Wireless Security
WPA Encryption Oct 05 2009 12:31AM
AFH Security (security afallenhope com) (4 replies)
Re: WPA Encryption Oct 06 2009 02:41PM
Mike Duncan (Mike Duncan noaa gov)
Re: WPA Encryption Oct 05 2009 08:21PM
Taras (taras securityaudit ru)
Re: WPA Encryption Oct 05 2009 03:50PM
Robin Wood (dninja gmail com)
2009/10/5 AFH Security <security (at) afallenhope (dot) com [email concealed]>:
> I've been looking for tutorials or articles on the weakness in the WPA
> protocol. I've been able to capture my handshake, and I've used the
> aircrack-ng suite, but never am I able to find my password. Mind you
> it's something extremely simple, but it's not found in any dictionaries.
> I was told you can use rainbow tables, but I've never used them. Can
> someone enlighten me on this please?

Is your password in the dictionary you are using to do the test? If it
is then it should find it, if not then it won't. What I tend to do
when testing things like this for the first time is to create a very
small dictionary, 10 words say, with my known password in the middle
and see what happens. It won't take long and I know that it should be
found.

As far as I know aircrack doesn't do any word manipulation on the
dictionary so the password would also have to exactly match. If you
want to manipulate dictionaries use something like John to create a
new dictionary based on your original.

As for rainbow tables you can use CoWPAtty from Josh Wright to
generate tables, just look at the gen-psk script which is easy to use
and run. I think technically they aren't rainbow tables, they are
specific to some other app/area of cracking.

Robin

[ reply ]
Re: WPA Encryption Oct 05 2009 02:12PM
Fatah al Farihin (fathkay yahoo com)


 

Privacy Statement
Copyright 2010, SecurityFocus