One of the major problems is to find a good wordlist and to filter out the garbage from that wordlist.
For that purpose you can try hashcat in combination with the new python client from
https://wpa-sec.stanev.org
and a wordlist of your choice (for example from here: https://github.com/berzerk0/Probable-Wordlists)
1. step
do a git clone from latest dwpa: git clone https://github.com/RealEnder/dwpa
2. step
create a directory and copy help_crack.py and "yourwordlist" into this folder
3. step (this will take a while...)
run help_crack.py either with this option:
./help_crack.py -pot potfile.2500 -ad yourwordlist
or run help_crack.py with this option:
./help_crack.py -pot potfile.2500 -cd yourwordlist
difference between -cd and -ad is:
-cd test only yourwordlist
-ad test yourwordlist and one common wordlist from wpa-sec
you will retrieve confirmed and real(!) passwords in this files:
cracked.txt (only the passwords, no longer readable by common text editors since this list contains non ASCII/UTF characters, hashcat can handle this as input)
potfile.2500 (complete hashcat pot data: hashcat_md64:mac_ap:mac_sta:ESSID:password)
rkg.txt (additionally retrieved passwords from a default key generator)
In parallel, you can upload your cap file (hcxdumptool, wlandump-ng, airodump-ng, besside-ng, wireshark, tcpdump, kismet) to wpa-sec (via web interface or using wlancap2wpasec). In that case, your captured handshakes are tested, too against this wordlists. You will retrieve the results also in potfile.2500 and the passwords in cracked.txt, immediately.
4. step
Delete yourwordlist and try another one.
You will see, that your confirmed password lists (potfile.2500, cracked.txt) will increase, soon, containing real(!) passwords.
help_crack.py (python2 and 3) should work on LINUX, MacOS and WINDOWS
Added also a new option on hcxdumptool:
-W <dump file> : WEP encrypted packets output file in pcapformat including radiotap header (LINKTYPE_IEEE802_11_RADIOTAP) for your favourite wep cracker
For that purpose you can try hashcat in combination with the new python client from
https://wpa-sec.stanev.org
and a wordlist of your choice (for example from here: https://github.com/berzerk0/Probable-Wordlists)
1. step
do a git clone from latest dwpa: git clone https://github.com/RealEnder/dwpa
2. step
create a directory and copy help_crack.py and "yourwordlist" into this folder
3. step (this will take a while...)
run help_crack.py either with this option:
./help_crack.py -pot potfile.2500 -ad yourwordlist
or run help_crack.py with this option:
./help_crack.py -pot potfile.2500 -cd yourwordlist
difference between -cd and -ad is:
-cd test only yourwordlist
-ad test yourwordlist and one common wordlist from wpa-sec
you will retrieve confirmed and real(!) passwords in this files:
cracked.txt (only the passwords, no longer readable by common text editors since this list contains non ASCII/UTF characters, hashcat can handle this as input)
potfile.2500 (complete hashcat pot data: hashcat_md64:mac_ap:mac_sta:ESSID:password)
rkg.txt (additionally retrieved passwords from a default key generator)
In parallel, you can upload your cap file (hcxdumptool, wlandump-ng, airodump-ng, besside-ng, wireshark, tcpdump, kismet) to wpa-sec (via web interface or using wlancap2wpasec). In that case, your captured handshakes are tested, too against this wordlists. You will retrieve the results also in potfile.2500 and the passwords in cracked.txt, immediately.
4. step
Delete yourwordlist and try another one.
You will see, that your confirmed password lists (potfile.2500, cracked.txt) will increase, soon, containing real(!) passwords.
help_crack.py (python2 and 3) should work on LINUX, MacOS and WINDOWS
Added also a new option on hcxdumptool:
-W <dump file> : WEP encrypted packets output file in pcapformat including radiotap header (LINKTYPE_IEEE802_11_RADIOTAP) for your favourite wep cracker