Elcomsoft Wireless Security Auditor 5.0 12: A Complete Guide for Network Administrators and IT Security Specialists
Elcomsoft Wireless Security Auditor 5.0 12: A Comprehensive Review
If you are a network administrator or an IT security specialist, you know how important it is to ensure the security of your wireless network. Wireless networks are vulnerable to various types of attacks, such as eavesdropping, spoofing, cracking, and denial-of-service. A weak or compromised wireless network can expose your sensitive data, damage your reputation, and cause financial losses.
Elcomsoft Wireless Security Auditor 5.0 12
That's why you need a reliable tool to audit the security of your wireless network and test its resilience against potential threats. One such tool is Elcomsoft Wireless Security Auditor 5.0 12, a powerful and versatile software that can help you assess the security of your Wi-Fi environment by running a high-profile timed attack.
In this article, we will review Elcomsoft Wireless Security Auditor 5.0 12 in detail, covering its features, benefits, pricing, licensing, and recommendations. We will also answer some frequently asked questions about this tool at the end of the article.
Introduction
What is Elcomsoft Wireless Security Auditor 5.0 12?
Elcomsoft Wireless Security Auditor (EWSA) is a tool for network administrators and IT security specialists that allows them to audit the security of their wireless networks by attempting an attack on Wi-Fi passwords. The tool can analyze the wireless environment, sniff Wi-Fi traffic, and run a dictionary attack on WPA/WPA2-PSK passwords.
EWSA uses GPU-accelerated recovery to speed up the password cracking process by using the computational power of NVIDIA and AMD video cards. The tool also supports dictionary attacks with an advanced variation facility that can generate multiple variations of common passwords based on user-defined rules.
EWSA comes with a built-in wireless sniffer that can work on ordinary Wi-Fi adapters via a custom NDIS driver or on AirPCap adapters. The sniffer can intercept the handshake packet required to start the attack. The tool can also accept standard tcpdump logs supported by any Wi-Fi sniffer.
EWSA supports both automatic and manual operation modes, allowing users to enter password hashes and network's SSID by hand or to retrieve them from handshake packets or from saved password hashes obtained by Elcomsoft Proactive System Password Recovery (EPPB), another tool from Elcomsoft that can recover system passwords from Windows Registry.
Why do you need to audit the security of your wireless network?
Auditing the security of your wireless network is necessary to ensure a secure production environment and to comply with industry standards and regulations. Wireless networks can only provide sufficient security if they are configured properly and accompanied by an adequate password policy.
A single weak link in your wireless network can pose a valid security threat to the entire corporate network. If one of your network workstations is compromised and a malicious person gets network access to at least one system, they may not even need to be physically close to the network to launch an attack. They can use a variety of techniques, such as ARP spoofing, DNS poisoning, or man-in-the-middle attacks, to intercept and manipulate network traffic, steal sensitive data, or disrupt network services.
Therefore, it is essential to audit the security of your wireless network regularly and to test its resistance against possible attacks. By doing so, you can identify and eliminate any vulnerabilities, enforce a strong password policy, and prevent unauthorized access to your network resources.
How does Elcomsoft Wireless Security Auditor 5.0 12 work?
Elcomsoft Wireless Security Auditor 5.0 12 works by simulating an attack on the wireless network password using a dictionary of common passwords or a custom wordlist. The tool can either sniff the Wi-Fi traffic and capture the handshake packet that contains the encrypted password hash, or use a previously saved password hash from another source.
The tool then tries to crack the password hash by applying different variations of the passwords from the dictionary or the wordlist. The tool can use the GPU power of NVIDIA and AMD video cards to speed up the cracking process by up to 50 times compared to CPU-only recovery.
The tool can also use an advanced variation facility that can generate multiple variations of common passwords based on user-defined rules. For example, the tool can replace certain letters with numbers or symbols, add prefixes or suffixes, or change the case of the letters.
The tool supports both WPA and WPA2-PSK passwords, which are the most common types of wireless network passwords. The tool can also work with any Wi-Fi adapter that supports AirPCap or has a custom NDIS driver. The tool can operate in both automatic and manual modes, allowing users to choose between convenience and flexibility.
Features and Benefits
Built-in Wi-Fi sniffer
One of the main features of Elcomsoft Wireless Security Auditor 5.0 12 is its built-in Wi-Fi sniffer that can capture Wi-Fi traffic and extract the handshake packet that contains the encrypted password hash. The sniffer can work on any Wi-Fi adapter that supports AirPCap or has a custom NDIS driver.
The sniffer can automatically detect the wireless networks in range and display their SSID, MAC address, channel, signal strength, encryption type, and authentication method. The sniffer can also filter the traffic by network name or MAC address and save the captured packets in a standard tcpdump format.
The built-in Wi-Fi sniffer is very useful for auditing the security of wireless networks that are not accessible by other means, such as hidden networks or networks with MAC filtering. The sniffer can also help users to avoid legal issues by capturing only the handshake packet and not the entire Wi-Fi traffic.
GPU-accelerated dictionary attacks
Another key feature of Elcomsoft Wireless Security Auditor 5.0 12 is its GPU-accelerated dictionary attacks that can crack WPA/WPA2-PSK passwords much faster than CPU-only recovery. The tool can use the GPU power of NVIDIA and AMD video cards to perform parallel computations and speed up the cracking process by up to 50 times.
The tool supports multiple GPU devices and can automatically distribute the workload among them. The tool can also balance the GPU load with other applications running on the system and adjust the GPU usage accordingly. The tool can also resume the cracking process from where it left off in case of interruption or power failure.
The GPU-accelerated dictionary attacks are very effective for cracking weak or common passwords that are often used by users who do not follow a strong password policy. The tool can also crack complex passwords if they are based on common words or phrases that are included in the dictionary or the wordlist. Advanced variation facility
A unique feature of Elcomsoft Wireless Security Auditor 5.0 12 is its advanced variation facility that can generate multiple variations of common passwords based on user-defined rules. The tool can apply different transformations to the passwords from the dictionary or the wordlist, such as replacing letters with numbers or symbols, adding prefixes or suffixes, changing the case of the letters, or reversing the order of the characters.
The tool comes with a set of predefined rules that can cover most of the common password variations, such as leet speak, keyboard patterns, or date formats. The tool also allows users to create their own custom rules using a simple syntax and save them for future use. The tool can also combine multiple rules and apply them in a random or sequential order.
The advanced variation facility is very useful for cracking passwords that are slightly modified from common words or phrases, such as adding a number at the end, capitalizing the first letter, or inserting a symbol in the middle. The tool can also crack passwords that are based on personal information, such as names, dates, or hobbies, by using relevant rules.
Support for WPA and WPA2-PSK passwords
Elcomsoft Wireless Security Auditor 5.0 12 supports both WPA and WPA2-PSK passwords, which are the most common types of wireless network passwords. WPA and WPA2 are two encryption standards that provide a higher level of security than the older WEP standard. PSK stands for pre-shared key, which means that the password is shared between the network devices and the users.
WPA and WPA2 use different encryption algorithms to protect the password hash from being cracked. WPA uses TKIP (Temporal Key Integrity Protocol), which changes the encryption key for each packet. WPA2 uses AES (Advanced Encryption Standard), which is more secure and faster than TKIP.
Elcomsoft Wireless Security Auditor 5.0 12 can crack both WPA and WPA2-PSK passwords by using a brute-force attack on the password hash. The tool can also detect the encryption type automatically and adjust the cracking parameters accordingly. The tool can also handle different types of password hashes, such as PMK (Pairwise Master Key), PTK (Pairwise Transient Key), or MIC (Message Integrity Code).
Support for AirPCap and generic Wi-Fi adapters
Elcomsoft Wireless Security Auditor 5.0 12 supports both AirPCap and generic Wi-Fi adapters for capturing Wi-Fi traffic and extracting the handshake packet. AirPCap is a family of wireless capture devices that are designed specifically for Wi-Fi analysis and security auditing. AirPCap devices can capture raw 802.11 frames, including control and management frames, and provide advanced features such as channel hopping, signal strength measurement, and hardware-based decryption.
Generic Wi-Fi adapters are ordinary wireless network cards that can be used for connecting to wireless networks. Generic Wi-Fi adapters can also be used for capturing Wi-Fi traffic, but they require a custom NDIS driver that enables them to work in monitor mode. Monitor mode is a special mode that allows the adapter to capture all the packets on a wireless channel, regardless of the network name or encryption type.
Elcomsoft Wireless Security Auditor 5.0 12 can work with both AirPCap and generic Wi-Fi adapters, depending on the user's preference and availability. The tool can automatically detect the type of adapter and configure it accordingly. The tool can also work with multiple adapters simultaneously and switch between them as needed. Automatic and manual operation modes
Elcomsoft Wireless Security Auditor 5.0 12 supports both automatic and manual operation modes, allowing users to choose between convenience and flexibility. In the automatic mode, the tool can perform all the steps of the auditing process without user intervention, such as detecting the wireless networks, capturing the handshake packet, and cracking the password hash.
In the manual mode, the tool can allow users to enter the password hash and the network's SSID by hand or to load them from a file. The manual mode can be useful for users who have already obtained the password hash from another source, such as Elcomsoft Proactive System Password Recovery, or who want to test a specific password or network.
The tool can also switch between the automatic and manual modes at any time, giving users more control over the auditing process. The tool can also save the auditing session and resume it later, or export the results to a file for further analysis.
Integration with Elcomsoft Proactive System Password Recovery
Elcomsoft Wireless Security Auditor 5.0 12 can integrate with another tool from Elcomsoft, called Elcomsoft Proactive System Password Recovery (EPPB), which can recover system passwords from Windows Registry. EPPB can extract wireless network passwords that are stored on a local computer or a remote server, along with other types of passwords, such as Windows logon passwords, email passwords, or web browser passwords.
EWSA can import the wireless network passwords from EPPB and use them to audit the security of the corresponding wireless networks. This can be useful for users who want to check if their own wireless network passwords are secure enough, or for users who have legitimate access to a remote computer or server and want to audit its wireless network security.
EWSA and EPPB can work together seamlessly and provide a comprehensive solution for wireless network security auditing. EPPB can also recover other types of system passwords that can be useful for network administrators and IT security specialists.
Pricing and Licensing
Standard Edition vs Professional Edition
Elcomsoft Wireless Security Auditor 5.0 12 comes in two editions: Standard Edition and Professional Edition. The main difference between them is the number of supported GPU devices and the speed of password recovery.
The Standard Edition supports up to two GPU devices and can perform up to 10,000 password recovery operations per second. The Professional Edition supports up to 32 GPU devices and can perform up to 500,000 password recovery operations per second.
The Standard Edition is suitable for users who have a limited budget or who do not need a very fast password recovery speed. The Professional Edition is suitable for users who have a high-end hardware configuration or who need a very fast password recovery speed.
The Standard Edition costs $299 per license, while the Professional Edition costs $1199 per license. How to buy and activate the license
To buy a license for Elcomsoft Wireless Security Auditor 5.0 12, you can visit the official website of Elcomsoft and choose the edition that suits your needs. You can pay by credit card, PayPal, wire transfer, or other methods. You will receive an email with a download link and a registration code after the payment is confirmed.
To activate the license, you need to install the software on your computer and run it. You will see a dialog box that asks you to enter the registration code. You need to enter the code exactly as it appears in the email and click OK. The software will then verify the code and activate the license.
You can use the license on one computer only. If you want to use the software on another computer, you need to deactivate the license on the first computer and activate it on the second computer. You can do this by clicking on Help > License Manager in the software menu and following the instructions.
Conclusion and Recommendations
Summary of the main points
In this article, we have reviewed Elcomsoft Wireless Security Auditor 5.0 12, a tool for auditing the security of wireless networks by running a high-profile timed attack. We have covered its features, benefits, pricing, licensing, and recommendations.
We have learned that Elcomsoft Wireless Security Auditor 5.0 12 can:
Analyze the wireless environment, sniff Wi-Fi traffic, and run a dictionary attack on WPA/WPA2-PSK passwords.
Use GPU-accelerated recovery to speed up the password cracking process by using the computational power of NVIDIA and AMD video cards.
Use an advanced variation facility to generate multiple variations of common passwords based on user-defined rules.
Support both WPA and WPA2-PSK passwords, which are the most common types of wireless network passwords.
Support both AirPCap and generic Wi-Fi adapters for capturing Wi-Fi traffic and extracting the handshake packet.
Support both automatic and manual operation modes, allowing users to choose between convenience and flexibility.
Integrate with Elcomsoft Proactive System Password Recovery, which can recover system passwords from Windows Registry.
Pros and cons of Elcomsoft Wireless Security Auditor 5.0 12
Elcomsoft Wireless Security Auditor 5.0 12 has many advantages, such as:
It can help users to audit the security of their wireless networks and test their resilience against potential threats.
It can crack weak or common passwords that are often used by users who do not follow a strong password policy.
It can work with any Wi-Fi adapter that supports AirPCap or has a custom NDIS driver.
It can work with multiple GPU devices and balance the GPU load with other applications running on the system.
It can resume the cracking process from where it left off in case of interruption or power failure.
However, Elcomsoft Wireless Security Auditor 5.0 12 also has some drawbacks, such as:
It is not free and requires a license to use.
It may not be able to crack complex passwords that are not based on common words or phrases.
It may not be compatible with some Wi-Fi adapters that do not support AirPCap or have a custom NDIS driver.
It may cause legal issues if used for malicious purposes or without authorization.
Who should use this tool and who should avoid it
Elcomsoft Wireless Security Auditor 5.0 12 is a tool for network administrators and IT security specialists who want to audit the security of their wireless networks and test their resilience against potential threats. The tool can help them to identify and eliminate any vulnerabilities, enforce a strong password policy, and prevent unauthorized access to their network resources.
The tool is also suitable for users who want to check if their own wireless network passwords are secure enough, or for users who have legitimate access to a remote computer or server and want to audit its wireless network security.
The tool is not suitable for users who do not have a valid license or authorization to use it, or for users who want to use it for malicious purposes or without consent. The tool may cause legal issues if used inappropriately or illegally.
FAQs
Here are some frequently asked questions about Elcomsoft Wireless Security Auditor 5.0 12:
What are the system requirements for Elcomsoft Wireless Security Auditor 5.0 12?
The minimum system requirements for Elcomsoft Wireless Security Auditor 5.0 12 are:
Windows 7/8/8.1/10 or Windows Server 2008/2012/2016/2019
1 GHz CPU
512 MB RAM
50 MB free disk space
AirPCap or generic Wi-Fi adapter with a custom NDIS driver
NVIDIA or AMD video card with CUDA or OpenCL support (optional)
How long does it take to crack a wireless network password with Elcomsoft Wireless Security Auditor 5.0 12?
The time it takes to crack a wireless network password with Elcomsoft Wireless Security Auditor 5.0 12 depends on several factors, such as:
The length and complexity of the password
The size and quality of the dictionary or the wordlist
The number and type of the GPU devices
The encryption and authentication method of the wireless network
The availability and quality of the handshake packet
Generally, the longer and more complex the password, the longer it takes to crack it. The larger and more comprehensive the dictionary or the wordlist, the higher the chance of finding the password. The more and faster the GPU devices, the faster the cracking process. The stronger the encryption and authentication method, the harder it is to crack the password. The easier and clearer it is to capture the handshake packet, the quicker it is to start the attack.
According to Elcomsoft, it can take from a few minutes to several days to crack a wireless network password with Elcoms