Part 2. Cracking AT&T WPA1/2

Monday, September 24, 2012 Posted by Unknown

Part 2. Cracking AT&T WPA1/2 with python script and hashcat.

Once you get the four way handshake from part 1.

My python script can be found here. It creates a CPU pool based on how many cores you have. Based on python 2.7.3 and Linux OS.

What the script does is count from 000000000 to 9999999999 skipping any number that has three repeating numbers in a row.  so you wont have keys like 1234555678 because it repeats 5 three times. This is because AT&T decided to make their numbers to random cutting their key space down. Its faster to count through and skip past repeating numbers then to process each number.

To change what the programs start on open it and change the following line to whatever you want:

start = str(7)

To run the program pipe it to hashcat-plus.

python 2wireWPAiter.py | ./oclHashcat-plus64.bin -m 2500 -a 0 --gpu-accel=160 --gpu-loops=1024 ../dir/2WIREHandShake.hccap
With a AMD driver 12.8 and SDK 2.7 I get about 86K keys  per second. With the built in brute-force I get 114K keys per second. Still working on how to improve my out put speed. 

To get more info on hashcat look here.

straight brute force on known key starting with 7 saved over an hour.

Screen shots.. With script                without script 


Someone in the hashcat room just told me a better way of doing this to make it even faster and more accurate. using http://hashcat.net/wiki/doku.php?id=statsprocessor making a hcstat file. Utilizing Markov chains. I will do this later tonight and post my results.

Edit: you can't use Markov chains with hashcat for this. 
Labels: , , , ,

Post a Comment

Subscribe to: Post Comments (Atom)