Results 1 to 7 of 7

Thread: KEY FOUND, but its incorrect

  1. #1
    Just burned his ISO
    Join Date
    Jan 2010
    Posts
    15

    Default KEY FOUND, but its incorrect

    Hey guys, did a search but am looking for a more specific answer.

    Right, im doing a little pentest on my AP which uses WPA-PSK.
    I used my netbook to run BT4 then I successfully de-auth my targeted workstation (my desktop using wifi) and captured the 4-way handshake into a capture file.
    I then used the default aircrack word list (password.lst) to try and crack the handshake.

    I then get KEY FOUND [ penelope]
    I assume this means all it good and its been cracked, However I know this is not the password as its set to "Chronicles2"

    Yet doing another capture file from my same bssid and aircrack still tells me this is the key.

    why does aircrack tell me this is the key?
    thanks.

    I do have permission to crack the WPA passcode as I own the network, pay the bill and set up the AP. Just incase anyone asks =]

  2. #2
    Member
    Join Date
    Mar 2010
    Location
    /dev/null
    Posts
    455

    Default

    Hi ! That might be a "simple" hash collision : the 4w handshake you've got give you a hash. This hash was generated from your ESSID and your ascii password. But sometimes, you've got the same hash with two different passwords. That's (really) rare, but that may happen.

    To figure out that what I said is true, juste use wpa_passphrase (part of wpa_supplicant). Try your passwords and see if they give the same hash.

  3. #3
    Just burned his ISO
    Join Date
    Jan 2010
    Posts
    15

    Default

    oh right damn.

    I know what you mean about the hashes, but i didn't really understand how to compare and find out if both passwords are giving the same hash. =[

    possible to explain a little more?

  4. #4
    Member
    Join Date
    Mar 2010
    Location
    /dev/null
    Posts
    455

    Default

    Google is your best friend : WPA key calculation: From passphrase to hex

  5. #5
    Just burned his ISO
    Join Date
    Jan 2010
    Posts
    15

    Default

    ok. thanks for the link.
    I used the converter to see what it game me.
    The two hex keys don't match. Does that mean aircrack cant crack my passkey?

    Real password (chronicles2)
    7e83f6566a6a669f1f85e0e3ba40d27699249d2781a9d73999 bbf7d24dba0c3d

    Aircrack-ng "key Found" password (penelope)
    0a211c13a37da49eaab709e0c879e742b9082281d1c40e4d43 a67be97e2f667a

  6. #6
    Just burned his ISO
    Join Date
    Jan 2010
    Posts
    15

    Default

    any further help?

  7. #7
    Member
    Join Date
    Mar 2010
    Location
    /dev/null
    Posts
    455

    Default

    Well,
    If you tried another time to generate a cap file and the result is still the same, and if you've read the man page and tried the options what would solve the problem, then you can talk about it there : Aircrack-ng - IRC and rules

    (Some options in the man page really sounds good for this kind of issue)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •