.

WPA-PSK crcking with Elcomsoft

<<

V0IDANC3

Post Wed Jan 28, 2009 8:44 pm

WPA-PSK crcking with Elcomsoft

Hi Guys

any idea on whether it is possible to import .cap files with WPA-PSK hashes into Elcomsoft distributed password recovery., if it is possible can anyone give me any insight Would i have to convert it into another format. After scouring the net all i can see to find is news articles and reviews on the product there is no actual information and the help files are vague. Any help would e appreciated Thanks in advance.
<<

KrisTeason

User avatar

Hero Member
Hero Member

Posts: 515

Joined: Sat Sep 08, 2007 7:48 pm

Location: /dev/null

Post Wed Feb 04, 2009 6:02 am

Re: WPA-PSK crcking with Elcomsoft

Not exactly sure how to do that but you'd have better luck using SpoonWPA. I'll post a link to it right now. Look Here
Last edited by KrisTeason on Wed Feb 04, 2009 6:19 am, edited 1 time in total.
eCPPT (Silver/Gold), eWPT, GSEC, GISP, GCIH, OSCP, OSWP
<<

V0IDANC3

Post Thu Feb 05, 2009 8:41 pm

Re: WPA-PSK crcking with Elcomsoft

Thanks for the reply, i've used SpoonWPA quite a few times before however the inbuilt dictionary attack takes ages to complete, getting the WPA-PSK hash is no problem it's the amount of time taken to crack the PSK that takes countless hours.

Maybe the best way of performing the dictionary attack aside the elcomsoft method is to set up a few BT machines running John and launch the attack that way. Else generate a few rainbow tables with something like rtgen. I would like to test the GPU theory out though as i am interested in the kinds of speeds it will pull.
<<

KrisTeason

User avatar

Hero Member
Hero Member

Posts: 515

Joined: Sat Sep 08, 2007 7:48 pm

Location: /dev/null

Post Fri Feb 06, 2009 2:01 am

Re: WPA-PSK crcking with Elcomsoft

Your right about the speed of SpoonWPA, it's not the quickest. I believe there was even a thread on here where the discussion was based upon how long is too long for attempting dictionary attacks against WPA. If you end up testing that theory let us know which tools quicker!
eCPPT (Silver/Gold), eWPT, GSEC, GISP, GCIH, OSCP, OSWP
<<

Jhaddix

User avatar

Sr. Member
Sr. Member

Posts: 317

Joined: Wed Oct 29, 2008 10:25 pm

Post Sat Feb 07, 2009 8:40 am

Re: WPA-PSK crcking with Elcomsoft

V0IDANC3 wrote:Thanks for the reply, i've used SpoonWPA quite a few times before however the inbuilt dictionary attack takes ages to complete, getting the WPA-PSK hash is no problem it's the amount of time taken to crack the PSK that takes countless hours.

Maybe the best way of performing the dictionary attack aside the elcomsoft method is to set up a few BT machines running John and launch the attack that way. Else generate a few rainbow tables with something like rtgen. I would like to test the GPU theory out though as i am interested in the kinds of speeds it will pull.


Maybe you could use:

http://www.bindshell.net/tools/johntheripper

This is an updated version of Ryan Lim's patch for john the ripper to support MPI, in addition to a large number of third party patches to support additional ciphers and such.

MPI allows you to use multiple processors on a single system, or a cluster of systems for cracking passwords using john the ripper. Incredibly useful in these days of multi core processors.


Dont know if you have the resources, nor have i played with MPI yet, just a thought b/c i was on Bindshell today =P
<<

Jhaddix

User avatar

Sr. Member
Sr. Member

Posts: 317

Joined: Wed Oct 29, 2008 10:25 pm

Post Sat Feb 07, 2009 9:06 am

Re: WPA-PSK crcking with Elcomsoft

Oops MPI doesnt do dictionary, looks like there was a project that did but i cant find the tool anywhere released.

http://distro.ibiblio.org/pub/linux/dis ... report.pdf

Sorry!

Return to Wireless

Who is online

Users browsing this forum: No registered users and 0 guests

cron
.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software