Results 1 to 3 of 3

Thread: cowpatty & hash error, "Invalid Word Length: -33"

  1. 01-26-2009, 02:32 AM #1
    ImGeo
    ImGeo is offline
    Just burned his ISO
    Join Date
    Jan 2009
    Posts
    4

    Default cowpatty & hash error, "Invalid Word Length: -33"

    So far, I've conquered WEP, and started to move to WPA-PSK (TKIP)

    After getting my PCAP and verifying it has a 4 way handshake (Wireshark, filter EAPOL), I ran the following:

    cowpatty -s 2WIRE529 -d /mnt/sda2/patty/c* -r 529
    note that the hashes are named c1, c2, etc and are in the above specified location (a windows HDD)

    cowpatty 3.0 - WPA-PSK...
    Collected all necessary data...
    Starting dictionary attack...
    Invalid word length: -33
    Found a record that was too short, this shouldn't happen in practice!
    Unable to identify the PSK from the dictionary file. Try expanding your passphrase list, and double-check the SSID. Sorry it didn't work out.

    335676973 passphrases tested in 0.00 seconds: 100672123545123.44 passprhrases/second

    -----------
    Note: I am suspecting that the hash I got from shmoo is not the right one... and maybe I should get the one from renderlab (which I'm downloading right now). let me know if that's where I went wrong.

    When I ran the above code, I sometimes got an invalid word length on lines 160, 85, etc (when I specified the exact file, such as -r c2)

    I downloaded the 1.2 gb hash file/torrent from Shmoo (hxxp://rainbowtables.shmoo.com/), named alpha_num, and then unzipped it with 7 zip (in windows).

    And yes, the SSID (2WIRE529) is one of the top 1000 commonly used ESSID.

    There are .md5 for every file (5 separate ~200mb files) I did not run a md5 hash on the files (which were compresssed as .lzma, and decompressed to .rt, but renamed to be just c1, c2, etc) [I'm suggesting that they may have been corrupted] Example:
    alpha_num1.rt.lzma
    alpha_num1.rt.lzma.md5
    alpha_num2.rt.lzma
    alpha_num2.rt.lzma.md5

    Any suggestion, or clue about the Invalid word length: -33 ?
    Or workarounds? Or should I try and uncompress it again?
  2. 01-26-2009, 02:44 AM #2
    Virchanza
    Virchanza is offline
    Very good friend of the forum Virchanza's Avatar
    Join Date
    Jan 2010
    Posts
    863

    Default

    Quote Originally Posted by ImGeo View Post
    cowpatty 3.0 - WPA-PSK...
    Collected all necessary data...
    Starting dictionary attack...
    Invalid word length: -33
    Found a record that was too short, this shouldn't happen in practice!
    There's a bug in the program you're using. Either that, or the laws of physics have changed so that you can have a word of negative length. My guess is that they're using a signed integer variable somewhere in the program and it gets overflowed so that a large positive number becomes a small negative number. I'm sure the developer(s) of the application would like to know about it.
    Ask questions on the open forums, that way everybody benefits from the solution, and everybody can be corrected when they make mistakes. Don't send me private messages asking questions that should be asked on the open forums, I won't respond. I decline all "Friend Requests".
  3. 01-26-2009, 03:05 AM #3
    Radar_mX
    Radar_mX is offline
    Junior Member
    Join Date
    Apr 2008
    Posts
    36

    Default

    use airolib-ng instead
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules