a file containing the LM or NTLM hashes you'd like to crack, formatted as a PWDUMP file. PWDUMP files are formatted as:
<user_name>:<user_id>:<lm_hash>:<ntlm_hash>:<comment>:<home_directory>:

For example, a file with two NTLM hashes might look like this:
moxie:1000:NO PASSWORD*********************:55BB1BF7C3668EE1C23D74B4C5686C1E:::
geoff:1001:NO PASSWORD*********************:CCA5A5F729D79D8DDC67524C286C126A:::

Or a file with two LM hashes would look like this:
moxie:1000:9224FC255C58C50EAAD3B435B51404EE:87F65D137998A4CE59EA65B114A0F831:::
geoff:1001:9224FC255C58C50E93E28745B8BF4BA6:A4CC3E6ADACEB79EBE88AAFDEA4B97CD:::



Sources:
http://www.zdnet.com/blog/btl/new-cloud-based-hacking-service-can-crack-wi-fi-passwords-in-20-minutes/28224
https://www.cloudcracker.com/
http://www.heise.de/security/meldung/Cloud-Dienst-knackt-VPN-Passwoerter-in-24-Stunden-1654958.html

1 comment :

  1. This is a message to the admin. Your website is missing out on at least 300 visitors per day. I have found a company which offers to dramatically increase your traffic to your website: http://nsru.net/fdse They offer 1,000 free visitors during their free trial period and I managed to get over 30,000 visitors per month using their services, you could also get lot more targeted visitors than you have now. Hope this helps :) Take care.

    ReplyDelete