A researcher was able to crack 70 percent of the gathered hashes in an experiment in a residential neighborhood.
War-driving – the process of driving around mapping residential Wi-Fi networks in hopes of finding a vulnerability to exploit – can still pay off for attackers, apparently: A CyberArk researcher recently found he could easily slice open about 70 percent of Wi-Fi network passwords in one Tel Aviv community — all at once.
CyberArk’s Ido Hoorvitch ran the experiment after observing that across multiple apartment moves, his neighbors’ mobile numbers turned out to also be their Wi-Fi passwords. He knew this because he asked to piggyback on the neighbors’ Wi-Fi while waiting for cable to be installed.
From there, “I hypothesized that most people living in Israel (and globally) have unsafe Wi-Fi passwords that can be easily cracked or even guessed by curious neighbors or malicious actors,” he noted, in a Tuesday blog. Well, it turns out he was right.
Walking, Sniffing & Cracking in Tel Aviv
To carry out the experiment, Hoorvitch gathered 5,000 Wi-Fi network hashes by strolling the streets in Tel Aviv with readily available, commercial Wi-Fi sniffing equipment.
His hash-sniffing rig consisted of