How to Capture a 4 way WPA handshake and Upload it to a Online WPA Cracker

[purehate]

I hate to write tutorials twice but there are some I have written on my site that could be useful here as well so I am just going to link them.

How to Capture a 4 way WPA handshake

[wh1t3fang]

Great detailed tutorial.

[cntmn8td2006]

The website, ph33rbot.com, to upload your WPA handshake happened to be down for me. I believe http://www.wpacracker.com/ also offer the same service.

[brawngp1]

I just thought i would test that service out with my handshake. First time i used a service like this and i was just curious. Not a good result as it came back saying password not found!! i wonder what is the success rate if you dont mind me asking?

[jerko]

hi, im trying to crackwpa2 psk and after i type the

aireplay-ng -0 10 -a [BSSID here] -c [STATION here] mon0

it will only receive like 6 ACKs at max and won't handshake.

my signal is like 15-20 percent to this network, but Ive successfuly cracked wep networks with signal of this low strenght or lower, some of them work up to 2 mbits.

whats the problem, why wont it handshake to this network?

on youtube vid ive seen guy receiving 64 ACKs in just 5 tries, Ive tried 100 tries and it got only 6 ACKs.

how to get more acks?

[parrotface]

Try the wiffy script it gets wpa hanshake every time Great script from g0tmi1k.
You need a good signal - wiffy shows green for good signal but will work for lower signal strength but not when in the red
I have a usb Wifi (zd1211 chip set) stick which works better than my built in atheros.

[Barry]

I just thought i would test that service out with my handshake. First time i used a service like this and i was just curious. Not a good result as it came back saying password not found!! i wonder what is the success rate if you dont mind me asking?

You must have a pretty good password then.

[brawngp1]

You must have a pretty good password then.

Actually NO. It's just a short female name with 2 numbers at the end of it, which made me wonder about services such as this!!

[parrotface]

Are you sure the handshake was good that you sent to the online cracker.
I have captured what I thought was a handshake from a client that was trying at the time to associate to the AP with the wrong pass phrase.
Then it would not crack. I have not tried the online service but also wondered what the success rate is.

[trueblu8]

Yes it would be nice if wpacracker posted what their success rate is. I like that a couple other sites such as question-defense and darkircop do that.

I also uploaded a .cap file that got a no password found response from this site. I later found out that it was because the handshake that I had uploaded was not complete. I sent an email to moxie asking if I could resend a complete handshake but have yet to receive a response. On the other hand question-defense was very prompt and professional in getting back to me and basically gave me the go ahead to resend it when I recover the complete handshake.

I then started to wonder how the hell can I tell if the handshake that I have captured is complete or not before uploading it to one of these sites. Luckily in the faq on wpacracker they mention the aircrack-ng tutorial and wireshark. Wireshark is provided in backtrack or you can also download it for windows. Once you have captured the handshake you can open the .cap file in wireshark and and apply the eapol filter. This will then tell you if your capture contains 0, 1, 2, 3 or 4 eapol packets which I believe are the different parts of the handshake. I have a little more researching to do on this to find out just how many eapol packets a good handshake contains. If anyone could chime in here that would be great.