WPA/WPA2 - The attack follows on the wireless network, WPA/WPA2 encrypted. The goal here is to bruteforce the encryption after a deauthentification station, which will be obliged to reentamer authentication. Important since 4Way handshake (First steps of initializing the PSK) is realized. If the passphrase is greater than 8 characters, it becomes very difficult to pass the bruteforce. Thus, to secure its wireless network, a WPA passphrase and a variety of 63caractères will largely meet your neighbors.
The case of WEP encryption
Simply put ivs file (generated with airodump-ng) as an argument to aircrack-ng.
aircrack-ng-dump file.ivs
Note: The options to optimize the cracking of the key (as the ptw attack ... etc.) are included by default.
Use WPA hash tables
WPA hash tables calculate the PMK (Pairwise-MasterKey) used during authentication. To calculate the PMK, using the essid, size, and passphrase. That is exactly what happens in the hash, they will generate a PMK for each dictionary word, in this based on the essid (the So salt the hash). So for each essid, it has a single PMK.
These pre-computed tables are interesting in that we're dealing with identical ESSIDs (This is not the case in countries such as France, Belgium ... where the essid is often composed of ISP and identification "that looks random"). However if you are not affected by this, you can take a look at the project ChurchWifi , which offers downloading of tables generated with the 1000 Essid most common in the world. They may still be interesting when you know the essid but you do not yet have the handshake, and, unlike conventional attack dictionary you can calculate and save time. It was therefore in this case dealing with a collateral attack, where we identify a (the) target (s) and prepare the ground. The downside is that this table will be calculated prev-usable only with ESSIDs used in its creation, requiring you repeat this process for all new essid ...
Warning: Passwords are smaller than 8 or greater than 63 characters will be considered invalid
Make a complete check to correct any errors (AC will also reduce the size):
airolib ng wpa-db-clean all
Start creating the table:
airoblig wpa-db-ng batch
Simultaneously press Ctrl and "C" appears when the message "No free essid found" to end the session. And finally, the speed of breaking admires:
aircrack-ng wpa-db-r-e ESSID handshake.cap
Bookmarks