search

aircrack-ng / aircrack-ng

WiFi security auditing tools suite
https://aircrack-ng.org
GNU General Public License v2.0
5.5k stars 953 forks source link

Aircrack-ng displays incorrect Transient Key #2233

Open tinyboxvk opened 3 years ago

tinyboxvk commented 3 years ago

Issue type

System information

Aircrack-ng version

Defect

How to reproduce the issue

Incorrect PTK was shown when cracking using rockyou.txt. The key found was correct.

┌──(kali㉿kali)-[~]
└─$ aircrack-ng de-auth.cap -w /usr/share/wordlists/rockyou.txt
                               Aircrack-ng 1.6 

      [00:00:05] 104903/14344392 keys tested (23092.57 k/s) 

      Time left: 10 minutes, 16 seconds                          0.73%

                           KEY FOUND! [ P@$$w0rd ]

      Master Key     : D6 38 12 A0 F8 6B 11 EF C8 83 31 02 9C 8B AE B8 
                       7E FA 0B DE 2D D0 30 5C 27 90 BB FB F7 54 36 6D 

      Transient Key  : 3E B0 3C B6 EA 4D 91 E2 0D 06 52 9D 30 C9 9F 53 
                       56 EA 1B F7 6A 47 5C 07 17 55 88 00 00 00 00 00 
                       00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 
                       00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 

      EAPOL HMAC     : 58 4C 33 E0 52 EB 53 DD 19 00 1A 33 9B 42 EE FE

Correct PTK was shown when cracking using a password file containing only the key.

┌──(kali㉿kali)-[~]
└─$ cat password.txt                             
P@$$w0rd
┌──(kali㉿kali)-[~]
└─$ aircrack-ng de-auth.cap -w password.txt
                               Aircrack-ng 1.6 

      [00:00:00] 1/1 keys tested (29.65 k/s) 

      Time left: --

                           KEY FOUND! [ P@$$w0rd ]

      Master Key     : D6 38 12 A0 F8 6B 11 EF C8 83 31 02 9C 8B AE B8 
                       7E FA 0B DE 2D D0 30 5C 27 90 BB FB F7 54 36 6D 

      Transient Key  : AB 70 74 CB 86 52 03 7A 9F FF 61 C7 43 AD DC D4 
                       12 71 B3 46 B8 EA A2 68 D0 A8 E0 05 D5 E0 B3 8B 
                       5A E8 E7 4C 03 AC C8 0A 5C 4D AE 70 30 2D B4 CD 
                       8A 73 FC 3A 18 A0 8C 1A 3F 3E B0 3C B6 EA 4D 91 

      EAPOL HMAC     : 58 4C 33 E0 52 EB 53 DD 19 00 1A 33 9B 42 EE FE

de-auth.zip

tinyboxvk commented 1 day ago

The issue still exists in 1:1.7+git20230807.4bf83f1a-2.