WPA/WPA2

Summary

  • Hash algorithms used: SHA-1, MD5
  • Encryption algorithms used: n/a
  • Complexity of attack: High
  • Password recovery speed: thousands (CPUs), tens of thousands (GPUs)
  • CPU optimizations: MMX, SSE2, AVX, XOP
  • NVIDIA GPUs support: G80+ (GT8600 and higher)
  • AMD GPUs support: RV710+ (HD4350 and higher)

General information

WPA/WPA2 password protection using PBKDF2 (RFC 2898) with 4096 iterations for key derivation. SSID being used as salt for PBKDF2 input thus making precomputing possible — for common named SSIDs attacker can create precomputed tables and then use them gaining huge speed-up (hundreds of times).

As a side note — never use predictable/common names (like "mywifi", "home", "netgear", etc) for your wifi network.

Extracting WPA handshake from capture file is a very different and interesting work. However as this program does not contains internal parser, you're need to prepare handshake manually before attacking it. You can read more about it at atom's website or visit aircrack-ng's website.

This program supports .hccap file format which can be described as C structure as:

typedef struct _HCCAP
{
 char          essid[36];

 unsigned char mac1[6];
 unsigned char mac2[6];
 unsigned char nonce1[32];
 unsigned char nonce2[32];

 unsigned char eapol[256];
 int           eapol_size;

 int           keyver;
 unsigned char keymic[16];
} HCCAP;

Also it can handle handshakes in slightly different format:

typedef struct _WPAH
{
 unsigned int  dwSize;          /* must be == sizeof(WPAH) == 0x198 */
 unsigned int  dwId;            /* must be == 0x57504148            */
 unsigned int  dwSubId;         /* must be == 0x57504148            */
 unsigned int  dwReserved;      /* must be == 0                     */

 unsigned int  keyver;		/* key version (TKIP / AES)         */
 unsigned int  essid_len;
 unsigned char essid[32];
 unsigned char bssid[6];	/* AP MAC               	    */
 unsigned char stmac[6];	/* supplicant MAC                   */
 unsigned char snonce[32];	/* supplicant nonce                 */
 unsigned char anonce[32];	/* authenticator nonce              */
 unsigned char keymic[16];	/* eapol frame MIC                  */
 unsigned int  eapol_size;	/* eapol frame size                 */
 unsigned char eapol[256];	/* eapol frame contents             */
} WPAH;

Both formats contains information needed for attack but WPAH files contains additional signatures to recognize them from other binary files.

Attack settings

Standard attacks (brute-force with optional mask, dictionary based) are applicable, no specific settings required.

Additional information

It's possible to create precomputed WPA-PMK tables with this software. These tables using cowpatty format.

Attacks using precomputed tables are not yet implemented though.

 
© Passcovery Co. Ltd., 2016
.