+- hashcat Forum (https://hashcat.net/forum)
+-- Forum: Misc (https://hashcat.net/forum/forum-15.html)
+--- Forum: User Contributions (https://hashcat.net/forum/forum-25.html)
+--- Thread: Cracking WPA with hashcat news (/thread-6150.html)
Cracking WPA with hashcat news - atom - 12-25-2016
For those of you who is cracking WPA with hashcat, continue reading...
Sometimes it happens that the WPA handshake you've recorded is broken. Unfortionaly there's no reliable way to detect and report such a broken handshake on startup. Even worse, hashcat (or any other cracker) is unable to crack such handshakes even if you had the correct password in your wordlist.
The latest beta version of hashcat supports cracking multiple WPA/WPA2 handshakes with the same ESSID for the price of one. That's possible because in the PBKDF2 computation WPA/WPA2 protocol uses the ESSID as salt and no other data is mixed in. That's not really news, most of the WPA crackers make use of this and build rainbow tables (yes, lol) for the most common ESSID's. This is really useless.
However, there's another reason to exploit this and this is the reason why I've added support for it. You can record multiple WPA handshakes against the same AP and since the ESSID isn't changed you can now crack them all for the price of a single handshake. The advantage is that the chances increase that there's at least one valid handshake recorded the more handshakes you record.
For example, my GTX1080 processes rockyou.txt wordlist in 30 seconds. If I add 20 more of the same AP the time it takes to process rockyou.txt is still 30 seconds.
To make use of this feature, simply concatinate the single hccap's onto each other like:
Quote:$ cat handshake1.hccap > handshake_all.hccap
$ cat handshake2.hccap >> handshake_all.hccap
$ cat handshake3.hccap >> handshake_all.hccap
$ cat handshake4.hccap >> handshake_all.hccap
...
Then crack hashshake_all.hccap
RE: Cracking WPA with hashcat news - kiara - 12-25-2016
nice!
does it work if i have handshakes from 2 or more AP (meaning not the same ssid*)?
lets say
1, essid = AP1
2, essid = AP2
3, essid = AP3
Quote:AP1 as
AP1handshake1.hccap >> AP1handshake_all.hccap
AP1handshake2.hccap >> AP1handshake_all.hccap
AP1handshake3.hccap >> AP1handshake_all.hccap
AP2 as
AP2handshake1.hccap >> AP2handshake_all.hccap
AP2handshake2.hccap >> AP2handshake_all.hccap
AP2handshake3.hccap >> AP2handshake_all.hccap
AP3 as
AP3handshake1.hccap >> AP3handshake_all.hccap
AP3handshake2.hccap >> AP3handshake_all.hccap
AP3handshake3.hccap >> AP3handshake_all.hccap
will -m 2500 AP3handshake_all.hccap,AP2handshake_all.hccap,AP1handshake_all.hccap will work?
RE: Cracking WPA with hashcat news - aprizm - 12-26-2016
(12-25-2016, 10:25 PM)kiara Wrote: nice!
does it work if i have handshakes from 2 or more AP (meaning not the same ssid*)?
lets say
1, essid = AP1
2, essid = AP2
3, essid = AP3
Quote:AP1 as
AP1handshake1.hccap >> AP1handshake_all.hccap
AP1handshake2.hccap >> AP1handshake_all.hccap
AP1handshake3.hccap >> AP1handshake_all.hccap
AP2 as
AP2handshake1.hccap >> AP2handshake_all.hccap
AP2handshake2.hccap >> AP2handshake_all.hccap
AP2handshake3.hccap >> AP2handshake_all.hccap
AP3 as
AP3handshake1.hccap >> AP3handshake_all.hccap
AP3handshake2.hccap >> AP3handshake_all.hccap
AP3handshake3.hccap >> AP3handshake_all.hccap
will -m 2500 AP3handshake_all.hccap,AP2handshake_all.hccap,AP1handshake_all.hccap will work?
I can confirm its working, I used to do it with the version 2 of the software. But the more you have the more you will slow down your speed
RE: Cracking WPA with hashcat news - atom - 12-26-2016
Quote:I can confirm its working, I used to do it with the version 2 of the software. But the more you have the more you will slow down your speed
Yes, simple multihash for WPA was working for a long time
Quote:will -m 2500 AP3handshake_all.hccap,AP2handshake_all.hccap,AP1handshake_all.hccap will work?
Yes, in your above case it's 9 different handshakes with 3 different ESSID, so speedup (compared to older version) is 300%
RE: Cracking WPA with hashcat news - r7al - 04-29-2017
I tried " -m 2500 a0 AP3handshake_all.hccap,AP2handshake_all.hccap rockyou.txt" and it did't work
It treated the two file as one and said it does not exist. "AP3handshake_all.hccap,AP2handshake_all.hccap" no such directory. Can you explain more how can I crack multiple handshakes at one
RE: Cracking WPA with hashcat news - epixoip - 04-29-2017
Your syntax is all sorts of fucked up
RE: Cracking WPA with hashcat news - r7al - 04-29-2017
(04-29-2017, 06:30 PM)epixoip Wrote: Your syntax is all sorts of fucked up
why? I'm using the same as mentioned up there