10-02-2021, 01:32 PM
Hello!
So I recently realized that I'm a bit behind on the newer techniques used to crack WPA2 (the PMKID method, for instance). Decided to start reading up on it and experiment on my own network at home.
There is one thing I encountered though, that I wanted to ask about.
In this test I run "hcxdumptool -c 52 -i wlan1 -o wpatest.pcapng --enable-status=15 --active_beacon".
I didn't get any PMKID or EAPOL frames that could be used so I tried logging into my wifi from another device and entered the wrong password, which then seemed to trigger the correct frames being sent/captured (So I thought at least).
When later cracking the resulting hash (WPA*02*) the found password was the incorrect one I had entered earlier, which then of course gives me a useless result since I cannot use this to login to my wifi.
Now to my question. Is there a way to know if the hash contains an incorrectly entered password, or do I just have to assume that the person entering it knows what they are doing? Is any of the methods (PMKID, EAPOL) better in this scenario in terms of actually knowing if one can trust the resulting hash or not? If I do a security assessment in the future I would prefer to focus on one method where I can trust that the resulting hash is worth spending GPU cycles on.
Looking forward to any potential replies! : )
So I recently realized that I'm a bit behind on the newer techniques used to crack WPA2 (the PMKID method, for instance). Decided to start reading up on it and experiment on my own network at home.
There is one thing I encountered though, that I wanted to ask about.
In this test I run "hcxdumptool -c 52 -i wlan1 -o wpatest.pcapng --enable-status=15 --active_beacon".
I didn't get any PMKID or EAPOL frames that could be used so I tried logging into my wifi from another device and entered the wrong password, which then seemed to trigger the correct frames being sent/captured (So I thought at least).
When later cracking the resulting hash (WPA*02*) the found password was the incorrect one I had entered earlier, which then of course gives me a useless result since I cannot use this to login to my wifi.
Now to my question. Is there a way to know if the hash contains an incorrectly entered password, or do I just have to assume that the person entering it knows what they are doing? Is any of the methods (PMKID, EAPOL) better in this scenario in terms of actually knowing if one can trust the resulting hash or not? If I do a security assessment in the future I would prefer to focus on one method where I can trust that the resulting hash is worth spending GPU cycles on.
Looking forward to any potential replies! : )