Jump to content

Using pineapple to crack WPA/2 passwords


Recommended Posts

I have done numerous google searches and have even written Hak5 support with no luck.  Not trying to do anything illegal.  Simply wondering how i can use the pineapple to obtain my own wifi password.  Is there anyone or anywhere i can get directions on this?  

Now i've seen a ton online, however every video i have watch skips over very important steps, or quickly will gloss over anything meaningful that i guess i should know, but i do not.  Is there anywhere i can read this or have it explained to me as if i'm a 5 year old?

Link to comment
Share on other sites

I won't go into why you would like to obtain your own WiFi password, I guess that you already know it and want to use your WiFi for practice. If you've lost it, just connect using cable and reset it. However, there are really tons of material about doing this (as you say), so if you haven't understood the concept from all your searches, then I'm not sure this is your thing really. I'm not sure what "very important steps" you are referring to, it's not rocket science. You need to get hold of a handshake from your network, either by deauthenticating a client that is connected or connecting a client device to the network (no deauth needed). Then crack it using (most likely) brute force/wordlist, either on equipment of your own, or some online service. The last part isn't "Pineapple work" though, you need some other hardware for that (or online service, as mentioned).

Last but not least, post Hak5 gear specific topics in the appropriate forum sections (i.e. Pineapple questions in one of the Pineapple sections, depending on model).

Link to comment
Share on other sites

you are totally correct.  I wanted to test penetrate my own network, then do the same at work.  

However, i did figure it out.  It works much better if you do the same thing you are doing in windows, in Kali.

Link to comment
Share on other sites

  • 5 months later...

I just took all my handshakes and converted what I needed to here.

After that, I added my own password into the list, and I cut the list down as well so the rockyou.txt and this other one, forget the name of it.

Here is a great way to cut down letters and words in a text file or .txt wordlist file:

sudo grep -x '.\{8,34\}' rockyou.txt > wpacracks1.txt wc -l whatevernameyouwant.txt 

After that I have a wordlist with way less to crack and of course near the start on the 20th or so line, I add my password in there and others that have been cracked by me so far.

You can also use Hash Suite for Windows and I think Linux.

sudo wifite

I just used this to find my network and many others, added my own password into the list, and it cracked within seconds on the 42nd line.

When you get a handshake capture make sure to convert the .pcap here: https://hashcat.net/cap2hashcat/

Use Hash Suite or hashcat, make sure to do something like this and edit that wordlist so it does not time-out super fast because it takes so much CPU/GPU etc:

hashcat -m 22000 filename.22000
Link to comment
Share on other sites

Can you explain this further?
sudo grep -x '.\{8,34\}' rockyou.txt > wpacracks1.txt wc -l whatevernameyouwant.txt

Why sudo? Should be perfectly possible to run without if being the owner of the txt files used.

What is the command actually supposed to do? It extracts the passphrases/passwords with the length from 8 to 34 chars from the rockyou.txt file. But, the wc command won't execute and instead produce an error. It must be appended to the line with && to work, but the question in the first place is, why use wc, it just outputs a number of lines?

Adding your own (already known) passphrases to a wordlist can be a good way to understand the methods and how things work, but there's no surprise that things are going to be cracked if it's in the wordlist file. And if you put the correct passphrase for the captured handshake on line 42, it will be "cracked" on line 42. Nothing special with that number.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...