hashcat Forum
Should we be using Aircrack ? - Printable Version

+- hashcat Forum (https://hashcat.net/forum)
+-- Forum: Deprecated; Previous versions (https://hashcat.net/forum/forum-29.html)
+--- Forum: General Help (https://hashcat.net/forum/forum-8.html)
+--- Thread: Should we be using Aircrack ? (/thread-498.html)



Should we be using Aircrack ? - Hash-IT - 09-18-2011

Hi

I read the following and I wonder if someone could elaborate on it ? I wonder if the author means Aircrack doesn't strip the keys properly ? As Hashcat+ now needs Aircrack to convert the .caps I wonder if we might be wasting time ?

I worked on a key for over 40 days where I was almost certain it was 8 upper with no luck. Perhaps my key was corrupt ! Sad

I did perform a test with Pyrit and it said it was good with a spread of 2, does anyone know what "spread" means in this case ? I can't find it on the Pyrit site.

http://pyrit.wordpress.com/

Quote:In other news: Parsing the data and getting a good set of candidates to attack has turned out to be a very crucial part in the whole process. Any software not capable of stateful handshake-parsing is very vulnerable to false negatives. In such cases, the task of finding the correct password for a given set of wireless data is doomed by the fact that the handshake is reassembled incorrectly. In my own judgement, tools like aircrack-ng and coWPAtty fail to find the correct password – even if it’s part of the given wordlist and testable by the given data – in about 30% of all cases.



RE: Should we be using Aircrack ? - atom - 09-19-2011

only i think i can recommend is using the wpaclean utility before running it with aircrack-ng. its part of the aircrack-ng suite. the online converter is doing this, too.


RE: Should we be using Aircrack ? - Hash-IT - 09-19-2011

(09-19-2011, 10:55 AM)atom Wrote: only i think i can recommend is using the wpaclean utility before running it with aircrack-ng. its part of the aircrack-ng suite. the online converter is doing this, too.

Ahh...

You are already ahead of me then ! :o)


RE: Should we be using Aircrack ? - Hash-IT - 11-12-2011

I thought I would return to this thread to share an experience I have recently had with WPAclean, Aircrack and Hashcatplus.

I made a test capture and as usual I used WPAclean on the .cap file. After doing so Aircrack said there was no handshake within the new cleaned .cap. So I tested the original .cap file in Aircrack and it worked ! So there is clearly some sort of problem with WPAclean.

Interestingly and the reason I am writing here is that when I used the Aircrack –J option to make a hcap file from the original cap (not the WPAclean one) that file worked very well in hashcatplus and successfully found my password.

So in my case, Aircrack –J option works better directly on a weak or damaged cap file than on one that has been passed through WPAclean.


RE: Should we be using Aircrack ? - atom - 11-12-2011

interessting, maybe you should report on aircrack forums.