06-22-2023, 07:27 AM
(06-22-2023, 02:54 AM)sex_lion Wrote: I am working through a challenge which involves gaining access to a WPA2 protected network. In short, I used airodump-ng to capture the PMKID and WPA handshake for the network, and converted this to a 22000 file. I am satisfied that I did everything correctly here because I have used this process on successful cracks many times before.
After I unsuccessfully tried some wordlists, I did some research on the type of router and saw that the default password had an 8 digit numerical mask, e.g. 12345678. I then started a mask attack which cracked the hash to a string which matches this format.
Unfortunately, my attempts to log into the network have failed. When I try and login via terminal (to see the error message) it's apparently an authentication error ('secrets required but not supplied'). I then repeated the whole process to double check my results, including by running a mask attack with the --keep-guessing flag. All attempts yielded the same password.
Is it possible that I have a 'false positive' here? I would think not... If that is the case, are there any other ways I could investigate why my connection to the network is being refused?
Yes if the handshake is not successful
sometimes, it says handhshake captured successfully but in reality
it might turn out to be a half handshake, incomplete