Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Mon, 23 Sep 2019 15:48:10 +0200
From: Albert Veli <albert.veli@...il.com>
To: john-users@...ts.openwall.com
Cc: "M.Hamza Aziz" <mhamzaaziz1@...il.com>
Subject: Re: How to crack WPA2

Take a look at airodump-ng and also aireplay-ng to speed up the process by
sending deauth packets. All wifi hw doesn't support sending deauth packets
so people typically use USB-connected WiFi-card from Alpha. Those work with
Linux. After collecting enough data the last step is cracking the password
with john (or hashcat). There are literally hundreds of tutorials out there
on how to perform these steps.

On Sun, Sep 22, 2019 at 3:51 PM Robert Moskowitz <rgm@...-consult.com>
wrote:

>
>
> On 9/22/19 2:47 AM, M.Hamza Aziz wrote:
> > I'm a new bae. I want to crack WPA2 SECURITY. how is this possible.
> >
> First you need to intercept something to attack, and that is easy. See
> my 2003 paper on it.  It is archived in many places like:
>
>
> https://wifinetnews.com/archives/2003/11/weakness_in_passphrase_choice_in_wpa_interface.html
>
> WPA or WPA2 it makes no difference, sadly.    There are papers and tools
> to do the rainbow attacks.
>
> Just dig a bit and you will find lots of ways to get the WPA2 password.
>
> Now with WPA3, they went with a PAKE (Password Augmented Key Exchange)
> which adds the password into a Elliptic Curve Diffie-Hellman exchange.
> On the IETF CFRG list there is lots of debates about the security
> profile for WPA3, but it is quite good. PAKEs in general are zero-proof
> key exchanges that should not have any offline attack.
>
> But with WPA2; lots of attacks.
>
>
>

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.