Ok, first off, please tell us plainly you are in fact testing a handshake collected from your own network. I do not want to help if you're looking for "alternate sources of internet".
HOW_TO test WPA_handshake
Hi! I have one problem with captured WPA-PSK hanshake. I used cowpatty to recover password+pyrit. Everything goes well untill i try to putt my *.cap file to cowpatty, it reports:
dem@dem-laptop:~$ cowpatty -d cow.out -s SeaOcelotWL -r /home/dem/Deauth_Ocelot_WPA/psk-01.cap
"End of pcap capture file, incomplete four-way handshake exchange. Try using a
different capture."
So a question is, how can I test captured WPA-PSK for compete handshake exchange?
And a full description of entered commands:
Code:dem@dem-laptop:~$ aircrack-ng psk-01.cap Opening psk-01.cap Read 19428 packets. # BSSID ESSID Encryption 1 00:1E:C1:B6:63:00 SeaOcelotWL WPA (1 handshake) Choosing first network as target. Opening psk-01.cap Please specify a dictionary (option -w). Quitting aircrack-ng... dem@dem-laptop:~$ pyrit -e SeaOcelotWL create_essid Created ESSID 'SeaOcelotWL' dem@dem-laptop:~$ pyrit -f /home/dem/brut/wpa.lst import_passwords Importing from '/home/dem/brut/wpa.lst' 2830423 lines read. Flushing buffers... All done. dem@dem-laptop:~$ pyrit batch Working on ESSID 'SeaOcelotWL' Computed 2775377 PMKs so far; 3247 PMKs per second; 27062 passwords buffered. Stopped reading workunits... Computed 2819446 PMKs so far; 3256 PMKs per second; 0 passwords buffered.ed.. All done. 3269.53 PMKs/s total. #1: 'CUDA-Device #1 'GeForce 9800M GTS'': 2817.9 PMKs/s (Occ. 99.9%; RTT 3.0) #2: 'CPU-Core (SSE2)': 455.3 PMKs/s (Occ. 99.9%; RTT 3.0) Batchprocessing done. dem@dem-laptop:~$ pyrit -e SeaOcelotWL -f cow.out export_cowpatty Exporting to 'cow.out'... 2830414 entries written. All done. dem@dem-laptop:~$ cowpatty cowpatty: Must supply a pcap file with -r Usage: cowpatty [options] -f Dictionary file -d Hash file (genpmk) -r Packet capture file -s Network SSID (enclose in quotes if SSID includes spaces) -2 Use frames 1 and 2 or 2 and 3 for key attack (nonstrict mode) -c Check for valid 4-way frames, does not crack -h Print this help information and exit -v Print verbose information (more -v for more verbosity) -V Print program version and exit dem@dem-laptop:~$ cowpatty -d cow.out -s SeaOcelotWL -r /home/dem/psk-01.cap End of pcap capture file, incomplete four-way handshake exchange. Try using a different capture. dem@dem-laptop:~$ cowpatty -d cow.out -s SeaOcelotWL -r /home/dem/Deauth_Ocelot_WPA/psk-01.cap End of pcap capture file, incomplete four-way handshake exchange. Try using a different capture.
Ok, first off, please tell us plainly you are in fact testing a handshake collected from your own network. I do not want to help if you're looking for "alternate sources of internet".
You. Are. Doing. It. Wrong.
-Gitsnik
Oh yea, he's going to tell the truth now.....Originally Posted by kidFromBigD
Of course, if you really wanted to have some fun, go to Wal-Mart late at night and ask the greeter if they could help you find trashbags, roll of carpet, rope, quicklime, clorox and a shovel. See if they give you any strange looks. --Streaker69
Which version of cowpatty are you using of which backtrack? The problem is the way cowpatty is coded and if you do not have a patched version it will fail.
i have installed it from Festor repo
Actually cowpatty works for me, with other capture:
As you see I have cowpatty 4.6Code:dem@dem-laptop:~$ cowpatty -d cow.out -s SeaOcelotWL -r /home/dem/OCEAN_WPA/psk-01.cap cowpatty 4.6 - WPA-PSK dictionary attack. Collected all necessary data to mount crack against WPA/PSK passphrase. Starting dictionary attack. Please be patient. key no. 10000: troostgr key no. 20000: servicetree key no. 30000: pristupnost key no. 40000: nawasihi key no. 50000: katzenmusik key no. 60000: gilabend key no. 70000: e'caillures key no. 80000: blanchflower's key no. 90000: WISENTENCE key no. 100000: Fdxcy4zc1RTRhNP key no. 110000: well-assessed key no. 120000: swpclient #.....and so on #and at last my perfomance: 2830415 passphrases tested in 18.32 seconds: 154481.34 passphrases/second
O.K. Truth? That is our ship's wifi network, set by me. "Sea Ocelot" ship's name operated by Thome offshore, as you see it in essid. Believe or not that is your decision...
Well there is your problem. I have no idea who fester is therefore he wouldn't have the patch's that we have. A close friend of mine wrote the patch. I'll explain the problem.
You do not have a full capture. There are 4 parts to a wpa hand shake capture. It will work in aircrack-ng because aircrack looks at packets 1 and 2 or 2 and 3. The problem with cowpatty is it looks only at packet 4. Now as of version 4.6 which you have, josh implemented our patch in to cowpatty. So give cowpatty a argument 0f -2 and it should work.
By the way this is a forum for backtrack Linux not general questions. If you had backtrack you would have the properly patched cowpatty. The -2 option josh implemented only works most of the time so if that doesnt work for you then you need our version.
Thanks pureh@te, now almost all clear for me. i didn't mention my Backtrack distro, because seems like i have a problem with detecticting my CUDA card in it.
Pyrit shows me only two CPUs when I entered list_cores command and no CUDA device. I have posted this issue to your HOWTO post-"pyrit-cuda-nvidia-tutorial-nvidia-overclock-instructions". That's why I have installed pyrit to my ordinary Ubuntu 9.04 amd64 and i think that is problem in driver version which CUDA card uses. Fester repos has 180.44 and Bactrack's is 185.18.08-bt5 version, but of course, I may wrong. Anyway I want try 190 beta driver in Backtrack4 pre, NVIDIA have just released it and posted CUDA support.
Demontager, just out of interest, is your query here related to the ISPS requirements of the company / ship ?
Or this part of the classification society's external audit or internal audit ?
Just interested as haven't come accross checks of this type onboard yet, infact havent got wireless on the ships at all as far as I know.. but might have to check if some crew hook up a router now
So,I checked pyrit in Backtrack4 pre and as I told it can't recognize CUDA device, it shows 2 CPUs only.
And another thing, I have tested cowpatty in BT4 without hashed tables, see what I got:Code:root@track-laptop:~# pyrit benchmark The ESSID-blobspace seems to be empty; you should create an ESSID... Running benchmark for at least 60 seconds... CPU-Core (x86): 227.07 PMKs/s, (99.92% occupancy) CPU-Core (x86): 224.65 PMKs/s, (84.16% occupancy) Benchmark done. 451.72 PMKs/s total.
That is the same cap file, so that's means Festor's 4.6 cowpaty hadn't patched.Code:root@track-laptop:/pentest/wireless/cowpatty# ./cowpatty -f ~/ocelot/wpa.lst -s SeaOcelotWL -r ~/ocelot/psk-01.cap cowpatty 4.3 - WPA-PSK dictionary attack. <jwright@hasborg.com> Collected all necessary data to mount crack against WPA2/PSK passphrase. Starting dictionary attack. Please be patient. key no. 1000: 0duopoly key no. 2000: 0observe key no. 3000: 0trilogy key no. 4000: 1ABDELFATTAH ^CUnable to identify the PSK from the dictionary file. Try expanding your passphrase list, and double-check the SSID. Sorry it didn't work out. 4495 passphrases tested in 42.69 seconds: 105.29 passphrases/second
And one more, I have supplied cowpatty 4.6 ver on Ubuntu 9.04 with -2 option, but still same issue:
For this moment I didn't check others NVIDIA drivers for Backtrack 4, but I'll, soon.Code:dem@dem-laptop:~$ cowpatty -2 -v -d cow.out -s SeaOcelotWL -r /home/dem/psk-01.cap cowpatty 4.6 - WPA-PSK dictionary attack. End of pcap capture file, incomplete four-way handshake exchange. Try using a different capture.
Posting Permissions