Hashcatplus doesn't work with wpa
#1
Atom! Hashcatplus, even the last 0.09 version, doesn't work with wpa. It skips passwords. Where can I send you a hccap, a cap and the dictionary (small) for you to check the situation? Thank you a lot.
#2
What length are your passwords?
#3
(10-23-2012, 02:20 PM)Atlantis Wrote: Atom! Hashcatplus, even the last 0.09 version, doesn't work with wpa. It skips passwords. Where can I send you a hccap, a cap and the dictionary (small) for you to check the situation? Thank you a lot.

Oh dear, I hope you are mistaken. Sad

Could you be using rules ? Perhaps a space after your password ? Upper lower character etc ?

PM me a link to your .hccap and dictionary and I will try to reproduce.
#4
WPA passed all self-tests. You can email me the files, see docs/contact.txt for email.
#5
I have the same problem. I captured a handshake file for my own router. I have a very simple (for test) WPA encryption code installed in the router. I have tried both dictionary and brute force attack on this file. It produces no errors, runs fine, but does not find the solution. I have scanned the dict file with grep and the code is there. It is a simple 10 digit phone number.

I am running Ubuntu 12.0.4 with an ATI HD6870.

I used aircrack to capture the pcap file. It says it found the handshake.
I then used your website to convert it to hccap.

# ./oclHashcat-plus64.bin -m 2500 5938_1351523240.hccap testword.txt
oclHashcat-plus v0.09 by atom starting...

Hashes: 1 total, 1 unique salts, 1 unique digests
Bitmaps: 8 bits, 256 entries, 0x000000ff mask, 1024 bytes
Rules: 1
Workload: 16 loops, 8 accel
Watchdog: Temperature abort trigger set to 90c
Watchdog: Temperature retain trigger set to 80c
Device #1: Barts, 1024MB, 900Mhz, 14MCU
Device #1: Kernel ./kernels/4098/m2500.Barts_938.2_1.4.1741.kernel (1822104 bytes)

Scanned dictionary testword.txt: 11 bytes, 1 words, 1 keyspace, starting attack...


Status.......: Exhausted
Input.Mode...: File (testword.txt)
Hash.Target..: 40MQ7 (00:18:01:ff:01:2a <-> e0:b9:a5:86:dd:da)
Hash.Type....: WPA/WPA2
Time.Running.: 1 sec
Time.Left....: 0 secs
Time.Util....: 1023.2ms/0.0ms Real/CPU, 0.0% idle
Speed........: 1 c/s Real, 0 c/s GPU
Recovered....: 0/1 Digests, 0/1 Salts
Progress.....: 1/1 (100.00%)
Rejected.....: 0/1 (0.00%)
HWMon.GPU.#1.: 0% Util, 39c Temp, 21% Fan

Started: Mon Oct 29 14:59:13 2012
Stopped: Mon Oct 29 14:59:14 2012
#6
Hi mckinldl

If you would like to PM me with a link to your .hccap and password I will try to reproduce the problem.
#7
Can you please attach the .cap file (not the .hccap) and tell us the password to reproduce?
#8
I got the original .cap file from mckinldl and i was unable to crack it with aircrack-ng as well. Looks like the handshake capture is broken somehow.
#9
mckinldl you didn't change the MAC address's after the capture did you ?

Some people do this to protect their privacy when posting capture files on the web but it actually breaks the .cap and it will never be broken even with the correct password.
#10
(10-31-2012, 12:08 AM)Hash-IT Wrote: mckinldl you didn't change the MAC address's after the capture did you ?

Some people do this to protect their privacy when posting capture files on the web but it actually breaks the .cap and it will never be broken even with the correct password.

Are you saying, that if I spoof my mac, then capture the wpa handshake, switch my mac back to oem, then convert it to hccap file.. It will break the file making it useless?