search

AdamKnube / pyrit

Automatically exported from code.google.com/p/pyrit
0 stars 0 forks source link

fails to find password when in db #214

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago 
What steps will reproduce the problem?
1. I have a pcap with a key of SilensecWPA
2. I imported a wordlist with that key into the db
3. I asked it to crack the pcap and it failed

What is the expected output? What do you see instead?
It should get the key but it doesn't

What version of the product are you using? On what operating system?
Pyrit 0.4.0-dev (svn r288) on Debian 64 bit

Please provide any additional information below.

The key is SilensecWPA and the ESSID is silensec-wpa. The key is definitely in 
the database:

# pyrit -o - export_passwords |grep SilensecWPA
SilensecWPA

I know the key is correct as airdecap works fine in decrypting the file

# airdecap-ng -e silensec-wpa -p SilensecWPA wp.pcap 
Total number of packets read           122
Total number of WEP data packets         0
Total number of WPA data packets        56
Number of plaintext data packets         0
Number of decrypted WEP  packets         0
Number of corrupted WEP  packets         0
Number of decrypted WPA  packets        48

Analyze shows that it can find the handshake and is happy with it

# pyrit -r wpa_for_decryption.pcap  analyze
Pyrit 0.4.0-dev (svn r288) (C) 2008-2010 Lukas Lueg http://pyrit.googlecode.com
This code is distributed under the GNU General Public License v3+

Parsing file 'wpa_for_decryption.pcap' (1/1)...
Parsed 5 packets (5 802.11-packets), got 1 AP(s)

#1: AccessPoint 00:18:84:d0:a0:61 ('silensec-wpa'):
  #1: Station 00:23:cd:bc:87:05, 1 handshake(s):
    #1: HMAC_MD5_RC4, good, spread 1

But then cracking fails.

# pyrit -e silensec-wpa -r wpa_for_decryption.pcap  attack_db
Pyrit 0.4.0-dev (svn r288) (C) 2008-2010 Lukas Lueg http://pyrit.googlecode.com
This code is distributed under the GNU General Public License v3+

Connecting to storage at 'file://'...  connected.
Parsing file 'wpa_for_decryption.pcap' (1/1)...
Parsed 5 packets (5 802.11-packets), got 1 AP(s)

Picked AccessPoint 00:18:84:d0:a0:61 automatically...
Attacking handshake with Station 00:23:cd:bc:87:05...

Password was not found.

Original issue reported on code.google.com by dni...@gmail.com on 28 Nov 2010 at 12:14

GoogleCodeExporter commented 9 years ago 
This is the pcap

Original comment by dni...@gmail.com on 28 Nov 2010 at 12:16

Attachments:

GoogleCodeExporter commented 9 years ago 
did you actually compute anything? are you confusing 'attack_db' with 
'attack_batch' ?

Original comment by lukas.l...@gmail.com on 28 Nov 2010 at 12:43

GoogleCodeExporter commented 9 years ago 
same as #214

Original comment by lukas.l...@gmail.com on 28 Nov 2010 at 6:31