Read full details here: Cracking WPA2 WPA with Hashcat in Kali Linux (BruteForce MASK based attack on Wifi passwords)
cudaHashcat or oclHashcat or Hashcat on Kali Linux got built-in capabilities to attack and decrypt or Cracking WPA2 WPA with Hashcat - handshake
Read the rest of it here: Cracking WPA2 WPA with Hashcat in Kali Linux (BruteForce MASK based attack on Wifi passwords)
cudaHashcat or oclHashcat or Hashcat on Kali Linux got built-in capabilities to attack and decrypt or Cracking WPA2 WPA with Hashcat - handshake
.cap
files. Only constraint is, you need to convert a .cap
file to a .hccap
file format. This is rather easy.
Hashcat
Hashcat is the self-proclaimed world’s fastest CPU-based password recovery tool. It is available free of charge, although it has a proprietary codebase. Versions are available for Linux, OSX, and Windows and can come in CPU-based or GPU-based variants. Hashcat currently supports a large range of hashing algorithms, including: Microsoft LM Hashes, MD4, MD5, SHA-family, Unix Crypt formats, MySQL, Cisco PIX, and many others. Hashcat has made its way into the news many times for the optimizations and flaws discovered by its creator, which become exploited in subsequent hashcat releases. (For example, the flaw in 1Password's hashing scheme.)Attack types
Hashcat offers multiple attack modes for obtaining effective and complex coverage over a hash's keyspace. These modes are:- Brute-Force attack
- Combinator attack
- Dictionary attack
- Fingerprint attack
- Hybrid attack
- Mask attack
- Permutation attack
- Rule-based attack
- Table-Lookup attack
- Toggle-Case attack
Variants
Hashcat comes in two main variants:- Hashcat - A CPU-based password recovery tool
- oclHashcat - A GPU-accelerated tool
Important Note: Many users try to capture with network cards that are not supported. You should purchase a card that supports Kali Linux including injection and monitor mode etc. A list can be found in 802.11 Recommended USB Wireless Cards for Kali Linux. It is very important that you have a supported card, otherwise you'll be just wasting time and effort on something that just won't do the job.
My Setup
I have a NVIDIA GTX 210 Graphics card in my machine running Kali Linux 1.0.6 and will userockyou
dictionary for most of the exercise. In this post, I will show step on Cracking WPA2 WPA with Hashcat (handshake files) (.cap files) with cudaHashcat or oclHashcat or Hashcat on Kali Linux.
I will use cudahashcat command because I am using a NVIDIA GPU. If you’re using AMD GPU, then I guess you’ll be using oclHashcat. Let me know if this assumptions is incorrect.
To enable GPU Cracking, you need to install either CUDA for NVIDIA or AMDAPPSDK for AMD graphics cards. I've covered those in in my previous posts.
NVIDIA Users:
- Install proprietary NVIDIA driver on Kali Linux – NVIDIA Accelerated Linux Graphics Driver
- Install NVIDIA driver kernel Module CUDA and Pyrit on Kali Linux – CUDA, Pyrit and Cpyrit-cuda
AMD Users:
- Install AMD ATI proprietary fglrx driver in Kali Linux 1.0.6
- Install AMD APP SDK in Kali Linux
- Install Pyrit in Kali Linux
- Install CAL++ in Kali Linux
Why use Hashcat for cracking WPA WPA2 handshake file?
Pyrit is the fastest when it comes to cracking WPA2 WPA handshake files. So why are we using Hashcat to crack WPA2 WPA handshake files?- Because we can?
- Because Hashcat allows us to use customized attacks with predefined rules and Masks.
charsets
to attack a WPA2 WPA handshake file.
Built-in charsets
?l = abcdefghijklmnopqrstuvwxyz ?u = ABCDEFGHIJKLMNOPQRSTUVWXYZ ?d = 0123456789 ?s = !”#$%&'()*+,-./:;⇔?@[\]^_`{|}~ ?a = ?l?u?d?s
Numbered passwords
So lets say you password is12345678
. You can use a custom MASK like ?d?d?d?d?d?d?d?d
What it means is that you're trying to break a 8 digit number password like 12345678
or 23456789
or 01567891
.. You get the idea.
Letter passwords - All uppercase
If your password is all letters in CAPS such as:ABCFEFGH
or LKHJHIOP
or ZBTGYHQS
..etc. then you can use the following MASK:?u?u?u?u?u?u?u?u
It will crack all 8 Letter passwords in CAPS.
Letter passwords - All lowercase
If your password is all letters in lowercase such as:abcdefgh
or dfghpoiu
or bnmiopty
..etc. then you can use the following MASK:?l?l?l?l?l?l?l?l
It will crack all 8 Letter passwords in lowercase. I hope you now know where I am getting at.
Passwords - Lowercase letters and numbers
If you know your password is similar to this:a1b2c3d4
or p9o8i7u6
or n4j2k5l6
...etc. then you can use the following MASK:?l?d?l?d?l?d?l?d
Passwords - Uppercase letters and numbers
If you know your password is similar to this:A1B2C3D4
or P9O8I7U6
or N4J2K5L6
...etc. then you can use the following MASK:?u?d?u?d?u?d?u?d
Passwords - Mixed matched with uppercase, lowercase, number and special characters.
If you password is all random, then you can just use a MASK like the following:?a?a?a?a?a?a?a?a
Note: ?a represents anything .... I hope you're getting the idea.
Read the rest of it here: Cracking WPA2 WPA with Hashcat in Kali Linux (BruteForce MASK based attack on Wifi passwords)
No comments:
Post a Comment