|
|
|
|
|
|
by lucb1e
959 days ago
|
|
|
> susceptible to offline-dictionary attack and the cost is quite low (less than $10) Only if it's a common password... you're saying this like it's a given, like you can break into anyone's WiFi for less than $10 after capturing a correct authentication challenge+response from a legitimate user. If you have a stupid ISP in the area that uses crackable passwords, or tech-savvy users that change the password to something stupid, perhaps you'll have a decent recovery rate, but otherwise I'd estimate it's far below even odds whether this gets you into any given network. Putting a dollar price on cracking a hash is like putting a dollar price on fresh air: if you have a laptop standing around, it's practically free to try a few million passwords; if you need a GPU farm, it may cost ten thousand euros; and it may be impossible if it's just not crackable (27 chars alphanumeric is just not possible, also not with a quantum computer in a thousand years, but you don't know that when all you've got is the challenge-response hash). |
|
|