hashcat Forum Support hashcat v
Is this WPA password cracked?

Thread Closed 
Threaded Mode
Is this WPA password cracked?
i865pe Offline
Junior Member
**
Posts: 13
Threads: 4
Joined: Jun 2013
#1
01-05-2019, 01:46 PM
I saw a notepad file with password but the command show exhausted (it didnt show cracked). I tried this password to connect that wifi but it cannot connect with this found password.

So is this password cracked or not?
Find
Mem5 Offline
Posting Freak
*****
Posts: 803
Threads: 135
Joined: Feb 2011
#2
01-05-2019, 02:19 PM
Exhausted means finished, cracked or not.
Look at the line "Recovered........: 1/1"
Or look at your potfile, etc.
Find
philsmd Offline
I'm phil
******
Posts: 2,267
Threads: 16
Joined: Feb 2013
#3
01-05-2019, 02:30 PM
that's not 100% correct, Mem5

Exhausted could happen if only some of the handshakes are cracked and not all of them.
but if all "hashes" are cracked, the status will be "Cracked".

The problem with WPA/WPA2 is that it could in theory happen that an user connected to the router with an incorrect password and therefore (depending on which message types were captured, see https://hashcat.net/wiki/doku.php?id=hcc...pair_table) it could happen that a wrong password was used to connect to the device and this wrong password will be "cracked" by hashcat. This actually is were rarely the case, because most WLAN users store their password somehow (on smartphone or notebook/desktop kind of nobody retypes their password on every re-connection, but the correct passwords are most of the time saved somewhere encrypted), but it could happen if you are yourself trying to connect with an incorrect password etc (in a lab environment for instance).

There are of course also other reasons why the cracked password could not work: things like MAC address filtering and too low signal etc (reasons like these are more likely than incorrect passwords were send to the router, but as said that could happen too).

I would recommend analyzing your hccapx file and check which message pairs are contained within the file and how many different networks/handshakes etc
Find
i865pe Offline
Junior Member
**
Posts: 13
Threads: 4
Joined: Jun 2013
#4
01-05-2019, 03:05 PM
(01-05-2019, 02:19 PM)Mem5 Wrote: Exhausted means finished, cracked or not.
Look at the line "Recovered........: 1/1"
Or look at your potfile, etc.
Where to see potfile?
Find
slyexe Offline
Senior Member
****
Posts: 374
Threads: 0
Joined: Nov 2017
#5
01-05-2019, 10:29 PM
(01-05-2019, 03:05 PM)i865pe Wrote:
(01-05-2019, 02:19 PM)Mem5 Wrote: Exhausted means finished, cracked or not.
Look at the line "Recovered........: 1/1"
Or look at your potfile, etc.
Where to see potfile?

Hashcat directory. Open with your favourite texteditor.
Find
i865pe Offline
Junior Member
**
Posts: 13
Threads: 4
Joined: Jun 2013
#6
01-06-2019, 08:17 AM
(01-05-2019, 10:29 PM)slyexe Wrote:
(01-05-2019, 03:05 PM)i865pe Wrote:
(01-05-2019, 02:19 PM)Mem5 Wrote: Exhausted means finished, cracked or not.
Look at the line "Recovered........: 1/1"
Or look at your potfile, etc.
Where to see potfile?

Hashcat directory. Open with your favourite texteditor.
I didnt see a file called potfile, mind to guid me?
Find
TheBogeyman Offline
Junior Member
**
Posts: 24
Threads: 3
Joined: Dec 2016
#7
01-06-2019, 11:52 AM
look for hashcat.potfile
potfile is an extension, like exe, bat, txt,...
Find
undeath Offline
Sneaky Bastard
******
Posts: 2,301
Threads: 11
Joined: Jul 2010
#8
01-06-2019, 12:15 PM
if no hash was cracked there will be no potfile
Find
i865pe Offline
Junior Member
**
Posts: 13
Threads: 4
Joined: Jun 2013
#9
01-15-2019, 08:20 AM
Tq above
Find
Thread Closed