coWPAtty包装说明
实施采用PSK的认证(如WPA-Personal)的对WPA / WPA2网络脱机字典攻击。许多企业网络中部署的WPA / WPA2 PSK的认证机制,因为它比建立需要WPA-Enterprise身份验证所需的RADIUS,请求者和证书颁发机构的架构要容易得多。 Cowpatty可以实现加速攻击如果一个预先计算的PMK的文件都可以用于正在进行评估的SSID。
资料来源:http://www.willhackforsushi.com/?page_id=50br />
coWPAtty首页 | 卡利coWPAtty回购
- 作者:约书亚·赖特
- 许可:GPL第二版
包含在cowpatty包工具
cowpatty - WPA-PSK字典攻击
[email protected]:~# cowpatty -h
cowpatty 4.6 - WPA-PSK dictionary attack. <[email protected]>
Usage: cowpatty [options]
-f Dictionary file
-d Hash file (genpmk)
-r Packet capture file
-s Network SSID (enclose in quotes if SSID includes spaces)
-c Check for valid 4-way frames, does not crack
-h Print this help information and exit
-v Print verbose information (more -v for more verbosity)
-V Print program version and exitgenpmk - WPA-PSK预计算攻击
[email protected]:~# genpmk -h
genpmk 1.1 - WPA-PSK precomputation attack. <[email protected]>
Usage: genpmk [options]
-f Dictionary file
-d Output hash file
-s Network SSID
-h Print this help information and exit
-v Print verbose information (more -v for more verbosity)
-V Print program version and exit
After precomputing the hash file, run cowpatty with the -d argument.genpmk用法示例
使用随机提供的字典文件(-f /usr/share/wordlists/nmap.lst)生成 hashfile,将其保存到一个文件(-d cowpatty_dict)为给定的ESSID(-s安联):
[email protected]:~# genpmk -f /usr/share/wordlists/nmap.lst -d cowpatty_dict -s securenet
genpmk 1.1 - WPA-PSK precomputation attack. <[email protected]>
File cowpatty_dict does not exist, creating.
key no. 1000: pinkgirl
1641 passphrases tested in 4.09 seconds: 401.35 passphrases/secondcowpatty用法示例
使用随机提供的hashfile(-d cowpatty_dict),读取数据包捕获(-r天命-20140515-16-21-37-1.pcapdump),以及破解的密码给定的ESSID(-s 6F36E6):
[email protected]:~# cowpatty -d cowpatty_dict -r Kismet-20140515-16-21-37-1.pcapdump -s 6F36E6
cowpatty 4.6 - WPA-PSK dictionary attack. <[email protected]>