Description:
WPA-PSK is best suited for home users who probably will not be able to setup a dedicated
802.1xauthentication mechanism using a Radius sever. Though, PSK is secure for most use cases, unfortunately it's security can be compromised if a weak passphrase is chosen. An attacker who can capture the WPA PSK handshake packets and has a dictionary of commonly used passphrases may be successful in cracking the key within a couple of hours. Recently, the process of PSK cracking was made faster by the application of FPGAs and specific
rainbow tables created with commonly used SSIDs and Passphrases. One of the early tools used for WPA PSK dictionary attack was
Cowpatty.I think the code was then merged into the then version of Aircrack-NG.
In this video
the author shows how it is possible to use airreplay-ng to launch a deauthentication attack on a connected client and capture the PSK handshake packets. Then using a dictionary of commonly used passphrases, he demonstrates how the key can be cracked using aircrack-ng in a matter of minutes.
This hack is based on a human choosing a simple passphrase. Moral of the story - you cannot secure the naive and stupid.
Tags: tools ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.
Comments:
i am trying to do this from a virtual machine, my wlan0 prompt is coming up empty, and advice?
Great video, thanks for taking the time to make it.
@godbert. Running any version of BT in a virtual enviroment is not the way to go if you're wanting to utilise the wireless features of BT, as the wireless card will be seen as a wired NIC.
Run it from Live CD, or install it in it's own partiton.
try ifconfig wlan0 up
i sometimes do not see wlan0 but running the above command resolves the issue.
I am using the VM 3.1.4 build-385536 and a usb wireless acapter that is attached to the VM through the removable devices options. It works fine
Great video, Thanks for the upload! :)
Yes thx for the cool video +1
One of the most informative and instructional videos on this thanks.
godbert, check if your wireless adapter is connected properly (in the right down corner of your Virtual Machine there's a symbol showing if your adapter either connected or disconnected) and there's something you have to know the Virtual Machine doesn't work the built-in wireless cards. must be an usb wireless adapter
Nice video, but cracking WPA with reasonable wordlist (say 2Gb) with 37 keys per second will take years.
Another option is to use online WPA cracking service such as http://gpuhash.com, their base 2Gb wordlist has 20% success rate and only 12 minutes of running time since they use GPU accelerated systems to attack your handshake.
Excellent, well detailed video...worked perfect. I may not crack any WPA passphrases but I'm not doing this to break into anybody's system...that's illegal. For me this is about learning and understanding WIFI security. I was able to used the video to work on my own system and it worked as expected. Thanks again!