 And so we are now ready for our third presentation of the day a third presentation of the day Alex from place. So you're from Bulgaria, correct? I'm from Bulgaria, right? So it is my pleasure to introduce to you you're going to be giving a talk on WPA sec Alex Donov. Thank you guys so today I will talk about the WPA sec, which is currently the largest known handshake WPA handshake database So what exactly is this? We are doing collection and processing of a wireless network captures Which are submitted by our users Then we identify these handshakes. We maintain carefully crafted dictionaries to check it down as that and There are contributors that are contributing their GPU power So we can try to crack these handshakes and submit all the results in real time, which are available So WPA sec works with 7 open source tools. WPA sec is also open source and you can see over there Never swipe the life installation and the github Because they refer it So we're using the HCX tools for handshake identification. HCX tools is a very interesting set of tools. It's pretty new from its develop since one year maybe a bit more and The other is well-known Router KGNPC, which works for They find the known PSK generation algorithms Of course the cracking is done with my hash cat and John the Ripper the bleeding version and We use Wiggle thanks to the guys from there for our APG location So the brief starts about the service. We now have more than half a million handshakes submitted As you see there We're doing this since 2011 so this is a The whole Sarah water handshakes You see the raw capture data and our success is around 27% No algorithm Generation was hit in around five persons, but I'm sure we can do better. Yeah And from our craft dictionaries, it's around 10% of the case plays already cracked because as you know This is pretty greedy algorithm to crack and These are the good results there, of course, we are striving for more the new distribution based on Wiggle results You can see that there is almost there is no place where You can't Have handshakes there So I want the people submitting cover users are around 4000 so This is Pretty much very interesting to see how what are using users using on different parts of the world So let's see what we're doing there First we have to get the handshake We all know that how does this happen? Well, I'll be using back in time the old school AP attack to don't indicate active clients and get a shake right This is very good because we can extract the APBS CD and then we can do okay. That's AP but As you also know in crown that there is Or do bad connections transmissions, etc. We maybe in some places have to apply the AP knows correction Of course, we can do better Do AP less attack so we can attack directly the client which is also not so new thing at least and There is no need for those corrections since we control the work for with that client and Here we have to be very fast We have to work better and there is no need for AP knows correction And of course we can leverage some more interesting attacks on high levels The tool that we are suggesting to use for submissions in WPSX is HX dump tool, which is part of HX tools and Since last week it have a lot of more interesting features And of course before submitting to the database, please don't clean work on this and do anything with these captures because You may destroy some valuable information. That's in there The cracking part is also very well known, you know I don't think that I have to explain that but Basically PBQDF2 HHA1 And after that depending on the Version of the WPA we're using the HMAC MD5, HMAC HHA1 or With WPA2 CMAC, we're using OMAC So this is all implemented in the John DeRippa and Haschattings, of course, it's implemented in WPSX server side so we can do it better About the knows correction We all know about the knows correction and we are Very much using it because we don't know to spend years Or many GPU power to crack something that can be cracked in the end We can also try to rely on the replay counter field So we have to know what exactly the knows correction will use but this is Not very good solution because often the APs Keep the same replay counter field. So from the Database around five percent of all these half a million Handchicks that were cracked because not all not everyone of this half million was cracked of course just 27 percent So we needed the knows correction in five percent of these head shakes The most correction can be negative or positive. You see the Persons and can be implemented as a mathematics with Bikindian and Olinian Here you see the results of course a lot of rotor routers MIPS based or Bikindian And it's normal to see around 90% of them Again, of course, HTX tools can deal with the situations and can Reduce this a lot so The new kit on the block the PMK ID I believe autumn rope on the forum post about that and the last version of Hashtag has this additional modes. It was released just before that come So the idea here is that if you have network with roaming enabled and Comparison the I stand out We will have this PMK ID, which is a part of everything information element Here you see the Values that how is a PMK the value of calculated so here we just need the Mac AP Mac SDA and which come from the association requests There is a situation request proper response and you need the message one from the year pool so there is no need for all these Heart to get Parts of the handshakes like before of course there is no need for most correction So if you get the PMK ID You will be on safe side that you're cracking if you have this Dictionary this password in the dictionary you will get it So next part is the hardware what we are using to collect that Of course, everybody builds his favorite girl We are using Raspberry Pi's like this one What you see here is a ink display e-paper display That is not using many More power that we need and with this It's a rather big battery. We can run this for around two or three days without stopping the adapters we're using keys are Running based or anything that works better on the HCX tools you can see you can find the Different types of adapters that we have tested and know that they're working Here you see the open VRT being based device with hardware antenna mods It should just toppling battery power through the all pieces very cheap and of course here It's again Raspberry Pi based Solution but with way better antenna that give us a lot more power Of course you can use whatever You want for this so when you already when you have the captures and The first thing that you have to do is to issue your own WPSX key There is no some Striped registration process you just go hit the issue key and that's it So with this key you can access the results when they're cracked On the server side we're processing with HXP cap tool We check for duplicates Of course, we're doing a lot more like Trying to crack via PN key. So if we already have this Network with This ESID we will get the hit and there is no need for this whole thing to go to the crackers to Exhaust their energy We're doing the we go APG location and of course if we are not having the results from router kick in PC this goes to handshake crackers so the guys that Previously mine coins or I don't know their favorite crypto currency They can spend one of their GPUs to run a health crack This downloads the head shakes and dictionaries and fees them to cracker it starts with the oldest head shakes and with Those teachers that are with fewer words and this gives some fair results for most people What we're doing here is because we have so much handshakes. We're doing we're doing the ESID combine so we are fetching all Networks that have one and the same ESID So we are doing the heavy part of PPTDF to just once and We are talking with our dictionaries The other part is automatic dictionary count because if you have very powerful GPU For one of these small dictionaries that we see for our one million word count in it You are spending around 30 seconds to initialize the GPU and after that for example three or four seconds to Push the full dictionary there. So we are combining dictionaries automatically So it's killing the pending count number of GPUs we have and the GPU power With the one something is cracked You're accepting one or more PSK by hash or boy hash of the network or the BSID We are doing the validations as far as we can And in the real-time we generate these cracked txt GZ dictionaries over there Okay, it's over there. So it's real-time. You can get every password that has been cracked Yeah, and there is a separate dictionary that is For those that are coming from route or cake and they're separated because most of the time they look very Random things, of course, they are not so random. That's why they get to the route or cake in and But they are not really interesting if you want to use this dictionary for your your own assessments so What we've learned up to now There are a lot a lot Vendors and ISPs that you're still using the fault BSAD SAD based our glory terms in database. There are a lot of these hidden and we hope to get them revealed To identify this and continue for that There is a lot of that Going to In this part a lot of people get the rotor firmware catch it and try to find these default algorithms and with this With the WPA Sec results we are validating their results and It gets pretty interesting. I will develop of course developing such a tool like H6 tools gets We hit a lot of things kernel and driver books. We try to fill as much as possible Bugs on a lot of them are already are already fixed. So this is a good thing for everyone that is using such a hardware We also identified some optimizations and improvements in the hashtag in general variable variable and help you Get to see it. Those also those by them And in the end the WPA sec is very useful as awesome sauce because For example, you're doing a remote penetration test on some bank You also can go on WPA sec and on we go see what are the networks there After that go to WPA sec and see if somebody already captures some natural hash there so From now on you will be Way further and you already have something to work on and to try for password reuse and etc. And What's next with this project? It's running Some years But I'm sure that there are a lot of more hidden algorithms and we'll be very glad to Check those out The interesting thing about these default algorithms that there is info on them on different forums we can send etc Very very spread and don't really useful When you look for something and I think it this will be a nice place to collect them all and to improve it Of course the web interface I really don't have full screenshot because it's really awful But this have to be gone from 19th and we have to do something better of course It will be nice to introduce your API for the eBc query. So a lot of guys will have The possibility to dig in this database But for now if you have some ideas, I'll be very happy to discuss them. Just drop me a mail and We'll work it out And of course prepare for WPA 3. There are some speculations and I'm sure that We will think of something, but Let's see the first client implementations and server calls so we will See how this happened, but since in 2018 we still fuzz out WEP and WPA the first version. So I'm sure this will not go around soon So thank you guys