I spent the last few evenings mining passwords from the wifi networks in my new neighborhood. I was just testing them, see, because I’m really concerned for my neighbors’ security and such.
It used to be that WEP was the only form of wifi security, but it turned out to be too easy to recover a WEP key: Just eavesdrop on the network and examine the frequency of repeated bytes in captured packets.
Now all routers use WPA, which hashes the password using the SHA1 function.
It’s still easy to sniff a packet and get the encrypted key, but the only way to pull the password from the key is through brute force: Run the SHA1 function on combinations of letters until you get something that results in the same key.
At this point you might be thinking, Geez Elaine, just pay for freaking Comcast already.
Brute-forcing a password might sound like a huge waste of computational resources, but this is exactly what Bitcoin miners do. Mining is the process of guessing a password called the nonce. The nonce is a number that can be appended to a block and hashed, resulting in something that starts with a string of 0s. If a miner finds a nonce, they win the block and get 25 bitcoins.
So I spun up a GPU instance on AWS. This was the same instance I had used to mine Bitcoin before Amazon shut it down.
More than half the time, the wifi password is a phone number. Hashing all combinations of 10-digit numbers is quick. The rest of the time, the password contains proper nouns. Even with GPU acceleration, hashing every possible combination of characters takes days.
And that is why I didn’t have internet access until today.