WPA/WPA2
Summary
- Hash algorithms used: SHA-1, MD5
- Encryption algorithms used: n/a
- Complexity of attack: High
- Password recovery speed: thousands (CPUs), tens of thousands (GPUs)
- CPU optimizations: MMX, SSE2, AVX, XOP
- NVIDIA GPUs support: G80+ (GT8600 and higher)
- AMD GPUs support: RV710+ (HD4350 and higher)
General information
WPA/WPA2 password protection using PBKDF2 (RFC 2898) with 4096 iterations for key derivation. SSID being used as salt for PBKDF2 input thus making precomputing possible — for common named SSIDs attacker can create precomputed tables and then use them gaining huge speed-up (hundreds of times).
As a side note — never use predictable/common names (like "mywifi", "home", "netgear", etc) for your wifi network.
Extracting WPA handshake from capture file is a very different and interesting work. However as this program does not contains internal parser, you're need to prepare handshake manually before attacking it. You can read more about it at atom's website or visit aircrack-ng's website.
This program supports .hccap file format which can be described as C structure as:
typedef struct _HCCAP { char essid[36]; unsigned char mac1[6]; unsigned char mac2[6]; unsigned char nonce1[32]; unsigned char nonce2[32]; unsigned char eapol[256]; int eapol_size; int keyver; unsigned char keymic[16]; } HCCAP;
Also it can handle handshakes in slightly different format:
typedef struct _WPAH { unsigned int dwSize; /* must be == sizeof(WPAH) == 0x198 */ unsigned int dwId; /* must be == 0x57504148 */ unsigned int dwSubId; /* must be == 0x57504148 */ unsigned int dwReserved; /* must be == 0 */ unsigned int keyver; /* key version (TKIP / AES) */ unsigned int essid_len; unsigned char essid[32]; unsigned char bssid[6]; /* AP MAC */ unsigned char stmac[6]; /* supplicant MAC */ unsigned char snonce[32]; /* supplicant nonce */ unsigned char anonce[32]; /* authenticator nonce */ unsigned char keymic[16]; /* eapol frame MIC */ unsigned int eapol_size; /* eapol frame size */ unsigned char eapol[256]; /* eapol frame contents */ } WPAH;
Both formats contains information needed for attack but WPAH files contains additional signatures to recognize them from other binary files.
Attack settings
Standard attacks (brute-force with optional mask, dictionary based) are applicable, no specific settings required.
Additional information
It's possible to create precomputed WPA-PMK tables with this software. These tables using cowpatty format.
Attacks using precomputed tables are not yet implemented though.