Page 2 of 3 FirstFirst 123 LastLast
Results 11 to 20 of 21

Thread: pyrit passthrough help needed

  1. #11
    Junior Member default's Avatar
    Join Date
    Nov 2007
    Posts
    87

    Default

    Quote Originally Posted by ajonez View Post
    ......

    I have yet to really test 4.6 because apparently my wpa 4 way handshake wasn't fully captured when I tried to run the pyrit-generated hash table.

    ....
    Hmm, I tried 4.6 with a bunch of good shakes and get the same error, anyone figure out a fix for this?

    Aircrack-ng said the shakes are shakes are ok

  2. #12
    Good friend of the forums
    Join Date
    Jun 2008
    Posts
    425

    Default

    Hmm, I tried 4.6 with a bunch of good shakes and get the same error, anyone figure out a fix for this?

    Aircrack-ng said the shakes are shakes are ok
    I think pyrit needs all four key(), but aircrack 2 or 3, most of the time when I I use airodump I only get three.
    Can you go into the cap with wireshark and see if you get four eapol keys

  3. #13
    Junior Member default's Avatar
    Join Date
    Nov 2007
    Posts
    87

    Default

    Yay, found it, add this red thingy:

    pyrit -e default -f /mnt/sdc1/wordlist/wpa1.txt passthrough | cowpatty -2 -d - -r /mnt/sdc1/wpahs/default-01.cap -s default

  4. #14
    Good friend of the forums
    Join Date
    Jun 2008
    Posts
    425

    Default

    Apparantly there is a patch for cowpatty 4.6 to accept 3 of 4 frames. So far I have only found purehate telling people off about not reading his 10 post on the subject. So, I'll keep looking for one of those 10 posts and let you know.
    Will let you know if i found info about, only purhate has that patch.

  5. #15
    Developer
    Join Date
    Mar 2007
    Posts
    6,124

    Default

    You should not need the -2 switch any more. The cowpatty 4.6 I committed to svn has Edgans patch which should detect 95 percent of handshakes even with only 3 frames. If you can send me the handshakes you say are good but dont work I will take a look at them.

  6. #16
    Junior Member default's Avatar
    Join Date
    Nov 2007
    Posts
    87

    Default

    Quote Originally Posted by pureh@te View Post
    You should not need the -2 switch any more. The cowpatty 4.6 I committed to svn has Edgans patch which should detect 95 percent of handshakes even with only 3 frames. If you can send me the handshakes you say are good but dont work I will take a look at them.
    Patched it and ran pyrit "*.cap" analyze in my shake folder.

    kept all the good shakes and moved all the bad ones to the bad-shake folder. I could get better shakes or run aircrack-ng-cuda on the bad ones, no drama.

    I'd like to share my .caps, but they are post-install client caps. I'd prefer my ap names to remain out of your super-pooter database

  7. #17
    Developer
    Join Date
    Mar 2007
    Posts
    6,124

    Default

    Quote Originally Posted by default View Post
    Patched it and ran pyrit "*.cap" analyze in my shake folder.

    kept all the good shakes and moved all the bad ones to the bad-shake folder. I could get better shakes or run aircrack-ng-cuda on the bad ones, no drama.

    I'd like to share my .caps, but they are post-install client caps. I'd prefer my ap names to remain out of your super-pooter database
    Thats cool, I understand however if you are using the newest cowpatty with Edgans patch you should have better handshake detection than aircrack-ng.

    Here is the patch you should be using with cowpatty 4.6

    http://proton.cygnusx-1.org/~edgan/c...-fixup16.patch

  8. #18
    Junior Member
    Join Date
    Feb 2010
    Posts
    26

    Red face

    Hi Guys, Really sorry to be a pain in the but, but once again googled and tried to apply the patch myself, cause i'm getting buffer overflows.. but failed miserably

    Code:
    patch -p1 < /path/to/patch/file
    Code:
    patch /usr/bin/cowpatty < /root/cowpatty_patch.diff
    does that look right?

    even if the path's aren't right is my syntax right cause i keep getting an error

    Code:
    File to patch: /usr/local/bin/cowpatty
    patching file /usr/local/bin/cowpatty
    Hunk #1 FAILED at 178.
    1 out of 1 hunk FAILED -- saving rejects to file /usr/local/bin/cowpatty.rej
    root@john-laptop:/home/andy1/aircrack-ng# sudo patch /usr/bin/cowpatty < {/home/andy1/cowpatty_patch.diff} 
    bash: {/home/andy1/cowpatty_patch.diff}: No such file or directory
    root@john-laptop:/home/andy1/aircrack-ng# sudo patch /usr/bin/cowpatty < /home/andy1/cowpatty_patch.diff 
    patching file /usr/bin/cowpatty
    Hunk #1 FAILED at 94.
    Hunk #2 FAILED at 150.
    Hunk #3 FAILED at 165.
    Hunk #4 FAILED at 267.
    Hunk #5 FAILED at 290.
    Hunk #6 FAILED at 398.
    Hunk #7 FAILED at 465.
    Hunk #8 FAILED at 477.
    Hunk #9 FAILED at 492.
    Hunk #10 FAILED at 520.
    Hunk #11 FAILED at 538.
    Hunk #12 FAILED at 1027.
    12 out of 12 hunks FAILED -- saving rejects to file /usr/bin/cowpatty.rej
    can't find file to patch at input line 391
    Perhaps you should have used the -p or --strip option?
    The text leading up to this was:
    --------------------------
    |diff -uNr cowpatty-4.6/cowpatty.h cowpatty-4.6-fixup16/cowpatty.h
    |--- cowpatty-4.6/cowpatty.h	2009-06-04 06:24:16.000000000 -0700
    |+++ cowpatty-4.6-fixup16/cowpatty.h	2009-07-17 16:16:58.043152023 -0700

    is there an option or switch that needs to be included?


    many cheers guys

    o.k so I have applied the patch but i'm still getting buffer overflows...........

    i'm wondering though, do I need to bother with cowpatty now that pyrit has new features?

    Or could I just work from a .txt password file and have pyrit do what cowpatty would normally do anyway?

    any suggestions?

    thanks guys


    i'll go and play in a corner with pyrit since pureh@te posted some basic syntax's to use it...cheers again pureh@te....24K work

  9. #19
    Super Moderator Archangel-Amael's Avatar
    Join Date
    Jan 2010
    Location
    Somewhere
    Posts
    8,012

    Default

    Do not double post use the edit button instead, it is a rule you agreed to follow.
    To be successful here you should read all of the following.
    ForumRules
    ForumFAQ
    If you are new to Back|Track
    Back|Track Wiki
    Failure to do so will probably get your threads deleted or worse.

  10. #20
    Developer
    Join Date
    Mar 2007
    Posts
    6,124

    Default

    Here ya go......

    ph33rbot ~ # tar xvf cowpatty-4.6.tgz
    cowpatty-4.6/
    cowpatty-4.6/FAQ
    cowpatty-4.6/TODO
    cowpatty-4.6/dict
    cowpatty-4.6/wpa2psk-linksys.dump
    cowpatty-4.6/eap-test.dump
    cowpatty-4.6/Makefile
    cowpatty-4.6/md5.c
    cowpatty-4.6/md5.h
    cowpatty-4.6/README
    cowpatty-4.6/wpapsk-linksys.dump
    cowpatty-4.6/cowpatty.c
    cowpatty-4.6/cowpatty.h
    cowpatty-4.6/file_magic
    cowpatty-4.6/genpmk.c
    cowpatty-4.6/CHANGELOG
    cowpatty-4.6/common.h
    cowpatty-4.6/sha1.c
    cowpatty-4.6/sha1.h
    cowpatty-4.6/AUTHORS
    cowpatty-4.6/utils.c
    cowpatty-4.6/utils.h
    cowpatty-4.6/INSTALL
    cowpatty-4.6/radiotap.h
    cowpatty-4.6/COPYING
    ph33rbot ~ # cd cowpatty-4.6
    ph33rbot cowpatty-4.6 # wget http://proton.cygnusx-1.org/~edga/co...-fixup16.patch
    --2009-11-08 06:53:54-- http://proton.cygnusx-1.org/~edgan/c...-fixup16.patch
    Resolving proton.cygnusx-1.org... 173.8.189.9
    Connecting to proton.cygnusx-1.org|173.8.189.9|:80... connected.
    HTTP request sent, awaiting response... 200 OK
    Length: 14227 (14K) [text/plain]
    Saving to: `cowpatty-4.6-fixup16.patch'

    100%[======================================>] 14,227 76.1K/s in 0.2s

    2009-11-08 06:53:55 (76.1 KB/s) - `cowpatty-4.6-fixup16.patch' saved [14227/14227]

    ph33rbot cowpatty-4.6 # patch -Np1 -i cowpatty-4.6-fixup16.patch
    patching file cowpatty.c
    patching file cowpatty.h
    ph33rbot cowpatty-4.6 #

Page 2 of 3 FirstFirst 123 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •