Cracking WPA2- PSK Passwords with Cowpatty - baixardoc

How-Tos How-Tos Topics Topics » » Wi-Fi HackingWi-Fi Hacking

How to Hack Wi-Fi: Cracking WPA2-How to Hack Wi-Fi: Cracking WPA2-PSK Passwords with CowpattyPSK Passwords with Cowpatty

$10 Off Your First Ordergoogle.com/shopping/express

All Things Tech, Delivered To You Today With Google Shopping Express.

Welcome, my hacker novitiates!

As part of my series on hacking Wi-Fi, I want to demonstrate another excellent

piece of hacking software for cracking WPA2-PSK passwords. In my last post, we

cracked WPA2 using aircrack-ng. In this tutorial, we'll use a piece of software

developed by wireless security researcher Joshua Wright called cowpatty (often

stylized as coWPAtty). This app simplifies and speeds up the dictionary/hybrid

attack against WPA2 passwords, so let's get to it!

Popular NowPopular Now

RelatedRelated

Follow

Follow

FollowFollowNull ByteNull ByteThe aspiring grey hat hacker / security awareness playgroundThe aspiring grey hat hacker / security awareness playground

World Home How-To Inspiration Forum Creators

Green Tea: It CleansGreen Tea: It CleansMore Than Just YourMore Than Just YourBodyBody

CryptoLocker: AnCryptoLocker: AnInnovative & CreativeInnovative & CreativeHackHack

How to Hack WPA WiFiHow to Hack WPA WiFiPasswords by CrackingPasswords by Crackingthe WPS PINthe WPS PIN

How to Move theHow to Move theObtrusive VolumeObtrusive VolumeIndicator Box to YourIndicator Box to YouriPhone's Status BariPhone's Status Bar

Posted By

occupytheweb

45724572 6 months ago Follow

Follow

FollowFollow

5050

KUDOSKUDOS

How to DisableHow to DisableAnnoying AutoplayAnnoying AutoplayMedia in Chrome,Media in Chrome,Firefox, Safari, andFirefox, Safari, andInternet ExplorerInternet Explorer

How to IncreaseHow to IncreaseYoutube ViewsYoutube Views

How to Hack Wi-Fi: CrackingHow to Hack Wi-Fi: CrackingWPA2-PSK Passwords UsingWPA2-PSK Passwords UsingAircrack-NgAircrack-Ng

How to Hack Wi-Fi: GettingHow to Hack Wi-Fi: GettingStarted with Terms andStarted with Terms andTechnologiesTechnologies

iOS 6 Broke Your Wi-Fi? Here'siOS 6 Broke Your Wi-Fi? Here'sHow to Fix Connection ProblemsHow to Fix Connection Problemson Your iPhone or iPadon Your iPhone or iPad

How to Hack Wi-Fi: GettingHow to Hack Wi-Fi: GettingStarted with the Aircrack-NgStarted with the Aircrack-NgSuite of Wi-Fi Hacking ToolsSuite of Wi-Fi Hacking Tools

How to Hack WiFi Passwords forHow to Hack WiFi Passwords forFree Wireless Internet on YourFree Wireless Internet on YourPS3PS3

How to Hack Wi-Fi: CrackingHow to Hack Wi-Fi: CrackingWEP Passwords with Aircrack-NgWEP Passwords with Aircrack-Ng

The Easiest Way to Share YourThe Easiest Way to Share YourComplicated Wi-Fi Password withComplicated Wi-Fi Password withFriends & Family—No TypingFriends & Family—No Typing

Search WorldsWorlds Login | SignupLogin | Signup

converted by Web2PDFConvert.com

Cowpatty is one of the hundreds of pieces of software that are included in the

BackTrack suite of software. For some reason, it was not placed in the

/pentest/wireless directory, but instead was left in the /usr/local/bin

directory, so let's navigate there.

cd /usr/local/bin

Because cowpatty is in the /usr/local/bin directory and this directory should

be in your PATH, we should be able to run it from any directory in BackTrack.

To get a brief rundown of the cowpatty options, simply type:

cowpatty

BackTrack will provide you a brief help screen. Take a note that cowpatty requires

all of the following.

a word list

a file where the password hash has been captured

the SSID of the target AP

Just as in cracking with aircrack-ng, we need to put the wireless adapter into

monitor mode.

airmon-ng start wlan0

Next, we need to start a capture file where the hashed password will be stored

when we capture the 4-way handshake.

NewestNewest

Hi Im New Here as a Member but This IsAlways My Go to Site for Projects I NowHave an Old Tv/Vcr (Funai) And Not SureW

TAXI CAB published

FISKER RIETBERGEN BRAMSEN published

Port Sniffer

gfi.com

Check your Network for Open Ports. Try GFILanGuard® 2014 Free!

Mainframe WebServices

Password Recovery -$9.95

Why SevOne?

CommunityCommunity

Step 1: Find the CowpattyStep 1: Find the Cowpatty

Step 2: Find the Cowpatty Help ScreenStep 2: Find the Cowpatty Help Screen

Step 3: Place the Wireless Adapter in Monitor ModeStep 3: Place the Wireless Adapter in Monitor Mode

Step 4: Start a Capture FileStep 4: Start a Capture File

Friends & Family—No TypingFriends & Family—No TypingRequiredRequired

How to Crack Wi-Fi PasswordsHow to Crack Wi-Fi Passwordswith Your Android Phone andwith Your Android Phone andGet Free Internet!Get Free Internet!

How to Crack Wi-Fi PasswordsHow to Crack Wi-Fi Passwords—for Beginners!—for Beginners!

Save Battery Power by PairingSave Battery Power by PairingWi-Fi Connections with CellWi-Fi Connections with CellTower Signals on Your GalaxyTower Signals on Your GalaxyNote 3Note 3

How to Fix the Wi-Fi RoamingHow to Fix the Wi-Fi RoamingBug on Your Samsung GalaxyBug on Your Samsung GalaxyS3S3

Being Creative withBeing Creative withHackingHacking

How to CorrectlyHow to CorrectlyConfigure RealtekConfigure RealtekRTL8191SU WLANRTL8191SU WLANUSB to Use ReaverUSB to Use Reaverand Aircrack-Ng onand Aircrack-Ng onKali-Linux.Kali-Linux.


airodump-ng --bssid 00:25:9C:97:4F:48 -c 9 -w cowpatty mon0

This will start a dump on the selected AP (00:25:9C:97:4F:48), on the

selected channel (-c 9) and save the the hash in a file named cowcrack.

Now when someone connects to the AP, we'll capture the hash and airdump-ng

will show us it has been captured in the upper right-hand corner.

Now that we have the hash of the password, we can use it with cowpatty and

our wordlist to crack the hash.

cowpatty -f /pentest/passwords/wordlists/darkc0de.lst -r

/root/cowcrack-01.cap -s Mandela2

As you can see in the screenshot above, cowpatty is generating a hash of every

word on our wordlist with the SSID as a seed and comparing it to the captured

hash. When the hashes match, it dsplays the password of the AP.

Although running cowpatty can be rather simple, it can also be very slow. The

password hash is hashed with SHA1 with a seed of the SSID. This means that

the same password on different SSIDs will generate different hashes. This

prevents us from simply using a rainbow table against all APs. Cowpatty must

take the password list you provide and compute the hash with the SSID for each

word. This is very CPU intensive and slow.

Cowpatty now supports using a pre-computed hash file rather than a plain-text

word file, making the cracking of the WPA2-PSK password 1000x faster! Pre-

computed hash files are available from the Church of WiFi, and these pre-

computed hash files are generated using 172,000 dictionary file and the 1,000

Some Ideas to Challenges


How to Set the Volume Buttons toInstantly Control the Flashlight on YourHTC One

ANDREW GODINEZ published

Hack Like a Pro: How to Crash YourRoommate's Windows 7 PC with a Link

OCCUPYTHEWEB commented on

Challenges


Hack Like a Pro: How to Crash YourRoommate's Windows 7 PC with a Link

PHEONIX KELLER commented on

Step 5: Capture the HandshakeStep 5: Capture the Handshake

Step 6: Run the CowpattyStep 6: Run the Cowpatty

Step 7: Make Your Own HashStep 7: Make Your Own Hash

Once you have a meterpreter connection, youcan do anything you want. You own hiscomputer!

Master,

I am curious. ... I have successfully exploitedmy roommates pc and have a meterpreterconnection. Can I or can I not jamm his pcwithout sending a link that he has to click.

Pheonix


Remember to Give Kudos, Tweet, Like, & Share13 16

AMERICANPATRIOT

1

6 months ago Reply

Nice work.

SANDEEPAGRAWAL

1

6 months ago Reply

Great work .. .appreciated......

STANWILLIAMS

1

6 months ago Reply

awesome, I love the way you explain the details, thanks a lot.

1 thats awsome.............. i love it,..... buh cant someone do dis without a wireless

adaptor? pls reply me

Subscribe

most popular SSIDs. As useful as this is, if your SSID is not in that 1,000, the

hash list really doesn't help us.

In that case, we need to generate our own hashes for our target SSID. We can

do this by using an application called genpmk. We can generate our hash file for

the "darkcode" wordlist for the SSID "Mandela2" by typing:

genpmk -f /pentest/passwords/wordlists/darkc0de.lst -d hashes -

s Mandela2

Once we have generated our hashes for the particular SSIDs, we can then crack

the password with cowpatty by typing:

cowpatty -d hashfile -r dumpfile -s ssid

Keep coming back for more on Wi-Fi hacking and other hacking techniques!

Haven't seen the other Wi-Fi hacking guides yet? Check them out here. If you

have questions on any of this, please ask them in the comments below. If it's

something unrelated, try asking in the Null Byte forum.

How to Hack Wi-Fi: Cracking WPA2-PSK Passwords Using Aircrack-Ng

How to Hack Wi-Fi: Getting Started with Terms and Technologies

iOS 6 Broke Your Wi-Fi? Here's How to Fix Connection Problems on

Your iPhone or iPad

Show More...

IDS Software - Free Trialgfi.com/ids-software

Detect Intruders & Security Gaps w/ GFI EventsManager! Free Trial

Join the DiscussionJoin the Discussion

Step 8: Using Our HashStep 8: Using Our Hash

Stay Tuned for More Wireless Hacking GuidesStay Tuned for More Wireless Hacking Guides

See AlsoSee Also

OFFOFF


LIJOKAJOSEPHAYODELE 6 months ago - edited 6 months ago Reply

thanks... kudos

ALIJABARI

1

6 months ago Reply

absolutely not !

do you know what this application will do after using it??

it will try a very very long list of passwords and checks the result,when it finds

any true password it will save it to a target file.so if you have not any Wifi

router it cannot try that passwords to find out what is true.right?

SECRETKING

1

2 months ago Reply

master OTW

how many powerfull dictionaries are in bt...other than darkc0de & rockyou.......

would u plz like to suggest some other powerfull dictionary for dictionary attack to

wpa psk.......and why can't i use JTR with aircrack-ng...

OCCUPYTHEWEB

1

2 months ago Reply

Secret:

There are numerous wordlists on the web. Simply google them.

Aircrack-ng and JTR do the same thing. Why would you want to use them

together?

OTW

SECRETKING

1

2 months ago Reply

thnx master ...understand.....

SEBASTIANNIELSEN

1

last month Reply

Otw i find this wifi hack in backtrack 5 r3 i cant upload the video just look at it into

youtube

I will leave a link:http://m.youtube.com/watch?v=AsHZLcz2s4s

http://m.youtube.com/watch?v=AsHZLcz2s4s

SEBASTIANNIELSEN

1

last month Reply

Master otw can you please look at this video, it looks like its a better wifi hack

program in backtrack 5 r3... Is it true???

http://m.youtube.com/watch?v=AsHZLcz2s4s

OCCUPYTHEWEB

1

last month Reply

Sebastian:

Try it and if it works, great!

OTW

PRINCEKASHIF

1

2 weeks ago Reply

bahi donwload nahin ho raha he help

NILSHAGNER

1

6 days ago Reply

Is there a way to crack passwords without a word list? (If you don't have a word

as a password)

OCCUPYTHEWEB

1

6 days ago Reply

Your approach to cracking passwords is dependent upon what type of encryption

is used. If it is WEP, no wordlist is necessary. WPA2 needs a wordlist. If it uses

WPS it is a bit easier.

What do you mean by not using a word as a password?


SECRETKING

1

6 days ago Reply

master what is diffent from cracking aircrack-ng and cowpetty???

NILSHAGNER

1

4 days ago Reply

I mean a code like ag>H/@uspLA or whatever never occours in a wordlist

OCCUPYTHEWEB

1

4 days ago Reply

Nils:

Many of the wordlists contain code like that. Its a misnomer to call them a

wordlist as they include things other than words, but what else would you call

them?

OTW

NILSHAGNER

1

2 days ago Reply

crazy stuff....

But thanks for your answer!

will go on reading :)

YOU

Hack router passwordGet someones facebook passwordHack facebook accountTrack who views your facebook profile…Hack other people webcamCrack gmail passwordHow to Facebook group hackBypass facebook password

How to Hack imvu accountHack another computer on your network…Hack facebook account passwordHow to Google camera hackHack mac app store 10.6.8How to Google camera hackHarmless virus for macHow to Linux wpa crack

Activate blocked sitesFree imovie templatesConvert nds to iso fileHack other users on same wifiHack security camerasHack computer through ip addressHow to Hack internet modemSend a computer virus

Share Your ThoughtsShare Your Thoughts

Related Topics

Recovery Password XP Password Network Intrusion

Reset Admin Password Rainbow Tables Password Changes

Wireless LAN Security Password Cracker MS Word Password

Popular How-To Topics in Computers & ProgrammingPopular How-To Topics in Computers & Programming

Trending Across WonderHowToTrending Across WonderHowTo

Click to share your thoughts

ATTACH

Green Tea: It Cleans More ThanGreen Tea: It Cleans More ThanJust Your BodyJust Your Body

How to Move the ObtrusiveHow to Move the ObtrusiveVolume Indicator Box to YourVolume Indicator Box to YouriPhone's Status BariPhone's Status Bar

How to “KnockOn” Your HTCHow to “KnockOn” Your HTCOne (Double-Tap Screen toOne (Double-Tap Screen toWake)Wake)

How to Add Your iCloud EmailHow to Add Your iCloud EmailAccount to Your Galaxy Note 3Account to Your Galaxy Note 3or Other Android Deviceor Other Android Device

12 Home Remedies for Relieving12 Home Remedies for RelievingAnnoying Allergy SymptomsAnnoying Allergy Symptoms

DIY Survival: How to Filter DirtyDIY Survival: How to Filter DirtyWater with a StickWater with a Stick

How to Make Easy HomemadeHow to Make Easy HomemadeButtermilk, Sour Cream, &Buttermilk, Sour Cream, &Crème FraîcheCrème Fraîche

How to Unlock the Bootloader &How to Unlock the Bootloader &Root Your HTC One RunningRoot Your HTC One RunningAndroid 4.4.2 KitKatAndroid 4.4.2 KitKat


ArtsArtsArts & CraftsArts & CraftsBeauty & StyleBeauty & StyleDanceDanceFine ArtFine ArtMusic & InstrumentsMusic & Instruments

Science & TechScience & TechAutos, Motorcycles & PlanesAutos, Motorcycles & PlanesComputers & ProgrammingComputers & ProgrammingDisaster PreparationDisaster PreparationEducationEducationElectronicsElectronicsFilm & TheaterFilm & TheaterSoftwareSoftwareWeaponsWeapons

LifestyleLifestyleAlcoholAlcoholBusiness & MoneyBusiness & MoneyDating & RelationshipsDating & RelationshipsDiet & HealthDiet & HealthFamilyFamilyFitnessFitnessFoodFoodHome & GardenHome & GardenHosting & EntertainingHosting & EntertainingLanguageLanguageMotivation & Self HelpMotivation & Self HelpOutdoor RecreationOutdoor RecreationPets & AnimalsPets & AnimalsPranks & ConsPranks & ConsSpiritualitySpiritualitySportsSportsTravelTravel

GamingGamingGamblingGamblingGamesGamesHobbies & ToysHobbies & ToysMagic & Parlor TricksMagic & Parlor TricksVideo GamesVideo Games

About Us Privacy Policy Terms & Conditions


Cracking WPA2- PSK Passwords with Cowpatty - baixardoc

Documents

Transcript of Cracking WPA2- PSK Passwords with Cowpatty - baixardoc