So far, I've conquered WEP, and started to move to WPA-PSK (TKIP)
After getting my PCAP and verifying it has a 4 way handshake (Wireshark, filter EAPOL), I ran the following:
cowpatty -s 2WIRE529 -d /mnt/sda2/patty/c* -r 529
note that the hashes are named c1, c2, etc and are in the above specified location (a windows HDD)
cowpatty 3.0 - WPA-PSK...
Collected all necessary data...
Starting dictionary attack...
Invalid word length: -33
Found a record that was too short, this shouldn't happen in practice!
Unable to identify the PSK from the dictionary file. Try expanding your passphrase list, and double-check the SSID. Sorry it didn't work out.
335676973 passphrases tested in 0.00 seconds: 100672123545123.44 passprhrases/second
Note: I am suspecting that the hash I got from shmoo is not the right one... and maybe I should get the one from renderlab (which I'm downloading right now). let me know if that's where I went wrong.
When I ran the above code, I sometimes got an invalid word length on lines 160, 85, etc (when I specified the exact file, such as -r c2)
I downloaded the 1.2 gb hash file/torrent from Shmoo (hxxp://rainbowtables.shmoo.com/), named alpha_num, and then unzipped it with 7 zip (in windows).
And yes, the SSID (2WIRE529) is one of the top 1000 commonly used ESSID.
There are .md5 for every file (5 separate ~200mb files) I did not run a md5 hash on the files (which were compresssed as .lzma, and decompressed to .rt, but renamed to be just c1, c2, etc) [I'm suggesting that they may have been corrupted] Example:
Any suggestion, or clue about the Invalid word length: -33 ?
Or workarounds? Or should I try and uncompress it again?