Results 1 to 7 of 7

Thread: WPA cracking problem

  1. #1
    Just burned his ISO
    Join Date
    Dec 2008
    Posts
    7

    Default WPA cracking problem

    I am trying to crack my own WPA key. I know my key and I placed my key in the wordlist. I then captured some packets and I am guessing I gained the four way handshake(or have I?). Please see image below.

    hxxp://img218.imageshack.us/img218/2728/wspov8.png

    I then performed different ways in aircrack.

    Code:
    aircrack-ng -e AP_SID -w dictionary_file capture_file
    OR
    aircrack-ng -e AP_SID -b AP_MAC -w dictionary_file capture_file
    OR
    aircrack-ng -b AP_MAC -w dictionary_file capture_file
    and it says that my password is not in the list. Any thoughts?

  2. #2
    Junior Member
    Join Date
    Jul 2008
    Posts
    42

    Default

    Are you running airodump-ng when deathenticating the Client thats connected to the AP. Once you deathenticated the Client, in Airodump at the top right you should see handshake (numbers)

  3. #3

    Default

    Your capture appears to contain the 4-way handshake. Are you specifying the WPA attack when using aircrack-ng? I don't use aircrack to recover WPA, so I don't know the option off the top of my head. Just look for it in the output of aircrack-ng --help.

    Have you checked your dictionary to make sure it doesn't contain extra characters such as a new line character? Open the dictionary up in vi and see if the extra characters exists. If they are present, you can remove them using dos2unix.

    If the dictionary is fine and it still doesn't work, try cowpatty (which is what I usually use) and see if that will recover the password.

    Good Luck...

  4. #4
    Just burned his ISO
    Join Date
    Dec 2008
    Posts
    7

    Default

    anymore alternatives besides from cowpatty and aircrack-ng. Cowpatty gives me a buffer overflow when I ran it.
    Code:
    Collected all necessary data to mount crack against WPA/PSK passphrase.
    Starting dictionary attack.  Please be patient.                        
    *** buffer overflow detected ***: ./cowpatty terminated                
    ======= Backtrace: =========                                           
    /lib/tls/i686/cmov/libc.so.6(__fortify_fail+0x48)[0xb7dc9558]          
    /lib/tls/i686/cmov/libc.so.6[0xb7dc7680]                               
    ./cowpatty[0x804b307]                                                  
    ./cowpatty[0x804b5dc]                                                  
    ./cowpatty[0x804b708]                                                  
    ./cowpatty[0x8049e56]                   
    and so on...
    I tried googling the error but all posts was unanswered.

  5. #5
    Senior Member ShadowKill's Avatar
    Join Date
    Dec 2007
    Posts
    908

    Default

    Quote Originally Posted by jackripper213 View Post
    anymore alternatives besides from cowpatty and aircrack-ng. Cowpatty gives me a buffer overflow when I ran it.
    Code:
    Collected all necessary data to mount crack against WPA/PSK passphrase.
    Starting dictionary attack.  Please be patient.                        
    *** buffer overflow detected ***: ./cowpatty terminated                
    ======= Backtrace: =========                                           
    /lib/tls/i686/cmov/libc.so.6(__fortify_fail+0x48)[0xb7dc9558]          
    /lib/tls/i686/cmov/libc.so.6[0xb7dc7680]                               
    ./cowpatty[0x804b307]                                                  
    ./cowpatty[0x804b5dc]                                                  
    ./cowpatty[0x804b708]                                                  
    ./cowpatty[0x8049e56]                   
    and so on...
    I tried googling the error but all posts was unanswered.
    What size was the pass file you were using?



    "The goal of every man should be to continue living even after he can no longer draw breath."

    ~ShadowKill

  6. #6
    Just burned his ISO
    Join Date
    Dec 2008
    Posts
    7

    Default

    Not very big 6.6 kb o.0

    I dont think its with the dictionary. Theres probably something wrong with my compilation or the version of libcap I had or so but still haven't figured out the root of the problem as of yet.

    EDIT:

    After using cowpatty(finally working) via backtrack live still no results. It told me that my password was not in the dictionary even though I know for a fact it is. Does this mean that I did not actually have the 4 way handshake?

    BTW I tried capturing and cracking 2x.

  7. #7
    Just burned his ISO LMNOParis's Avatar
    Join Date
    Mar 2010
    Posts
    23

    Default

    just use this, it works normally for me:

    aircrack-ng -w (dictionary file) (cap file)

    example:

    aircrack-ng -w dictionary.txt wpa-01.cap

    unless there's a reason you're specifying the -b and -e options. i believe when you use the cap file it detects the bssid and essid from there.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •