harper77
-
Posts
2 -
Joined
-
Last visited
Posts posted by harper77
-
-
I've done the same thing and can say that aircrack-ng can NOT crack the password from a failed authentication handshake.
I just set up my wireless router, my computer with Backtrack and got my phone with the wrong password to try connect to my router. Even though airodump-ng says it's successfully captured a handshake, it's not enough to crack it. Aircrack-ng went through the entire password list without success.
I tried the same password list with a working authentication handshake capture and it got the password in a few seconds (the correct password was near the top of the password list).
I opened the failed password handshake in Wireshark and it says it has captured "Message 1 of 4" and "Message 2 of 4" of the 4 way handshake.
From what I gather, you need at least packets 2 and 3, or packets 3 and 4. Just 1 and 2 will not work.
Wpa Handshake - The Easy Way?
in Security
Posted
Yea actually you're right. Capturing packets 1 and 2 can crack the password, provided the client has the correct password.
I just set up the an airbase-ng on my computer with a random ESSID on it and got my phone to try to connect to it using the password. Even though my computer didn't know the password, it captured a handshake and through aircrack-ng I was able to crack the password in a few seconds (the correct password was near the top of the list).
I looked through the capture file on Wireshark and saw that it only had packets 1 and 2 of the 4 way handshake as well.
So this means that airodump-ng can sometimes capture incomplete handshakes and say it's legit, and you'll spend days trying to crack the handshake but it'll never find the correct pass because it's a fail handshake? Is there any way to tell that it's a failed handshake (by looking at sharkwire or something)?