Decrypting WPA2-PSK traffic using wireshark. WI FI Password, CAP file decryption Handshake decryption online

In this article we will look at decrypting WPA2-PSK traffic using wireshark. This will be useful when studying the various encryption protocols that are used in wireless networks. Below is the topology of the network under study.

Before we start capturing packets, we must know the channel on which our access point operates. Since my access point is a WLC 4400, I can get this information from the control panel. Otherwise, you can use the InSSIDer app and see what channel your access point is using and its SSID. I'm using 5GHz & so I'm giving the 802.11a summary below (If you want to analyze 2.4GHz then you should use the commands for the 802.11b protocol)

Next we just have to capture packets in our wireless network on channel CH 36 since my access point works on it. I use BackTrack with a USB adapter to capture packets, you will see details in the video below.

It's quite simple, you just need to change a few lines of code in the USB adapter configuration and enable the monitor interface for wireshark.

After you have completed the above operations, you can open the wireshark application and select the “mon0” interface to capture packets.

Here you can find an archive of packages that my adapter collected ( You can open the file with wireshark and check it yourself. If you analyze this file you can see “4-way handshake(EAPOL-Messages 1 to 4)” messages were sent after the Open Authentication phase was completed (Auth Request, Auth Response, Association Request, Association Response). After the 4 way handshake is completed, both the client and the access point begin to use encrypted packet transmission. From now on, all information transmitted on your wireless network is encrypted using CCMP/AES algorithms.

As you can see in the figure below, all data frames are encrypted and you cannot see the traffic in clear text. I took frame number 103 as an example.

Before we move on to decrypting these frames, it is very important to understand that you have correctly captured “4-way handshake messages” in your sniffer which we will decrypt using wireshark. If you were unable to capture the M1-M4 message successfully, wireshark will not be able to obtain all the keys to decrypt our data. Below I give an example where frames were not captured correctly during the “4-way handshake” process (This happened when I used the same USB adapter with Fluke WiFi Analyzer)

Next, go to “Edit -> Preferences -> Protocol -> IEEE 802.11”, here you need to select “Enable Decryption”. Then click on the “Decryption Keys” section and add your PSK by clicking on “New”. You must select the key type “wpa-pwd” and then add your PSK as text.

This is the 256bit PSK that was entered above:

I used a simple text password which you see below. You can also use a simple password (without your SSID name). In the case of wireshark it always tries to use the latest SSID, it is always a good practice to use

In my configuration I used the PSK “Cisco123Cisco123” in my SSID specification as “TEST1“. In this document you will find more details regarding these settings.

After that, click “Apply”

As you can see below, you can now see the traffic inside the data frames. Here is the same frame (103) you saw earlier in an encrypted format, but now wireshark is able to decrypt it.

Now if we look further we can see a client that receives an IP address via DHCP (DORA–Discover,Offer,Request,ACK) then registers CME (SKINNYprotocol) then establishes a voice call (RTP). Now we can analyze these packets in detail

This trick can be useful for you when you are analyzing the security of your PSK networks.

[Total votes: 16 Average: 2.9/5]

Last updated by at October 9, 2016.

Find out the wifi password (part 2). Cap file decryption, Linux and Windows method.

1. In the last article we talked about how to capture packets in which a password is encrypted. If everything worked out for you, then read how to decrypt and find out the password. This can be done further on Linux or you can transfer the file with the cap extension to Windows by installing the decryption software. I will talk about these 2 methods in this article.

Decrypting cap file in Linux

2. The method will be to select a password, first you need to download a file with a txt extension with passwords, there are many of them on the Internet.
3. Actually, everything is simple, launch the terminal and type the command:

Aircrack-NG-a2 -b -w [path to dictionary or Wordlist] /root/Desktop/*.cap

4. paste from the previous example when you scanned the BSSID of the router
5. [path to the dictionary or to Wordlist] specify the path to the dictionary downloaded from the Internet txt.

/root/Desktop/*.cap

6. This is the path to the files that we captured in the previous example and they need to be decrypted.
7. You should have something like this:

aircrack-ng –a2 –b 00:20:BF:E6:E4:D2 –w /root/password.txt /root/Desktop/*.cap

8. Click on the ENTER key and the process is started:
9. In square brackets I wrote “PASSWORD HERE”; in fact, you will have the decrypted Wi-Fi password there.
10. It is possible that the password will not be found due to the insufficient password file.

Decryption of cap file in WINDOWS:

11. If you decide to decrypt your password in Windows, then you need to download Aircrack-ng. I'll post the link at the bottom of the article.
12. We downloaded, launched and the principle is the same as above, only there is a graphical interface. If anyone doesn’t know how to launch and so on, how to work with Aircrack-ng, read below:
13. We go to the downloaded folder and find the bin folder in it, there we select the system bit depth x32 or x64, also a folder. If anyone does not know the system bit depth, read the article ""
14. In the folder corresponding to the bit level of your system, find the file Aircrack-ng GUI.exe and run it by double-clicking the left mouse button.
15. FileName: select the file with the cap extension that was captured in the first option when you scanned the connection.
16. Check the box next to wpa or wep, it depends on what encryption was enabled on the router.
17. Wordlist: Specify a file with passwords, it will have a txt extension
18. Press "Enter" and let's go decipher, or rather select a password, how powerful your computer is, the faster it will be at trying out passwords.
19. As you can see, it is not so difficult to open a wifi point, especially if it is AES. Not a big tip, always choose WPA-2/PSK for network encryption.

This article will talk about how to hack a Wi-Fi network with WPA/WPA2 encryption by intercepting a handshake. But first, the theory.

WPA/WPA2 theory

WPA (or WPA v1 as it is sometimes called) typically uses the TKIP encryption algorithm. TKIP was designed to enhance WEP encryption without requiring hardware modifications to work. WPA2 necessarily uses the AES-CCMP encryption algorithm, which is more powerful and secure than TKIP.

WPA and WPA2 allow you to use either EAS-bases authentication (RADIUS Server “Enterprise”) or Pre-Shared Key (PSK) “Personal”-based authentication.

WPA/WPA2 PSK encryptions are vulnerable to dictionary attacks. To carry out this attack, you must obtain 4-way WPA handshake between the wifi client and the access point (AP), as well as a dictionary containing a passphrase.

WPA/WPA2 PSK works like this: it is derived from the pre-session key, which is called Pairwise Transient Key (PTK). PTK, in turn, uses Pre-Shared Key and five other parameters - SSID, Authenticator Nounce (ANounce), Supplicant Nounce (SNounce), Authenticator MAC-address (Access point MAC address) And Suppliant MAC-address (Wi-Fi client MAC address). This key further uses encryption between the access point (AP) and the wifi client.

An attacker who is listening to the broadcast at this moment in time can intercept all five parameters (see the previous paragraph). The only thing that the villain does not own is the Pre-Shared key. Let's find out how the Pre-Shared key is created.

The Pre-Shared key is obtained/created by using the WPA-PSK passphrase that the user submits, along with the SSID. The combination of these two parameters is sent via Password Based Key Derivation Function (PBKDF2), which outputs the 256-bit shared key.

In a normal/typical WPA/WPA2 PSK dictionary attack, the attacker will use a dictionary with a program/tool. The program will output a 256-bit Pre-Shared Key for each passphrase and will use it with the other parameters that were described in creating the PTK. PTK will be used for verification Message Integrity Check (MIC) in one of the handshake packages. If they match, then the passphrase in the dictionary will be correct, otherwise it will be the opposite (incorrect). This is exactly how WPA/WPA2 PSK works.

Practice

Important:Don't forget that you need to choose the right wifi client! To do this, carefully look at the details of the supported chipsets. As a client I use ALFA AWUS036H.

Once the “right” hardware has been purchased/selected, we proceed to setting it up. First, let's run the airmon-ng command to find out what interfaces are available in the system:

A virtual interface has been created mon0, we will work with him.

Now we scan the air using airodump-ng:

$ sudo airodump - ng mon0

Since we are all “good”, we will test everything on our APs. In my case it's TestWireless. Let's switch to it:

$ sudo airodump - ng - w handshaketest - c 1 -- bssid BC : AE : C5 : 71 : D3 : 17 mon0

• -w– name of the dump file
• -c– channel number
• –bssid– MAC address of the access point

We see that a client is connected to the AP. This is what we need, because we know - Handshake interception is possible if and only if a client is connected to the AP.

Now leave the terminal window where it works airodump-ng open. Open a new window in which we write:

$ sudo aireplay - ng - 0 3 - a BC : AE : C5 : 71 : D3 : 17 - c 70 : F1 : A1 : 72 : b4 : 25 mon0

• -0 - deauthentication
• 3 — number of packages
• -a— MAC address of the access point (AP)
• -c— MAC address of the client to which deauthentication is applied

Deciphering the handshake- a difficult process and the reader has probably realized long ago that WPA hacking even with a high-quality handshake and straight hands of the attacker, it looks like roulette. It all depends on the initial complexity of the password. No one can guarantee a favorable outcome, but statistics make us happy and say that at least 20% of WPA networks are successfully hacked, so don’t despair, go ahead!

First you need to prepare a dictionary. WPA dictionary is a regular text file containing one possible password on each line. Considering the password requirements of the WPA standard, possible passwords must have at least 8 and no more than 63 characters and can only consist of numbers, upper and lower case Latin letters and special characters like!@#$%, etc. (by the way, this alphabet is considered quite extensive). The lower limit for the password length is clear, at least 8 characters and a period.

Well, from the top it’s not so simple. It is useless to crack a password of 63 characters using a dictionary, so it is quite reasonable to limit the maximum password length in the dictionary to 14-16 characters. A high-quality dictionary (for which a success rate of 20% is estimated) weighs more than 2 GB and contains about 250 million possible passwords with a length in the specified range of 8-16 characters. What should be included in these combinations of possible passwords to handshake decoding went without a hitch? Firstly, definitely, the entire eight-digit digital range, which, according to statistics, accounts for almost half of all disclosed passwords. After all, various dates fit perfectly into 8 digits, for example 05121988.

And a little more about dictionaries...

A full digital eight-digit number has 10^8 = 100 million combinations, which in itself is quite a lot. In addition, the basic dictionary of the hacker must necessarily include the words most often used as passwords, for example internet, password, qwertyuiop, names, etc., as well as their mutations with popular password extender suffixes (the sole leader in this area is of course the suffix 123). Those. If the diana password is too short to comply with the WPA standard, a resourceful user in most cases will add it to diana123, thereby increasing (in his experienced opinion) the password's secrecy. There are also several dozen such popular suffixes known.

If you're trying to assemble a dictionary yourself (what's the point? Everything was collected before us), you can Google the keywords wpa wordlist and download the ready-made dictionary. Don’t forget about targeting, because it would be quite naive to hope that handshake decoding It will go smoothly if we use the Chinese handshake according to the Russian dictionary and vice versa. You can also look for a suitable one on the Internet, since you can eat them whatever you want.

use crunch to generate various combinations from the basic set

aircrack-ng

Having prepared some kind of high-quality, in our not very experienced opinion, dictionary (for example wordlist.txt), we proceed to password selection, that is, to handshake decoding. Launch aircrack-ng with additional settings:

root@bt:~# aircrack-ng -e -b -w wordlist.txt testcap.cap

root@bt:~ #aircrack-ng -e -b -w wordlist.txt testcap.cap

And here is the result of our labors:



Our password was found in 3 seconds, wow!!!

In the screenshot above, aircrack-ng found the password (and it was the word dictionary) in just 3 seconds. To do this, he tried 3,740 possible passwords at a speed of 1,039 passwords per second. Everything would be fine, but here attentive the reader should be quite tense, because earlier we talked about a dictionary of 250 million possible passwords! And we divide 250*10^6 by 1039 and we get... CHO about 240 thousand seconds, which is 66 hours... Almost three days! This is exactly how long it will take your laptop to process a basic 2GB dictionary (completely, but everyone remembers the “Law of Meanness”). Such irresponsible time intervals are caused by the sluggish speed of calculations, dictated by the high computational complexity of the algorithms embedded in the WPA authentication procedure. What can we say about large dictionaries, for example, a full digital nine-digit character already contains 900 million combinations and will require a couple of weeks of calculations to make sure that (at a minimum) the password is not found)

Such a loser situation could not help but bother the inquisitive minds of our compatriots, and soon a solution was found. For streaming computing, GPUs, that is, video cards, were used. GPU (Graphic Processing Unit) - the heart of your 3D accelerator, has a chip with hundreds (and even thousands) of stream processors, which allows you to distribute multi-million but simple password hashing operations and thereby speed up the decryption process by orders of magnitude. In order not to be unfounded, I will say that the overclocked ATI RADEON HD 5870 is capable of reaching a speed of 100,000 passwords per second! A noticeable difference, isn't it?

decryption of handshake using GPU

Of course, such figures are typical only for top-end ATI RADEON adapters (NVIDIA, with its CUDA technology, is still frankly inferior to ATI in terms of WPA enumeration speed due to the obvious architectural advantages of the latter). But you have to pay for everything, a good video accelerator is expensive, and is usually found only among avid gamers, or otherwise - nerds.

As part of this article for beginners, I probably won’t delve into the jungle of setting up the ATI SDK and pyrit for Linux, I’ll just note that you’ll have to have sex for a long time and with high quality. And there are not so many owners of top-end Radeons with Nvidia, I think they will figure it out quite independently. Well, or Google it)

Paradoxically, Windows is best suited for guessing a WPA password using a GPU, yes, yes, that’s it). The fact is that video adapter drivers play a significant role in this process, the Windows versions of which developers pay much more attention to than drivers for Linux. After all, they focus on the needs of gamers. Do you know many people who like to play on a computer with Linux installed? Two programs can select a WPA password for Windows: the commercial Elcomsoft Wireless Security Auditor and the console utility hashcat-plus. We will consider the use of these particular programs further, and at the same time compare their characteristics, and talk about the pros and cons of both. Let's see at what speed it will happen handshake decoding under equal conditions, on the same system for both programs.

Having the latest working video card drivers in the system is a must. I won’t tell you how to install firewood on the video camera, since you’re here, I’m sure it’s a piece of cake for you.

Decoding the Elcomsoft Wireless Security Auditor handshake

EWSA can be found (and purchased) on the developers’ website - www.elcomsoft.com, just keep in mind that the free trial version, according to rumors, does not show the found password. On the Internet you can find broken versions of different quality, just don’t forget about the remorse that will torment you). Installing and configuring EWSA is elementary, you can immediately select the Russian language in the menu, in the GPU settings, make sure that your GPUs are visible to the program and selected by checkboxes (if the GPUs are not visible in the list, you clearly have a problem with the drivers), and also indicate to the program the paths to your dictionaries in the dictionary settings.



Click “Import data -> Import TCPDUMP file” and select the *.cap file with a handshake (the program will check them and offer to mark those that we want to attack), after which you can safely click “Launch attack -> Dictionary attack”:



Hmm... It could have been more fun))

In this test, EWSA showed a speed of only 135,000 passwords per second, although based on the hardware configuration I expected to see a figure of about four hundred thousand.

Decoding the EWSA handshake

Let's compare the work of EWSA with its truly free competitor - hashcat-plus. Download the full set of hashcat-gui from the author’s website and extract the archive to a convenient place, it’s portable. We launch hashcat-gui32.exe or hashcat-gui64.exe depending on the bitness of Windows and answer the first question which GPU we will use - NVidia (CUDA) or ATI RADEON (the CPU only option obviously will not suit us).

When the main program window loads, go to the oclHashcat-plus tab (or cudaHashcat-plus in the case of NVidia). There is one subtlety here - hashcat does not know how to parse EAPOL handshakes, it does not know how at all and does not know what it is. He requires you to give him WPA hashes “on a silver platter” in his own *.hccap format. You can convert regular *.cap to *.hccap using the patched aircrack-ng utility! The developer of hashcat has made a convenient online converter, just upload your *.cap file with a handshake there and specify the ESSID, if there is a handshake in the file, the *.hccap will be returned ready for attack. Well, if not, then there is no trial).

Let's move on - we indicate to the program our *.hccap file as the Hash file for the attack, add dictionary files to the Word lists window (you can use the arrows to set the desired order of their passage), select WPA/WPA2 as the Hash type and click on Start.

A console window should appear with the launch of the selected version of hashcat-plus and a bunch of parameters, and if everything is in order, the utility will start working. During the calculation process, you can display the current status by pressing the ‘s’ key. You can pause the process by pressing 'p' or interrupt it by pressing 'q'. If hashcat-plus suddenly finds the password, it will definitely show it to you..



The result is 392,000 passwords per second! And this agrees very well with the theoretical expected speed, based on the system configuration and pencil calculations.
This test convincingly shows that hashcat-plus is much more scalable when using multiple GPUs simultaneously. The choice is yours.

Handshake - in simple terms, a file that contains an encrypted password for a Wi-Fi network.

And here is a list of services that decrypt handshakes for free:

Aircloud-ng.me - a semi-free service that will run your handshake through 58 dictionaries, the number is certainly impressive, but the ones that don’t often include passwords are Russian-speaking users.
In order to send a file, just specify your email and select the appropriate cap/pcap handshake.
There is still a chance of finding the password on it, but it is close to zero.

wpa-sec.stanev.org - the service, which contains 18 popular dictionaries, very often helps because
contains quite good dictionaries, for example isider_pro_wpa, the full list of dictionaries can be found on the site itself. It often hangs, unable to withstand the flow of freeloaders, in which case the admin limits the brute force to only 2 dictionaries, but this happens temporarily when the server is freed up and supplies the rest of the dictionaries.

wpa-darkicop.org - It’s also a free service, but for some reason it hasn’t been working lately.
The run goes through the following dictionaries: Rainbow, CoW (1M), Openwall (3M), Insidepro (11M), Offensive security (39M)

From the free ones, I’ll also mention a couple of topics of the same name on other forums:

antichat - very often they help out, but what can they help out... they practically live with these handshakes, in the full sense of the word)
Post strictly according to the rules and you will find help. It happens that they run through phones and rare dictionaries that are not in the public domain, in many paid services and they don’t even do that. Probability of finding a pass: 60%
insider about - Also quite an old forum, there is a topic where they help you find a pass, but it is slowly becoming covered with cobwebs.

Paid:

onlinehashcrack.com - To be honest, I used it several times, at first it was free, now only for money, on average 3-4 $ per found password. It is unknown what dictionaries it contains, I tried to find out, contact the site administrator, but to no avail, I never received an answer. Finds only banal dates of birth and English words.

xsrc.ru - I’ll say one thing about it, about 4 months ago I downloaded a handshake from a waffle, whose password is a regular RU phone number, this service did not find this password, it often finds simple 8-digit passes, dates of birth, the list of dictionaries is not known to me.

cloudcracker.com- as stated in the advertisement, it runs 300,000,000 words in 20 minutes, there are 3 dictionaries to choose from (english, 2wire, phone numbers) where you can select the number of words that will be brute. The dictionaries are tailored more to us-en countries; the price for decryption can reach up to $136, depending on how many lines of words you choose, and you have to pay regardless of whether the service finds the password or not.

gpuhash.me - Quite a high-quality service, contains many different dictionaries, passwords that are actually often set, focused on ru and us passwords. There is a free run through the basic dictionary.

airslax.com- service from the author of the airslax distribution, the price for 1 found password is 5usd. Checks handshake against standard dictionaries of numbers, mobile phones of Ukraine and Russia.

pwaudit.com -It looks pretty good and is very convenient, you can view detailed statistics of the brute, by the way it supports a large number of types of hashes. Currently, the database contains 9TB of rainbow tables and more than 15GB of “clean” passwords