WPA cracking problem

I am trying to crack my own WPA key. I know my key and I placed my key in the wordlist. I then captured some packets and I am guessing I gained the four way handshake(or have I?). Please see image below.

Quote:

---

hxxp://img218.imageshack.us/img218/2728/wspov8.png

---

I then performed different ways in aircrack.

Code:

---

aircrack-ng -e AP_SID -w dictionary_file capture_file
OR
aircrack-ng -e AP_SID -b AP_MAC -w dictionary_file capture_file
OR
aircrack-ng -b AP_MAC -w dictionary_file capture_file

---

and it says that my password is not in the list. Any thoughts?

Are you running airodump-ng when deathenticating the Client thats connected to the AP. Once you deathenticated the Client, in Airodump at the top right you should see handshake (numbers)

Your capture appears to contain the 4-way handshake. Are you specifying the WPA attack when using aircrack-ng? I don't use aircrack to recover WPA, so I don't know the option off the top of my head. Just look for it in the output of aircrack-ng --help.

Have you checked your dictionary to make sure it doesn't contain extra characters such as a new line character? Open the dictionary up in vi and see if the extra characters exists. If they are present, you can remove them using dos2unix.

If the dictionary is fine and it still doesn't work, try cowpatty (which is what I usually use) and see if that will recover the password.

Good Luck...

anymore alternatives besides from cowpatty and aircrack-ng. Cowpatty gives me a buffer overflow when I ran it. :(

Code:

---

Collected all necessary data to mount crack against WPA/PSK passphrase.
Starting dictionary attack.  Please be patient.                       
*** buffer overflow detected ***: ./cowpatty terminated               
======= Backtrace: =========                                         
/lib/tls/i686/cmov/libc.so.6(__fortify_fail+0x48)[0xb7dc9558]         
/lib/tls/i686/cmov/libc.so.6[0xb7dc7680]                             
./cowpatty[0x804b307]                                                 
./cowpatty[0x804b5dc]                                                 
./cowpatty[0x804b708]                                                 
./cowpatty[0x8049e56]                 
and so on...

---

I tried googling the error but all posts was unanswered.

Quote:

---

Originally Posted by jackripper213

anymore alternatives besides from cowpatty and aircrack-ng. Cowpatty gives me a buffer overflow when I ran it. :(

Code:

---

Collected all necessary data to mount crack against WPA/PSK passphrase.
Starting dictionary attack.  Please be patient.                       
*** buffer overflow detected ***: ./cowpatty terminated               
======= Backtrace: =========                                         
/lib/tls/i686/cmov/libc.so.6(__fortify_fail+0x48)[0xb7dc9558]         
/lib/tls/i686/cmov/libc.so.6[0xb7dc7680]                             
./cowpatty[0x804b307]                                                 
./cowpatty[0x804b5dc]                                                 
./cowpatty[0x804b708]                                                 
./cowpatty[0x8049e56]                 
and so on...

---

I tried googling the error but all posts was unanswered.

---

What size was the pass file you were using?

Not very big 6.6 kb o.0

I dont think its with the dictionary. Theres probably something wrong with my compilation or the version of libcap I had or so but still haven't figured out the root of the problem as of yet.

EDIT:

After using cowpatty(finally working) via backtrack live still no results. It told me that my password was not in the dictionary even though I know for a fact it is. Does this mean that I did not actually have the 4 way handshake?

BTW I tried capturing and cracking 2x.

just use this, it works normally for me:

aircrack-ng -w (dictionary file) (cap file)

example:

aircrack-ng -w dictionary.txt wpa-01.cap

unless there's a reason you're specifying the -b and -e options. i believe when you use the cap file it detects the bssid and essid from there.