KEY FOUND, but its incorrect
Hey guys, did a search but am looking for a more specific answer.
Right, im doing a little pentest on my AP which uses WPA-PSK.
I used my netbook to run BT4 then I successfully de-auth my targeted workstation (my desktop using wifi) and captured the 4-way handshake into a capture file.
I then used the default aircrack word list (password.lst) to try and crack the handshake.
I then get KEY FOUND [ penelope]
I assume this means all it good and its been cracked, However I know this is not the password as its set to "Chronicles2"
Yet doing another capture file from my same bssid and aircrack still tells me this is the key.
why does aircrack tell me this is the key?
I do have permission to crack the WPA passcode as I own the network, pay the bill and set up the AP. Just incase anyone asks =]
Hi ! That might be a "simple" hash collision : the 4w handshake you've got give you a hash. This hash was generated from your ESSID and your ascii password. But sometimes, you've got the same hash with two different passwords. That's (really) rare, but that may happen.
To figure out that what I said is true, juste use wpa_passphrase (part of wpa_supplicant). Try your passwords and see if they give the same hash.
oh right damn.
I know what you mean about the hashes, but i didn't really understand how to compare and find out if both passwords are giving the same hash. =[
possible to explain a little more?
ok. thanks for the link.
I used the converter to see what it game me.
The two hex keys don't match. Does that mean aircrack cant crack my passkey?
Real password (chronicles2)
Aircrack-ng "key Found" password (penelope)
If you tried another time to generate a cap file and the result is still the same, and if you've read the man page and tried the options what would solve the problem, then you can talk about it there : Aircrack-ng - IRC and rules
(Some options in the man page really sounds good for this kind of issue)