How To Crack WPA / WPA2

  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.
U

Unregistered

Guest
to write to a dump file u use -w (directorary and name of file)

such as airodump-ng --bssid ******** -w /root/desktop/dumps/dump.cap mon0
 

stevech

Part of the Furniture
hooey.
Unless you live in a University dorm, who has the physical proximity AND the motive to crack your WiFi encryption?
 

jdabbs

Super Moderator
Neighborhood teenagers and CP aficionados?

I'd say a good third to half of the wireless networks visible from my old apartment were capable* of sustaining an Internet connection at my vantage point.


*based on extrapolation, and does in no way constitute an admission of guilt
 

CaptainSTX

Part of the Furniture
WPS Exploit Obtain Paraphrase

Attached is a link to an interesting/scary Youtube video demonstrating with step by step instructions how in 2.5 - 10 hours (in the case of the video it took 7.5 hours ) to obtain the paraphrase for many routers by exploiting WPS. In the example shown the router had a twenty two character paraphrase.

The video is concise, clear and simple enough so that any script jockey should be able to duplicate the results shown.

It is not clear to me if you have WPS disabled on a router if this exploit method will still work.


http://www.youtube.com/watch?v=eWy5DDc5Hn0
 

sfx2000

Part of the Furniture
If the router truly disables WPS when that little box is checked - you're in the clear when using WPA2

When using WPA2 PSK, use a strong key - this one is more than secure enough (not now, of course) -- "Thi4iSaPaa5W0rD"

it would take 781,514,782,079,074,318,856,775,914 brute force tries to break it... or about 2.48 thousand centuries using current technology @ one hundred trillion guesses per second

:cool:

If we add a hashtag to that password on the front-end - 44,480,886,725,444,405,624,219,204,517,120 retries - that's a really big number, LOL...

Even with an array of GPU's, and the NSA helping out - it's going to take a while...

https://www.grc.com/haystack.htm
 
Last edited:

SinDefiant

New Around Here
WPA/WPA2 PSK Windows 7 :(

Hello I'm sure its painfully obvious that I'm very green to all of this. I've done some reading and I gather that I need to get a program that will watch for a "four handed handshake" and then use another program to attack that... sentence? Problem is I'm using windows 7 *gasp* and I dont have a dvd burner or flash drive so I can use backtrack. Can any of you give me tips or a tutorial or programs to use to crack WPA/WPA2-PSK type encryption. and please talk to me like I am a 10 year old because techno jargon is sumerian to me
Sorry for posting here I followed a google link
 
Last edited:

Tsun

Occasional Visitor
For fun :)
Pretty interesting article, but I think WPS vector CaptainSTX mentioned is way more efficient and common than cracking WPA directly.
 

sfx2000

Part of the Furniture
Good to revisit security from time to time...

1) Always run WPA2-AES

2) Don't run WPA2/WPA mixed mode (AES-TKIP) - if mixed mode, this will enable WPA-TKIP attacks against both the group key and pairwise keys

3) Change default SSID - in WPA2-PSK, the SSID is combined with the WPA2 passphrase

4) Strong PassPhrase for WPA2-PSK - at least 8 character, longer is better

5) Key Rotation Intervals - 60 minutes, even if a handshake is captured, it becomes a race against time before the keys rotate, and then time to start over.

Don't be this guy...

rsn_info_wpa_wpa2_mixed.png
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top