WiFi Hacking part III. - WPA-PSK cracking. The text about cracking WPA coding is an alternative to the classic process (dictionary atack - cracking WPA key with Aircrack-ng and wordlist). I have used Cowpatty, John the Ripper and genPMK. Additionaly to the pentest you can get hash at Lostboxen (6GB) or at Shmoo (35GB) and wordlist for generating your own control sums..
After dowloading and decompressing the hashe (having a weaker processor might take a while :) are available by random browser of system files. You can use the way to the file in the folder where it is saved or it can be copied to the place where you are going to test it.
When using this technique PSK crack is not a dictionary atack but a comparison of control sums. I am mentioning the dictionary it self because of two reasons. The possibility of a dictionary atack exists all the time and somebody still enjoys the classic way :) The other more interesting possibility is to generate your own hashe by the tool genPMK. After the compilation Cowpatty you will find the application in the same folder. Before the compilation make sure that you have in the system the packet openSSL. Otherwise the compilation will fail.
Cowpatty
Cowpatty is a small application that works with hash. It knows stdin and stdout. The procedure is easy and not difficult. After catching handshake and identyfing the producer of Access Point (in case that AP is not signalizing ESSID and is set up defaultly or ESSID, copy (the path) or the correct hash into the folder where you are going to run the crack. Note: Just have a glance at tools MDK, SKA, aFrag.
If the Access Point has the ESSID changed I suggest to generate your own hash by genPMK where you are going to use as an essid the current name. If you have a high quality dictionary you can like this generate all existing passwords.
./genpmk -f dictionary -d test-hash -s ap-essid
and then use hash with cowpatty
./cowpatty -r test.dump -d test-hash -s ap-essid
If you decide to generate your own dictionary you can find useful links here (as well as annotations to the key words in the text) or use Google. Crack WPA with Aircrack-ng and the WEP vulnerability topic is descibed in tutorial Hacking WiFi. Catching handshake is shown in the text Attacking wireless networks. Sniffing is generaly (including examples and applications) described in the text about promiscuity and monitor mode Sniffing networks and data analysis.
Links for download Lostboxen (6GB) or at Shmoo (35GB) wordlist for generating own CRC.
Download
All the application for WEP, WPA pentest you can download at download section (download.airdump.net -> DIR software/wep-crack)
Windows Vista rtl8187 sniffing
Hello. I cannot sniff, i cannot find drivers for my wireless card (RTL8187) anybody som can help me? I have Windows Vista, is the shit i now..
re: Vista sniffing
There is no driver for rtl8187 and Windows Vista. Change operating system and wireless card too..
RTL8187 works only on Linux
i use the RTL8187 it works on Linux. I use Backtrack 2 its a live cd with linux no need to install anything just put CD in once burn. It's very easy
Linux help
I have the Backtrack Linux on CD but dont no where to start on how to crack WEP can some one e_mail me on how it is dun :: kevin kevinholgate1891@hotmail.com
Backtrack help
Check this video
Help
Hi I just want to know how to hack wifi security enabled signals. I have a windows vista ultimate 64bit and a intel wireless wifi link 4965AGN. I want to crack and find the codes to enter in the signals. Thanks I apreciate the help. My e-mail is silverfox_9@live.com.
Post new comment