We can proceed with the following steps:
- We can precalculate the PMK for a given SSID and wordlist using the
genpmktool with the following command:genpmk –f <chosen wordlist>–d PMK-Wireless-Lab –s "Wireless LabThis creates the PMK-Wireless-Lab file containing the pregenerated PMK:
- We now create a WPA-PSK network with the passphrase
abcdefgh(present in the dictionary we used) and capture a WPA-handshake for that network. We now useCowpattyto crack the WPA passphrase, as shown in the following screenshot:
It takes approximately 7.18 seconds for
Cowpattyto crack the key, using the precalculated PMKs. - We now use
aircrack-ngwith the same dictionary file, and the cracking process takes over 22 minutes. This shows how much we are gaining because of the precalculation. - In order to use these PMKs with
aircrack-ng, we need to use a tool calledairolib-ng. We will give it the optionsairolib-ng,PMK-Aircrack --import,andcowpatty PMK-Wireless-Lab, wherePMK-Aircrackis theaircrack-ngcompatible database to be created and PMK-Wireless-Lab is thegenpmkcompliant PMK database that we created previously. - We now feed this database to
aircrack-ngand the cracking process speeds up remarkably. We use the following command:aircrack-ng –r PMK-Aircrack WPACrackingDemo2-01.cap - There are additional tools available on BackTrack such as Pyrit that can leverage multi CPU systems to speed up cracking. We give the
pcapfilename with the-roption and thegenpmkcompliant PMK file with the-ioption. Even on the same system used with the previous tools, Pyrit takes around 3 seconds to crack the key, using the same PMK file created usinggenpmk.
..................Content has been hidden....................
You can't read the all page of ebook, please click here login for view all page.