Search This Blog

Thursday, 28 February 2019

DJ ND - Like a Rollercoaster [Mixtape]

Like Any Given Sunday - Street Level at King Street Hotel. You know what to do

01 - Michael Jackson - Rock with you
02 - Friendly Fires - Skeleton Boy
03 - Golden Features Feat Fear - No One
04 - Zhu - Faded
05 - Camelphat Elderbrook - Cola
06 - Eurythmics - Sweet Dreams
07 - Ellie Golding - Lights
08 - Prince - 1999
09 - Regurgitator - The Song Formally Known As
10 - Touch Sensitive - Lay Down
11 - John Newman - Love Me Again
12 - Robert Delong - Global Concepts
13 - Human League - Don't You Want Me Baby
14 - Elderbrook - Capricorn
15 - Seal - Crazy
16 - Martin Solveig & GTA - Intoxicated
17 - Journey - Don't Stop Believin'
18 - Loud Luxury Feat Brando - Body
19 - Spandau Ballet - True
20 - Bob Marley - I Can See Clearly Now
21 - Empire of the Sun - We are the People
22 - Mann - Buzzin
23 - Daryl Braithwaite - Horses

Monday, 25 February 2019

DJ ND - Dance First [Mixtape]

Mainstream mix with a few classics mixed in for some good times.

Download Link: here

01 - Lauren Hill -  Can't Take My Eyes Off You
02 - Tyga -  Rack City [Radio Mix]
03 - Big Boi ft. Cutty -  Shutterbugg
04 - L D R U Ft. Paige IV - Keeping Score
05 - Peking Duk Ft. Icona Pop - Let You Down
06 - Baker Boy - Mr La Di Da Di
07 - Daft Punk feat. Pharrell Williams -  Lose Yourself to Dance
08 - Whethan Feat Honne - Radar
09 - Robert Delong - Happy
10 - Beyonce vs  Jagged Edge -  Single Ladies Get's Married
11 - PNAU - In My Head
12 - Peking Duk Feat Nicole Millar - High
13 - Rihanna - Diamonds
14 - Kanye West - Flashing Lights
15 - Peking Duk - Fake Magic
16 - Eve - Tambourine
17 - Hanson - Mmmbop
18 - Daft Punk Feat Panda Bear - Doin' it Right
19 - Kendrick Lamar - King Kunta
20 - Prince - Kiss
21 - Client Liaison - Off White Limousine
22 - Dexys Midnight Runners – Come On Eileen23 - Queen - Under Pressure
24 - Frank Ocean - Lost
25 - Fisher - Stop It
26 - Zhu - The One
27 - The weeknd - Can't Feel my Face
28 - Fergie - Here I come
29 - Kendrick Lamar - I
30 - Outkast - I like the way you move
31 - Hayden James - Just Friends

Saturday, 23 February 2019

DJ ND - The Vibe [Mixtape]

Another party mashup with all your favourite artists. Click here for the goods


01 - Drake - Passionfruit
02 - Jason Derulo - Want to Want Me
03 - Calvin Harris - Colors
04 - RUFUS - Say a Prayer For Me
05 - Stevie Wonder - Superstition
06 - Claptone Feat Peter Bjorn - Puppet Theatre
07 - The Avener - Fade Out Lines
08 - Motez Feat Scrufizzer - The Vibe
09 - Michael Jackson - Bad
10 - RUFUS - Like an Animal
11 - PNAU - Go Bang
12 - Milky Chance - Stolen Dance
13 - Asta Feat All Day - Dynamite
14 - Krafty Skillz - It's a Booty
15 - INXS - Need You Tonight
16 - Bob Marley - Could you be Loved
17 - Disciples - They Don't Know
18 - Flume - Holdin On
19 - Yaeji - Rain Gurl
20 - Darude - Sandstorm
21 - Mat Zo & Porter Robinson - Easy
22 - Bag Raiders - Sunlight
23 - Hermitude - Hyperparadise
24 - Hermitude - The Buzz
25 - Drake - Hotline Bling

Tuesday, 23 January 2018

Hiking Angel Falls

After doing the Andes World Travel  Angel Falls - Rappel & Trek trip (Explora Treks in country) we come out with some handy tips for anyone who is looking to do this trek/rappel or another tour which may offer something similar. If your interested in a bit of Angel Falls history and background click here

Fitness and Experience

This trip covers 15-20km per day undulating terrain walking on un-maintained trails. Approx. 8 hour days with jungle bathrooms (if you know what I mean). Abseiling with all your bags and being on some precarious high ledges. With that said you get to see some stunning scenery, meet great people and experience something of a lifetime!

Guides are experienced in taking people on this tour, have climbing experience and very helpful. Abseiling experience is not required but recommended. ExploraTreks recommend a minimum of basic rappel rope management skills. We didn't do much prior however a day course from the Australian School of Mountaineering helped boost confidence.

Revised Packing List 

Amendments to the provided packing list:
  • Snacks (whilst breakfast lunch and dinner is always provided, snacks for the day is not)
  • Soap/shampoo/conditioner (nearly all camps have the opportunity to bath in a river or stream, also handy for washing clothes)
  • Gators or old shoes (not a huge fan of gators but there is some serious mud on this trek)
  • Ear plugs (charted plane sounds like a lawn mower for an hour or two - music earbuds may do the trick)
  • Mosquito (puli puli) net (optional - not on our packing list provided but you do sleep open air a couple of times where they can be bad
  • Plates, cups and forks were on the list but not required


Additional notes to existing itineraries here and here


Day 1 - Arrival - Caracas - Cuidad Bolivar

Arrive 3am transit to Cuidad Bolivar arrive midday (9 hour car ride). Transfers normally by connecting flight if available in country (wasn't available for us due to issues in country). Option to leave bag with the tour company at airport and pick up on return flight from Canaima. 

Day 2 - Cuidad Bolivar - Uruyen Camp

Up breakfast 7am fly 8-9am (take ear plugs - leave stuff at airport) to campsite (1.5 hours - 7000ft). Arrive noon. Hike to swimming hole (3 hour round trip - no box lunch). Dinner around 4-5pm plus briefing

Day 3 - Uruyen Camp - Guayaraca Camp

7am weigh gear hike by 8.40 first campsite 5-6 hours 15km (4 hours with lunch - 1 hour to cliff 2 hours climb 1 hour to camp site with lunch stop). Arrive around 2. Go for swim in near by river

Day 4 - Guayaraca Camp - El Penon Camp

Up at 6.40 hiking by 8.40 up hill Forrest across plain to jungle take water before going up ascent in jungle. Lunch at big rock with site seeing of previous levels. Continue up jungle forest to campsite (6 hours). Setup camp under the rock and refresh in the stream 2 mins away.

Day 5 - El Penon Camp - El Oso Camp

Up at 6.40 for 8.30 start walk to cliff face up similar terrain as before. At the cliff face walk and climb your way using various rope systems to the 3rd terrace. Take lunch and continue to walk to the next camp site over flat rock. Make sure you pack your toggs in your day pack for a mid day bath in the orange river. Short 45 minute walk to camp (finish at 4.30 - 8hours). Fill water at orange river since no water available at the campsite.

Day 6 - El Oso Camp - Lecho Camp

Short day today. Set out at 9am across the terrace walk through forest to the Churun river, arrive at 11.30 and take a swim while lunch is prepared. Another 45mins through undulating terrain alo
ng the river to the next camp site (1.45pm arrival). More swimming and relaxing

Day 7 - Lecho Camp - Neblina Camp

Mud day! Long pants a must! Ascend away from Churun river up to the ridge to make your way though the labyrinth of trees and rocks. Now the fun part! Navigate the swampy plateau to the creek to refill drink bottles and energy tanks (3hours) then onward through the swamp to the lunch spot by the stream (1 hour). After lunch a little more mud until the downhill decent to the campsite to relax by the creek to wash off all the mud. (9am - 4pm with lunch break).

Day 8 - Neblina Camp - Salto Angel Camp

Early start as the last day hiking will be the hardest. Set out north east through thick scrub for about a hour to the weather station then cut back into the forest where the track will wind through the bush to the lunch spot by the river. After lunch continue for about 2 hours through the bush on the narrow track lined by tree roots to the next camp site on the edge. Take a break or a bath since you earned it and prepare for the rappel.

Day 9 - Rest Day

Rest day today (or at least on our trip since its negotiable) is a good opportunity to get your gear in order, possibly a couple of test rappels and go see the edge of angel falls. Take a moment to view the Kerepacupai river as this is what feeds angel falls.

Day 10 - Rappel: Salto Angel Campsite - La Cueva Ledge

Rappel day. A very early start (5.30) to have breakfast and packed and ready to begin repelling by 7am. Take a short walk to the first rappel point and follow the instructions of the guides. Take a deep breath before launching yourself into almost 1km of decent over 2 days (14 rapells varying from ~20m - 95m in length). First day is 7 rappels and half the distance to the cave camp spot. You will most probably arrive in the dark so get your sleeping arrangements sorted, something to eat then rest.

Day 11 - Rappel: La Cueva Ledge - Isla Raton Campsite

Wake up to stunning angel falls views from the campsite if you managed to get some sleep! After a quick breakfast and packing up the camp its straight back into it for another day of repels. Today most repel s are through jungle like terrain hit another 500m none the less. After deciding the 7 pitches you find yourself in jungle on there side of the wall. About an hour walk to the best ground viewing point of angel falls. After a quick group photo it's on the trail again to the next camp site (2 hours) where other team members are waiting with a hot cooked meal and drinks. Likely a bath in the river at night since its been a long day. Sleeping in hammocks.

Day 12 - Boat: lsla Raton Campsite - Canaima

The last of the early starts. Take breakfast then a boat ride down the Churun/Carrao river (approx. 5 hours). If the river is shallow a few walking stops along the way may be needed to get the long boat through. Arrive at Canaima pier and unload bags onto waiting transport to take you to the nights accommodation (Morichal Lodge) where lunch and drinks are available. Take some downtime and or a boat ride to see the falls in the afternoon followed by dinner and a free evening.

Day 13 - Canaima - Cuidad Bolivar - Caracas

Early morning flight from Canaima to Ciudad Bolivia then a transit back to Caracas (car or plane). Nights accommodation near the airport (ole something).

Day 14 - Caracas - Departure

Following day transfer to Caracas airport by inclusive transfer.


At the time of travel (Dec 2018) the exchange rates for Venezuela was as follows. It was a bit confusing with the whole official and unofficial rates but this article gives a bit of insight. There is some controversy about the unofficial rate which apparently is influenced by the information on this website. Most people in country pay with a bank card since carrying around cash is a little inconvenient. We only found one place in Canaima where we could exchange currency (USD for Bolivars) but our new Venezuelan friends were kind enough to cover our costs until we found a place to exchange money.

Official Rate:

25,000 = 2.50c USD
100,000 = 10 USD
1,000,000 = 100 USD

Unofficial Rate:
25,000 = .25c USD
100,000 = 1 USD
1,000,000 = 10 USD

Exchange in Canaima:
80000 = 1 USD
50 USD = 4,000,000 Bolivars


Porter cost approx. 35USD (15kgs / 3 USD per day) for Tupi hike. Need to take your bag down the abseil with you (strapped to your ATC belay device)

Equipment hire was $50 USD for the following
1 x harness
1 x helmet
3 x carabina
2 x sling (one for bag and one for you)
1 x black diamond ATC belay device

Some approximate costs to get an idea of budgeting:

Postcard and magnet  = 15,000 Bolivars
Dinner meal (hotel) =  500,000 Bolivars
Beer (Canaima) = 1USD
Bottle of Rum (Cacique) = 660,000 Bolivars

Hotel food costs as per picture

If your looking to travel to other places in or near Venezuela why not try some of the other large cities or somewhere in the Caribbean.

Monday, 8 February 2016

Mitigating distributed denial of service attacks – a practical approach

Distributed Denial of Service attacks present a real threat to the security and reputation of industries across the globe. This report looks at why DDoS attacks occur, who are likely targets of DDoS attacks, types of DDoS and strategies to mitigate against attacks.

The first Distributed Denial of Service (DDoS) attack tool appeared in June of 1998 labelled FAPI. FAPI could direct TCP, UDP and ICMP traffic from multiple attack sources causing a victim to become unresponsive to legitimate requests (Lin & Tseng, 2004). Since FAPI, DDoS tools and techniques have provided a lucrative avenue for cyber-crime. With more organisations and businesses connecting critical infrastructure to the internet, the impact of DDoS strikes is becoming increasingly prevalent.

Why Who and What?
DDoS attacks can be used for masquerading other attack activity, revenge, hacktivism and more typically extortion (Symantec Corporation, 2015). It is common with extortion attacks where an organisation will be given an ultimatum for money or else its online presence or internet services will be affected, usually during a critical time for the business (Mansfield-Devine, 2011).
Figure 1 - Size and Frequency of DDoS attacks
(Akamai Technologies, Inc, 2015)

Cyber criminals use DDoS because botnets are cheap, highly effective and hard to detect. Botnets can go for as little as $5 per hour, use normal connections and consistently bring down internet services like clockwork (Florian, 2012). DDoS targets are usually broken down into different industries with over half of all attacks in 2015 directed towards gaming and software and technology entities (Akamai Technologies, Inc, 2015).

Figure 2 - Attacks by Industry (Akamai Technologies, Inc, 2015)

DDoS attacks are growing in frequency and intensity each year, the likelihood of businesses being targeted is ever increasing. DDoS attack vectors generally fall into two categories – Layer 3 network or infrastructure floods and Layer 7 application attacks (Mansfield-Devine, 2011). Infrastructure attacks utilise network protocols such as TCP, UDP, ICMP, NTP, SSDP, DNS and CHARGEN; these network layer attacks account for over 95% in frequency and volume of all DDoS traffic in 2015 (Akamai Technologies, Inc, 2015).

Application layer attacks on the other hand exploit web servers by flooding the service with a large number of HTTP GET, POST or PUSH requests. These requests aim to overwhelm the server's resources until the service is rendered unusable or unavailable (Iyengar, Banerjee, & Ganapathy, 2014).
Figure 3 - Attacks by Type (Akamai Technologies, Inc, 2015)

A trend towards the use of non-botnet based resources such as open proxies has recently been observed. This shift may lead to an increase in reflective DDoS attacks that abuse web application frameworks making DDoS mitigation exceedingly challenging (Akamai Technologies, Inc, 2015).

Mitigation Strategies
Many different mitigation strategies exist depending on client base size, content type, business requirement and funding capital. Four traditional mitigation tools exist which can be used independently or in conjunction with other mitigation methods such as white listing and cloud security services. Mitigation tools include bandwidth defence, rate filtering, signature filtering and moving target (Hunter, 2003).
Bandwidth defence aims to mitigate bandwidth attacks. A bandwidth attack involves large traffic throughput which can be upwards of 10GBp/s as shown in figure one. This attack aims to overwhelm the connection pipe to the web site to disrupt service. Bandwidth defences usually involve the use of multiple service provider internet links and the ability to increase internet throughput on demand (Mansfield-Devine, 2011). Content Distributed Networks (CDN) such as Akamai and Sandpiper also assist with bandwidth defences however usually is expensive. Organisations should intelligently monitor their infrastructure bandwidth to ensure sufficient normal capacity and the ability to detect bandwidth attacks when they occur (Hunter, 2003).

Rate filtering looks to counter DDoS attacks through preservation of resources on the victim end. A DDoS SYN flood attack aims to exhaust finite bandwidth, CPU, memory and buffer resources.

Figure 4 – Traditional single tier data centre.
Adapted from “Three Tier Network Architecture to mitigate DDoS Attacks on Hybrid Cloud Environments” by Bhardwaj, Subrahmanyam, & Sastry, 2015.

Each connection allocates system resources. Once resources are saturated, subsequent requests are dropped causing service outages. Limiting half-open connections, packet throughput and monitoring resources can mitigate these types of attacks. Access control lists (ACL) also preserve system resources through network packet filtering. Filtering should be placed as close to the network perimeter as possible to limit device resource allocation. In the event rate filtering is problematic, distribute the filtering over multiple inline perimeter devices to share mitigation load (Beitollahi & Deconinck, 2012).
Vendors which provide commercial rate filtering devices include Hewlett Packard Enterprise, Riorey Checkpoint, Juniper, F5, Fortinet and Cisco. Low bandwidth DDoS and application layer attacks cannot be mitigated by rate filtering, cloud security services or signature filtering can assist with these types of attacks.

Signature filtering relies on recognizing signatures created for typical attack patterns. These devices are efficient and less likely to suffer from performance problems, however could block legitimate traffic (Hunter, 2003). Web Application Firewalls (WAF) and Intrusion Prevention Systems (IPS) are great examples of signature filtering devices. WAFs and IPS’ execute deep packet inspection on HTTP/S requests and their payload to identify and prevent attacks. Akamai recommends WAFs which utilise flexible comprehensive rule sets, situational awareness, black and white listing, GEO blocking, behavioural controls and origin cloaking (Akamai, 2014).

WAFs and IPS’ should be placed inside or outside (or both) of the perimeter network. Inline open source perimeter IPS devices which support custom signature and the ability to capture DDoS traffic for analysis include Suricata or Snort.
The Moving Target Defence involves switching services to a new IP address in the event of an attack, DDoS attack traffic will then be delivered to the old IP address mitigating the attack. For added protection the IP addresses can be changed periodically to provide further defence against attack. This option has the advantage of reducing the risk of an attack since multiple end points are possible and the process of changing service IP addressing is frequently tested. Attackers can circumvent this defence by using DNS requests to identify the new service IP address. Moving target defence should not just protect public web addresses; it should also protect DNS servers and core network infrastructure (Hunter, 2003). Cloud security services can provide moving target defences since the web services public address points to the cloud security service. Cloud security edge servers act as a distributed firewall. Traffic is scrubbed and cleaned before clean traffic is forwarded to the origin server (Gillman, Lin, Maggs, & Sitaraman, 2015).

Moving target defence can be costly due to the number of servers and network addresses required to keep shifting services, not to mention the attacker can easily identify current infrastructure addresses. This is where white listing can improve defence success.
White listing can be done by a VIP list (user based) or cloud security services white listing (service based).

Figure 5 - VIP whitelist overview (Yoon, 2010)

Very important IP addresses (VIPs) are collected IP addresses from previous successful applications logins to make a whitelist under normal network conditions.

The VIP or whitelist is installed on a perimeter network device and activated when a DDoS attack is detected. White listing is similar to GEO protection however instead of permitting or blocking based on country, the whitelist is permitted based on previous successful user authentications.

Figure 6 - CloudFlare security services

Due to the nature of internet users and public IP allocation, users can often be assigned a new public address when connecting to the internet. Yoon observes public IP addresses of client users do not change all that frequently however when it does, the network address portion remains the same since most service providers are allocated a static range and use a contiguous block. This can be exploited to maximize the usefulness of the VIP list by introducing network subnets to the VIP whitelist. (Yoon, 2010).

Figure 7 – Cloud security services with CloudFlare. Retrieved January 2015, from Copyright 2016 CloudFlare, Inc.

Leading cloud security services offer CAPTCHA, IP ACLs, GEO blocking, WAF, DNS protection and analytics. According to Forrester Wave, cloud security, DNS and CDN services are best provided by Prolexic (now Akamai technologies), CloudFlare and CenturyLink (Holland & Ferrara, 2015).
At minimum a single tier data centre design with VIP white listing should be used for self mitigating small scale attacks. Multi-tier cloud security services and CDN is recommended for large scale high attack bandwidth mitigation. DDoS mitigation should be part of all businesses disaster recovery plans, be implemented and tested prior to DDoS attacks and include monitoring for ongoing detection (Florian, 2012).

Distributed Denial of Service (DDoS) attacks present a real threat to the security and reputation of industries across the globe. With more organisations and businesses connecting critical infrastructure to the internet, the impact of DDoS strikes is becoming increasingly prevalent. Mitigation strategies include bandwidth defence, rate filtering, signature filtering, moving target, white listing and cloud security services. At minimum a single tier data centre design with VIP white listing should be used for self mitigating small scale attacks. Multi-tier cloud security services and CDN is recommended for large scale DNS and high bandwidth attack mitigation. DDoS mitigation should be part of all businesses disaster recovery plans, be implemented and tested prior to DDoS attacks and include monitoring for ongoing detection.

Akamai Technologies, Inc. (2015). [state of the internet] / security Q3 2015 report. Cambridge, Massachusetts: Akamai Technologies, Inc.
Akamai. (2014). Threats and Mitigations. A guide to multi-layered web security. Retrieved from Akamai ebook guide to multi layered web security:
Beitollahi, H., & Deconinck, G. (2012). Analyzing well-known countermeasures against distributed denial of service attacks. Computer Communications , 1312-1332.
Bhardwaj, A., Subrahmanyam, G., & Sastry, H. (2015). Three Tier Network Architecture to mitigate DDoS Attacks on Hybrid Cloud Environments. arXiv .
Florian, M. (2012). Simple ways to dodge the DDoS bullet. Network Security , 18-20.
Gillman, D., Lin, Y., Maggs, B., & Sitaraman, R. K. (2015). Protecting Websites from Attack with Secure Delivery Networks. Computer , 26-34.
Holland, R., & Ferrara, E. (2015). The Forrester Wave™: DDoS Services Providers, Q3 2015. Cambridge: Forrester Research, Inc.
Hunter, P. (2003). Distributed Denial of Service (DDOS) Mitigation Tools. Network Security , 12-14.
Iyengar, N., Banerjee, A., & Ganapathy, G. (2014). A Fuzzy Logic based Defense Mechanism against Distributed Denial of Service Attack in Cloud Computing Environment. International Journal of Communication Networks and Information Security , 233-245.
Lin, S.-C., & Tseng, S.-S. (2004). Constructing detection knowledge for DDoS intrusion tolerance. Expert Systems With Applications , 379-390.
Mansfield-Devine, S. (2011). DDoS: threats and mitigation. Network Security , 5-12.
Symantec Corporation. (2015). 2015 Internet Security Threat Report. California, USA: Symantec Corporation.
Yoon, M. (2010). Using whitelisting to mitigate DDoS attacks on critical Internet sites. IEEE Communications Magazine , 110-115.

Wednesday, 3 February 2016

Belkin F5U257 USB to Serial Driver installation Windows 10

Recently upgraded to Windows 10 and noticed there was no driver available for the Belkin F5U257 USB to serial adapter on the below official link:

Managed to extract the driver from the Windows 7 package (Belkin-F5U257-Win7-Vista using the following steps:

Download the driver (Belkin-F5U257-Win7-Vista from the above URL.

Extract the driver files (ser2co.inf,, ser2co.sys, ser2co64.sys) from the to the same driver folder directory

Update the USB-Serial Controller device driver by locating the local folder. Windows 10 should find the driver in the folder and complete successfully.

The Serial port should now work successfully!

Sunday, 13 September 2015

Testing wireless networks - do people really use bad computer passwords?

You regularly read about how people use silly passwords that are easy to guess. I thought I would see how true this is in the wild, based on the wireless networks near my house. For the record this was not done to steal wireless internet or access files, more an an exercise to see if people are actually using these passwords for more than just their eBay or Ashley Madison account.

Getting Started

So first of all one good thing noticed out of the gate is that all the local wireless networks are using network encryption. It's great to see network equipment manufacturers taking the secure by design approach.

Testing began by collecting WPA authentication transactions from multiple networks (7 in total) and putting my video card (or GPU) to work using common passwords from the RockYou dictionary (RockYou dictionary explanation here). Only custom SSID's were chosen to test since its likely if the user was capable of changing the WIFI name then they are also likely to be able to customise the password.

So can anyone do this you may ask? Short answer would be yes, though how long it will take comes down to the speed of your PC. Take mine for example, I wouldn't say its cutting edge but not too bad in this day and age. Specifications of PC used listed below, check your own using dxdiag (windows).

Time to generate some heat

In the past only CPUs were available for this type crunching. Along came OpenCL CUDA which allowed the use of GPU's to do the heavy lifting though it was not exactly straight forward, there was minimal tools available and hardly any documentation. These days it is easy, painless and super quick. Take hashcat/oclhashcat for instance. Portable executables, multi platform and architecture, rich in features and for use with CPU and GPU right out of the box.

After a couple of clicks, downloads, verification, cap to hcap conversions and a quick benchmark (oclHashcat64.exe -b) we were ready to start. Turns out this run of the mill desktop PC can churn out the 64482 WPA hashes per second using the GPU (benchmarks here) and 4000 hashes per second using the CPU (benchmarks here). Notice the difference between CPU and GPU performance!

So lets start with the standard set of RockYou passwords across the 7 different wireless networks using the following string from the CLI (switch syntax available here).

oclHashcat64.exe -m 2500 -gpu-temp-retain=60 -o cracked.txt 6346_1441356908.hccap dict-rockyou.txt

So the time taken to run through this list (14,344,392 passwords) on each of the wireless networks was about 4 minutes each (14,344,392 divide 64482). Results show that none of the 7 wireless networks were susceptible to the list of RockYou passwords.

For good measure rules and permutations were applied to each of the passwords across the networks using hashcat rules (can be found here). This added an additional ~ 127 mins per network to check:

  • First letter upper-case
  • All letters upper-case
  • Adding 1 and 2 digits to the end of the string.
  • Substituting o's for 0's
  • Substituting i's for 1's
  • Substituting e's for 3's
  • Substituting s's for 5's
  • Substituting a's for @'s

oclHashcat64.exe -m 2500 -r rules/custom.rule -gpu-temp-retain=60 -o cracked.txt 6346_1441356908.hccap dict-rockyou.txt

After less than 24 hours or leaving the computer run over night, of the 7 networks 0 was susceptible.

Crack me if you can

So most routers use a random decimal or hexadecimal string by default. These strings are mostly between  8 - 16 characters long (usually a maximum of 64 characters). To extrapolate how easy or hard it is to break this we can simulate some scenarios.

If the WPA password was 8 decimal characters long, using normal PC hardware it would only take a mere ~27mins to break.

oclHashcat64.exe -m 2500 -gpu-temp-retain=60 --attack-mode 3 -o cracked.txt 6346_1441356908.hccap ?d?d?d?d?d?d?d?d

10 decimal characters = ~ 2 days 3 hours cracking time.

oclHashcat64.exe -m 2500 -gpu-temp-retain=60 --attack-mode 3 -o cracked.txt 6346_1441356908.hccap ?d?d?d?d?d?d?d?d?d?d

And finally 16 decimal characters would take over 10 years!

oclHashcat64.exe -m 2500 -gpu-temp-retain=60 --attack-mode 3 -o cracked.txt 6346_1441356908.hccap ?d?d?d?d?d?d?d?d?d?d?d?d?d?d?d?d

Same tests but including HEX times are:

oclHashcat64.exe -m 2500 -gpu-temp-retain=60 --attack-mode 3 -1 ?dabcdef -o cracked.txt 6346_1441356908.hccap ?1?1?1?1?1?1?1?1

8char = ~ 21 hours
10char = ~224 days
15+char = > 10 years

Obviously there are techniques to reduce this time but to put it into perspective, it doesn't take any complex or much computing hardware to decrypt simple passwords within reasonable time frames.

Also its probably worth a mention that hashcat supports many commonly used password protected or encrypted formats.