Aircrack vs Pyrit vs Airolib (Updated)

Discussion in 'Dictionary, Password & Wordlists' started by estimacamry, 15 Dec 2012.

  1. estimacamry

    estimacamry Tracker
    VIP

    Joined:
    3 Aug 2012
    Messages:
    552
    Likes Received:
    131
    Trophy Points:
    91
    Pentest using Backtrack 5 R2 Gnome 32 bit running liveUSB. Dictionary attack against my cap file with 3 different approach namely Aircrack, Pyrit and Airolib. In order to have better pentest results, I've prepare 2 dictionary for this attack using Crunch. First dictionary with the passphrase at the front portion (Dict. Front) and second dictionary with the passphrase located at the far end (Dict. Back)
    Passphrase - 0125701518
    Dict. Front - 0125700000 - 0125800000 ( 100001 lines )
    Dict. Back - 0125602000 - 0125702000 ( 100001 lines )
    The results was a surprise and disappointment to me as a noob in WPA crack and after spending so many hours reading writeups. I was looking forward to a better completion time frame using Pyrit and Airolib but the results were very much the opposite. Take a look at this diagram.
    aircrack.JPG
    So my conclusion are, even though pre hashing increase aircrack speed tremendously it does not speed up the whole process of cracking a WPA/WPA2:(
    ImJoJo
    Sorry to have given you the wrong impression on Airolib during the 1st pentest, I found out later that during hashing, Airolib only "--batch" a small portion of my dictionary and coincidence the passphrase was located at the front portion of my passlist. With that I started Aircrack and my completion time was much better compare to Pyrit. Reason being, if you run Airolib in vmware or liveUSB the temporary Sql database/buffer have this block limit of 25000pmks.

    For those who wanna give this pentest a try, here's the script for Pyrit
    Code:
    Select All
    pyrit eval pyrit -i <dictionary.txt> import_passwords pyrit -e <ssid> create_essid pyrit eval pyrit batch pyrit verify pyrit -o <wpadb> export_hashdb aircrack-ng -r <wpadb> <output01>.cap
    For Airolib, read this from Aby$m
    http://xiaopan.co/forums/threads/wpa-hash-creation-airolib-ng-genpmk-cowpatty.1823/

    So guys, please feel free to share your thoughts or ideas how can I speed up my completion time on WPA cracking.

    Some useful resources
    http://www.backtrack-linux.org/tutorials/usb-live-install/
    http://www.backtrack-linux.org/downloads/
    http://www.aircrack-ng.org/doku.php?id=airolib-ng
    http://j2neon.blogspot.com/2011/07/cracking-wpa-using-pyrit-and-aircrack.html
    http://xiaopan.co/forums/threads/crack-wpa2-know-your-target.2030/
    http://adaywithtape.blogspot.com/2011/05/creating-wordlists-with-crunch-v30.html
    --- Double Post Merged, 15 Dec 2012 ---
    Added coWPAtty to this pentest. Total completion time
    Dict. Front >> 00:15mins
    Dict. Back >> 16:19mins
    Sample scripts for Dict. Front
    Code:
    Select All
    ./crunch 10 10 0123456789 -s 0125700000 -e 0125800000 -u | ./cowpatty -2 -f- -r <cap.file> -s <ESSID> -v
     
  2. ImJoJo

    ImJoJo The One & Only
    VIP

    Joined:
    25 Jun 2012
    Messages:
    246
    Likes Received:
    107
    Trophy Points:
    191
    Ok, if you think about it while Pyrit is generating all the PMK's, it's not really cracking it's only computing. While Aircrack-ng "is" cracking..so it actually takes about the same amount of time (at least in my computer)..I dont know if I explained myself..:confused:..
     
  3. estimacamry

    estimacamry Tracker
    VIP

    Joined:
    3 Aug 2012
    Messages:
    552
    Likes Received:
    131
    Trophy Points:
    91
  4. ImJoJo

    ImJoJo The One & Only
    VIP

    Joined:
    25 Jun 2012
    Messages:
    246
    Likes Received:
    107
    Trophy Points:
    191
    I have Intel :(...Im running Duo core at 2Ghz each..fast enough but unfortunately its not compatible with oclHashcat-plus. Im thinking on upgrading by this summer..just not sure if Nvidia or AMD.

    By tremendously, what exactly do you mean? How much faster?
     
  5. estimacamry

    estimacamry Tracker
    VIP

    Joined:
    3 Aug 2012
    Messages:
    552
    Likes Received:
    131
    Trophy Points:
    91
    My specs i5 with NVIDIA GeForce GT630M (96 cuda cores), was running 1100k/s with aircrack-ng but when running oclHashcat I get 5000k/s. With my old lappy (Centrino) I get 120k/s on aircrack-ng:D . I saw "A Day with Tape's" blog he gets 50,000k/s but not too sure which specs he has on oclHashcat;) There's a writeup which says ATI is better than NVIDIA with oclHashcat but can't remember where did I read it from.
     
  6. Fantastic

    Fantastic Well-Known Member
    VIP

    Joined:
    19 Feb 2013
    Messages:
    122
    Likes Received:
    153
    Trophy Points:
    111
    I suggest you use AMD
    --- Double Post Merged, 27 Feb 2013 ---
    is it possible to pipe crunch to pyrit or hashcat in xiaopan just like aircrack?
     
  7. estimacamry

    estimacamry Tracker
    VIP

    Joined:
    3 Aug 2012
    Messages:
    552
    Likes Received:
    131
    Trophy Points:
    91
    Pyrit and Hashcat not installed in Xiaopan.
     
  8. Mr. Penguin

    Mr. Penguin Administrator
    Staff Member Admin Moderator VIP

    Joined:
    18 May 2012
    Messages:
    3,086
    Likes Received:
    1,186
    Trophy Points:
    351
    Next version might estimacamry :)


    Sent from my iPhone using Tapatalk
     
  9. Fantastic

    Fantastic Well-Known Member
    VIP

    Joined:
    19 Feb 2013
    Messages:
    122
    Likes Received:
    153
    Trophy Points:
    111
    so estimazamry, i have a high specs pc, is it better to use pyrit in this case or is it the same as aircrack?and thank you
     
  10. estimacamry

    estimacamry Tracker
    VIP

    Joined:
    3 Aug 2012
    Messages:
    552
    Likes Received:
    131
    Trophy Points:
    91
    • Like Like x 1
  11. fatih sukran

    fatih sukran Member

    Joined:
    16 Mar 2013
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    16
    pyrit always better than other, with or w/out GPU, computed database attack or plain attack (dictionary). i confirmed with core i5 i get 2200 pmk/s on plain attack and 120000+ pmk/s on database attack. :psy
     
  12. estimacamry

    estimacamry Tracker
    VIP

    Joined:
    3 Aug 2012
    Messages:
    552
    Likes Received:
    131
    Trophy Points:
    91
     
  13. Fantastic

    Fantastic Well-Known Member
    VIP

    Joined:
    19 Feb 2013
    Messages:
    122
    Likes Received:
    153
    Trophy Points:
    111
    Hashcat is fast in cracking but is it really cracking or is it the same as pyrit?
     
  14. estimacamry

    estimacamry Tracker
    VIP

    Joined:
    3 Aug 2012
    Messages:
    552
    Likes Received:
    131
    Trophy Points:
    91
    oclHashcat1.jpg
    YES
     
    • Like Like x 1
  15. fatih sukran

    fatih sukran Member

    Joined:
    16 Mar 2013
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    16
    off course hashes database only useful after 4-way handshakes has been complete captured. I think the whole cracking process are from first step until your found wpa-psk key.

    sorry for my english.
     
  16. malik7-8-6

    malik7-8-6 Active Member

    Joined:
    30 Jun 2013
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    31
Loading...
  • About Us

    We are a community mixed with professionals and beginners with an interest in wireless security, auditing and pentesting. Feel free to check out and upload resources.


    You can also find us on: Twitter and Facebook

  • Donate to Us

    Did you find our forums useful? Feel free to donate Bitcoin to us using the form below. Those who donate the equivlent of $10 USD or more will be upgraded to VIP membership. Don't have Bitcoin? Use your credit card to GO VIP here. Don't want to fork out some coin? There are other ways to GO VIP. Bitcoin: 1LMTGSoTyJWXuy2mQkHfgMzD7ez74x1Z8K