Pentest using Backtrack 5 R2 Gnome 32 bit running liveUSB. Dictionary attack against my cap file with 3 different approach namely Aircrack, Pyrit and Airolib. In order to have better pentest results, I've prepare 2 dictionary for this attack using Crunch. First dictionary with the passphrase at the front portion (Dict. Front) and second dictionary with the passphrase located at the far end (Dict. Back) Passphrase - 0125701518 Dict. Front - 0125700000 - 0125800000 ( 100001 lines ) Dict. Back - 0125602000 - 0125702000 ( 100001 lines ) The results was a surprise and disappointment to me as a noob in WPA crack and after spending so many hours reading writeups. I was looking forward to a better completion time frame using Pyrit and Airolib but the results were very much the opposite. Take a look at this diagram. So my conclusion are, even though pre hashing increase aircrack speed tremendously it does not speed up the whole process of cracking a WPA/WPA2 ImJoJo Sorry to have given you the wrong impression on Airolib during the 1st pentest, I found out later that during hashing, Airolib only "--batch" a small portion of my dictionary and coincidence the passphrase was located at the front portion of my passlist. With that I started Aircrack and my completion time was much better compare to Pyrit. Reason being, if you run Airolib in vmware or liveUSB the temporary Sql database/buffer have this block limit of 25000pmks. For those who wanna give this pentest a try, here's the script for Pyrit Code: Select All pyrit eval pyrit -i <dictionary.txt> import_passwords pyrit -e <ssid> create_essid pyrit eval pyrit batch pyrit verify pyrit -o <wpadb> export_hashdb aircrack-ng -r <wpadb> <output01>.cap For Airolib, read this from Aby$m https://xiaopan.co/forums/threads/wpa-hash-creation-airolib-ng-genpmk-cowpatty.1823/ So guys, please feel free to share your thoughts or ideas how can I speed up my completion time on WPA cracking. Some useful resources http://www.backtrack-linux.org/tutorials/usb-live-install/ http://www.backtrack-linux.org/downloads/ http://www.aircrack-ng.org/doku.php?id=airolib-ng http://j2neon.blogspot.com/2011/07/cracking-wpa-using-pyrit-and-aircrack.html https://xiaopan.co/forums/threads/crack-wpa2-know-your-target.2030/ http://adaywithtape.blogspot.com/2011/05/creating-wordlists-with-crunch-v30.html --- Double Post Merged, 15 Dec 2012 --- Added coWPAtty to this pentest. Total completion time Dict. Front >> 00:15mins Dict. Back >> 16:19mins Sample scripts for Dict. Front Code: Select All ./crunch 10 10 0123456789 -s 0125700000 -e 0125800000 -u | ./cowpatty -2 -f- -r <cap.file> -s <ESSID> -v
Ok, if you think about it while Pyrit is generating all the PMK's, it's not really cracking it's only computing. While Aircrack-ng "is" cracking..so it actually takes about the same amount of time (at least in my computer)..I dont know if I explained myself....
ImJoJo Noted and agree. If u have the supported hardware, give oclHashcat-plus a go. It increased cracking time tremendously. With Mask Processor (similar tool as crunch) you can use the piped method with oclHashcat-plus. For those who are interested with oclHashcat-plus read this http://www.xiaopan.co/forums/threads/hashcat-plus-in-win-7-wpa-hash-type.1873/
I have Intel ...Im running Duo core at 2Ghz each..fast enough but unfortunately its not compatible with oclHashcat-plus. Im thinking on upgrading by this summer..just not sure if Nvidia or AMD. By tremendously, what exactly do you mean? How much faster?
My specs i5 with NVIDIA GeForce GT630M (96 cuda cores), was running 1100k/s with aircrack-ng but when running oclHashcat I get 5000k/s. With my old lappy (Centrino) I get 120k/s on aircrack-ng . I saw "A Day with Tape's" blog he gets 50,000k/s but not too sure which specs he has on oclHashcat There's a writeup which says ATI is better than NVIDIA with oclHashcat but can't remember where did I read it from.
I suggest you use AMD --- Double Post Merged, 27 Feb 2013 --- is it possible to pipe crunch to pyrit or hashcat in xiaopan just like aircrack?
so estimazamry, i have a high specs pc, is it better to use pyrit in this case or is it the same as aircrack?and thank you
Test your pc cracking speed with oclHashcat-plus..you will be surprise with its speed https://xiaopan.co/forums/threads/hashcat-plus-in-win-7-wpa-hash-type.1873/
pyrit always better than other, with or w/out GPU, computed database attack or plain attack (dictionary). i confirmed with core i5 i get 2200 pmk/s on plain attack and 120000+ pmk/s on database attack. sy
off course hashes database only useful after 4-way handshakes has been complete captured. I think the whole cracking process are from first step until your found wpa-psk key. sorry for my english.