Airolib-ng and cowpatty

[balding_parrot]

We will have to think of something practical

[shamanvirtuel]

yes but not here
maybe an irc meeting in private chat will be the good one ? all 3....

Need to pm xploitz for this....

[balding_parrot]

That would be a good place to start, not before saturday evening as I have a heavy shedule next couple of days.

we should swap email adds too

anyway I better be off to bed

cya if I get chance tomorrow

[shamanvirtuel]

the same....i work really hard on beta3.....
maybe if xploitz is ok we could start a cryptus chat on sunday, i can provide the temp channel and the real time crypting chat script...........

or alternatively we can setup a tor chat....

[balding_parrot]

the same....i work really hard on beta3.....
maybe if xploitz is ok we could start a cryptus chat on sunday, i can provide the temp channel and the real time crypting chat script...........

or alternatively we can setup a tor chat....

Sounds good

But I would rather not tor, it was a little unreliable on one of my previous installs.

And I am sure you have what you think is a better method as you mentioned it.

[godfather]

hi guys , I have a no0bie question? did I still need dictionary file for this type of attack ? thanks

[Funnyman]

hi guys , I have a no0bie question? did I still need dictionary file for this type of attack ? thanks

you use the dictionary file where you have all your wordlist and your ESSID to produce such a hash. So, yes you do need it for this type of attack.

[-=Xploitz=-]

@ Niko & b_p....

Sounds sweet guys. I'll have to get it approved by my superior...(my wife)..cause she thinks "chat" and irc are just forms of me trying to chat with ho's from different area codes ..lol. Thats why I don't have yahoo chat..AIM..irc or anything else but E-mail..lol. She's got me on a very short leash. But I don't foresee any problem. PM me for time and all the other details.

[shamanvirtuel]

yes we are all busy this weekend so i think will be next week more...

One thing, i have tried cracking of wpa1 AES , cowpatty fails where as aircrack-ng success...
in wireshark no malformed packets....so seems that AES(and only AES) is not supported by cowpatty....

COWPATTY
bt aircrack-ng # cowpatty -r /root/Desktop/AIRBETA2/dumps/AIR-Capture-01.cap -d /root/test2 -s Livebox-a5a3
cowpatty 4.0 - WPA-PSK dictionary attack. <jwright@hasborg.com>

End of pcap capture file, incomplete TKIP four-way exchange. Try using a
different capture.

AIRCRACK
bt aircrack-ng # aircrack-ng -r /root/Desktop/AIRBETA2/.DB/AIRDATABASE /root/Desktop/AIRBETA2/dumps/AIR-Capture-01.cap
Opening /root/Desktop/AIRBETA2/dumps/AIR-Capture-01.cap
Read 188 packets.

# BSSID ESSID Encryption

1 00:1A:6B:04:9E:2F Livebox-a5a3 WPA (1 handshake)

Choosing first network as target.

Opening /root/Desktop/AIRBETA2/dumps/AIR-Capture-01.cap

Aircrack-ng 1.0 r634


[00:00:00] 9841 keys tested (40689.67 k/s)


KEY FOUND! [ airbeta3 ]


Master Key : D5 52 7A 3E 14 08 C8 44 7A 49 1D AA 36 EF CE F7
A7 79 00 53 AE 0B 81 29 45 89 65 4D B9 A0 58 FE

Transcient Key : 5C A4 A8 83 68 5B 74 52 3D 48 2D 2C 37 16 8E 06
F9 05 B7 C9 0B B9 0B C6 4F A4 B8 95 A5 87 E6 7F
9E A0 B2 0A 78 A5 D9 0B 83 BA AD 25 DB C9 A0 82
F6 59 CC 1C C2 E0 D3 6E ED F5 03 06 3C 2A 4A E1

EAPOL HMAC : 2A A5 C6 02 6E 74 11 5D BF 32 2A DB E9 A0 A2 2B


Quitting aircrack-ng...

MORAL : i prefer cowpatty But for its limits(AES) i will go now in aircrack-ng only way....

[wallsballs]

Hi guys sorry to butt in at such a late date, just to say nice work finding the problem i have been trying myself and have hit the same problem Xploitz did so thanks very much.

Is there anyway someone can post up all the commands used from start to finish as it would just finish the thread off as a sort of tutorial.

Thanks wallballs