- Wpa2 Crack Tools
- Crack Wpa2 Windows
- How To Crack Wpa2 Psk
- Using Wireshark To Crack Wpa2 With Windows 8.1
We all know we can use aircrack-ng to run a wordlist attack to crack WPA/WPA2, in this article I’m going to show you how to do the same using a tool called HashCat, and compare its speed with aircrack-ng.
For WPA2 decryption to work in wireshark, you will need to capture the 4 authentication packets at the beginning of the connection to the AP. So, disconnect from the SSID, start capturing packets in wireshark, connect to the SSID and you should be able to see the IP (decrypted) traffic. Here we’re going to show capturing WPA/WPA2 handshake steps (.cap), continuing with explanations related to cracking principles.We’ll go through the process step by step, with additional explanations on how things work, which WiFi keys are generated and how, using captured handshake to manually crack/calculate MIC in EAPol Frames (using WireShark and custom Python code).
The advantage of using HashCat is unlike aircrack-ng which uses the CPU to crack the key, HashCat uses the GPU, this makes the cracking process MUCH faster (results below).
Installing & using Hashcat
- First you need to download Hashcat from https://hashcat.net/hashcat/
- Navigate to the location where you downloaded it, and unzip it, personally I like to use 7zip.
- Open the Command Prompt (go to windows search and type cmd).
- Navigate to your Hashcat folder where it’s unzipped.
- Type hashcat32.exe or hashcat64.exe depending on the architecture of your CPU.
- In order to use the GPU, you need to get its id using the following command
For Wireshark to decrypt the traffic it needs the capture the four way handshake (From here it takes the ANounce, SNounce and MIC to verify if the PTK matches the conversation) and provide the PMK. To provide the PMK just add the passphase to the 802.11 key list. The WPA2 handshake can be captured on a Linux compatible client like Kali Linux with a supported WiFi card running on VirtualBox. Then converted to the right format depending on the captured method and moved over to the Windows client to be cracked. Use the guides Capturing WPA2 and Capturing WPA2 PMKID to capture the WPA2 handshake. This guide is about cracking or brute-forcing WPA/WPA2 wireless encryption protocol using one of the most infamous tool named hashcat. A Tool perfectly written and designed for cracking not just one, but many kind of hashes. About hashcat, it supports cracking on GPU which make it incredibly faster that other tools. We will learn about cracking WPA/WPA2 using hashcat.
mine is #3. Then you need to use the hash type which is 2500 for WPA, I do recommend using
to get familiar with the tool.
Wpa2 Crack Tools
To specify device use the -d argument and the number of your GPU.
The command should look like this in end
Crack Wpa2 Windows
Example:
Where Handshake.hccapx is my handshake file, and eithdigit.txt is my wordlist, you need to convert cap file to hccapx using https://hashcat.net/cap2hccapx/
Results:
Test1: Using HashCat, with Asus GTX 1080 OC edition which has GPU Boost Clock with 1936 MHz, total GB ram of 8 Gigabytes, and Cuda cores 2560.
CUDA = Computing performance Boost Clock = Increases the Clock speed.
Hashcat took 4 mins, 45secs to reach the end of the wordlist and crack the handshake with a wordlist of 100,000,000 passwords.
How To Crack Wpa2 Psk
Test 2:Using Aircrack-ng on Kali installed as main operating system with is i7-7700k CPU – base clock of 4.20, turbo clock 4.50Ghz with 4 cores and 8 threads, it would take 4 hours 22 minutes 14 seconds try all the passwords in the wordlist.
Test 3: Kali installed as a virtual machine, in this case it would take 11 hours, 31 minutes and 40 seconds to try all passwords in the wordlist!