num3a / wifite

Automatically exported from code.google.com/p/wifite
GNU General Public License v2.0
0 stars 0 forks source link

WPA cracking not working even with correct password in wordlist #69

Open GoogleCodeExporter opened 8 years ago

GoogleCodeExporter commented 8 years ago
What steps will reproduce the problem?
1. Run wifite on your own WPA network (with a known password)
2. Capture the handshake
3. Add your correct WPA key to the wordlist and have it try to crack it

What is the expected output? What do you see instead?
Expected it to find my key, since I manually inserted it into the wordlist. The 
result is "WPA key not found in dictionary"

What version of the product are you using? On what operating system?
BT5 with Wifite r82

Please provide any additional information below.
I tried the same test on two known wifi networks, and it did not crack the key 
on either of them. The passwords of both networks only used lowercase letters 
and numbers, with a length of 8 characters.

Original issue reported on code.google.com by rda...@gmail.com on 29 Dec 2011 at 4:41

GoogleCodeExporter commented 8 years ago
Figured out the problem, which takes me to a suggestion instead of a defect 
report.

I ran cowpatty on the same cap file, and it was also unable to find the 
password. But it gave me a better output, saying "incomplete four-way handshake 
exchange". If wifite (or aircrack, for that matter) produced a similar message, 
it would make our lives easier.

I deleted the old cap file, ran wifite again and it managed to capture and 
crack the key successfully. 

Original comment by rda...@gmail.com on 29 Dec 2011 at 7:02

GoogleCodeExporter commented 8 years ago
Thanks rdaros for posting your solution.

Wifite uses aircrack-ng to check for a handshake, which was not consistent.  I 
have since found a few other programs to check for handshakes with (pyrit, 
cowpatty, and tshark).

I'm trying to improve Wifite right now. I re-wrote the program from scratch and 
am trying to fix some bugs the old version had (such as this false-alarm 
handshake capture) as well as include new tools (WPS cracking via reaver).

Would you be interested in beta testing?

The version is basically in alpha mode right now on github...

https://github.com/derv82/wifite/blob/master/wifite.py

You can email me on gmail or msg me on GTalk via "derv82"

Or just use the "issues" section at github.

Thanks.

Original comment by der...@gmail.com on 1 Feb 2012 at 9:31

GoogleCodeExporter commented 8 years ago
I also had the same issue, even after adding my password into my test list, it 
still shows password not found. I re-ran the process and it failed again, the 
return in the window when i tried pyrit -r <capfile.cap> analyze was a list of 
HMAC_ responses, #1-66 reported as good, #67-492 responded as bad hashes. I 
have not seen an output like this before, so i can elaborate any further as to 
the cause.

Original comment by BiteMyKr...@gmail.com on 18 May 2012 at 3:37

GoogleCodeExporter commented 8 years ago
Simple screenshot, to show it does work, but to make it work, i had to create a 
dict. file of 81 words...all the same, all my WPA password. It proves the 
coding and interface work, but as stated in my post above, even if my password 
is in a dict. file it wont find it. The first test i tried used a dict. file of 
more than 681,000 words, i made sure my password was NOT in the first 50 words 
in that list, as aircrack-ng wont read the first 50 words in any list, but it 
still fails to find the correct password.

Original comment by BiteMyKr...@gmail.com on 18 May 2012 at 4:09

Attachments: