WPA .Caps Wanted !
#1
Smile 
You may have already noticed on the forum that SmilingWolf and I have been involved in producing a very neat bit of script to strip, convert and sort your .cap files. SmilingWolf is the brains behind it and I think you will agree he has done a fantastic job.

The script employs WPAClean which is part of the Aircrack suite and I have noticed some problems with it. Sometimes good captures are lost after being passed through WPAClean and I would like to see what is happening so it can be reported properly and hopefully fixed.

So I am asking if you would please consider attaching any WPA Handshake .cap files you have to this thread ? This is not an offer to break them for you as that is against atom’s forum rules, it is purely to help fix WPAClean.

We need .caps that are complete and those that are damaged or unreadable. If you have some with known passwords it would be good if you could include a text file with the plain text password also. This is to be able to make sure they work before and after the stripping process. I am hoping if we have enough captures there will be a common link between the ones failing after cleaning.

Thanks in advance !

Smile
#2
Smile 
Hash-IT, how is the resonance to your appeal. Would like to see WAP clean script improves. But concern about the "..." I don't know how to say. Would think that a lot of supporters like to know how to send/attach anonymous file to help you do the testing though. Perhaps moderator can open a "anonymous" for posting-hole so everyone feel free to send without any attached-string so you can have a interesting variety of different natures of network's capture files.
#3
Hi ntk

Thanks for your interest in this. I have actually had a very useful PM from a member here linking me to a large collection, but I always want more.

I think I understand what you are concerned about, probably the MAC or BSSID of your capture files ? If that is so then I have found a program which changes these.

It is called BSSID Munge. However I am not sure I can recommend it as it seems to damage capture files so badly that they are not workable. I have my own network capture so I tried to change the BSSID using BSSID Munge and I was unable to open it up with the correct password.

Its a real shame about that as it would have been a great tool.

Any clever coders know how to fix this ? As far as I know (which isn't very much) the BSSID doesn't play a part in the cracking of WPA does it ? It is just ESSID and the handshake isn't it ?

#4
you can not change the mac addresses since they are part of the PTK calculation Sad
#5
(11-20-2011, 12:23 AM)atom Wrote: you can not change the mac addresses since they are part of the PTK calculation Sad

Oh no, really ! Sad

I didn't know this and I am a little embarrassed about it actually. I thought they didn't matter, which is why I thought you can make rainbow tables for ESSID's. I haven't seen a rainbow table generator ask for the BSSID before.

It's clear I know nothing about this, sorry. Any good links to read up on how WPA exchanges work ? ... Oh and before you start !!!! A simple guide please ! Smile


#6
the rainbow tables you are talking about create the PMK only. this is the slow part in cracking the WPA. but there is another part, the calculation of the PTK. this part is fast (~10 iterations) and the mac address is part of it.
#7
Thank you for the head start atom, it seems that the more I find out the more I don't know !! Smile