Capture handshake with WiFite
Why WiFite instead of other guides that uses Aircrack-ng? Because we don’t have to type in commands..
Type in the following command in your Kali Linux terminal:
wifite –wpa
You could also type in
wifite wpa2
If you want to see everything, (wep, wpa or wpa2, just type the following command. It doesn’t make any differences except few more minutes
wifite
Once you type in following is what you’ll see.
So, we can see bunch of Access Points (AP in short). Always try to go for the ones with CLIENTS because it’s just much faster. You can choose all or pick by numbers. See screen-shot below
Awesome, we’ve got few with clients attached. I will pick 1 and 2 cause they have the best signal strength. Try picking the ones with good signal strength. If you pick one with poor signal, you might be waiting a LONG time before you capture anything .. if anything at all.
So I’ve picked 1 and 2. Press Enter to let WiFite do it’s magic.
Once you press ENTER, following is what you will see. I got impatient as the number 1 choice wasn’t doing anything for a LONG time. So I pressed CTRL+C to quit out of it.
This is actually a great feature of WIfite. It now asks me,
What do you want to do?
-
[c][/c]
ontinue attacking targets
[e]xit completely.
I can type in c to continue or e to exit. This is the feature I was talking about. I typed c to continue. What it does, it skips choice 1 and starts attacking choice 2. This is a great feature cause not all routers or AP’s or targets will respond to an attack the similar way. You could of course wait and eventually get a respond, but if you’re just after ANY AP’s, it just saves time.
And voila, took it only few seconds to capture a handshake. This AP had lots of clients and I managed to capture a handshake.
This handshake was saved in /root/hs/BigPond_58-98-35-E9-2B-8D.cap file.
Once the capture is complete and there’s no more AP’s to attack, Wifite will just quit and you get your prompt back.
Now that we have a capture file with handshake on it, we can do a few things.
Cleanup your cap file using wpaclean
Next step will be converting the .cap file to a format cudaHashcat or oclHashcat or Hashcat on Kali Linux will understand.
Here’s how to do it:
To convert your .cap files manually in Kali Linux, use the following command
wpaclean <out.cap> <in.cap>
Please note that the wpaclean options are the wrong way round. <out.cap> <in.cap> instead of <in.cap> <out.cap> which may cause some confusion.
In my case, the command is as follows:
wpaclean hs/out.cap hs/BigPond_58-98-35-E9-2B-8D.cap
Convert .cap file to .hccap format
We need to convert this file to a format cudaHashcat or oclHashcat or Hashcat on Kali Linux can understand.
To convert it to .hccap format with “aircrack-ng” we need to use the -J option
aircrack-ng <out.cap> -J <out.hccap>
Note the -J is a capitol J not lower case j.
In my case, the command is as follows:
aircrack-ng hs/out.cap -J hs/out
36 comments
what if the password is: ‘abc123efgh’ what mask is best to crack it.? Will ?l?d?l?d?l?d?l? be able to crack it??
:~/Desktop# oclhashcat -m 2500 /root/Desktop/12AC7F.hccap /root/Desktop/newrockyou.txt
oclHashcat v1.30 starting…
Device #1: Tahiti, 2904MB, 1100Mhz, 32MCU
STOP! Unsupported or incorrect installed GPU driver detected!
You are STRONGLY encouraged to use the official supported GPU driver for good reasons
See oclHashcat’s homepage for official supported GPU drivers
You can use –force to override this but do not post error reports if you do so
RADEON R9 280X gigabyte with installed drivers for pyrit.
any idea what is missing ?
You’ll never crack awpa password you dumb
What ?a missing is space character. Most passphrase contains space characters. Therefore, ?a will never be able to crack a very common passphrase which has a space character.
That means you just need to redo your mask.
when i try this commnad:- cudahashcat –help | grep WPA
Output will be …
bash: cudahashcat: command not found
help me!
If you have nvidea graphic cards it is cudahashcat but if you have AMD it is oclhashcat
when i try this commnad:- cudahashcat –help | grep WPA
Output will be …
bash: cudahashcat: command not found
help me!
You need to have root access. Try sudo command.
Try hashcat in stead of cudahashcat.
Hello everybody!
I would like to capture encrypted frames, but I can’t. Help me, please.
Used the commands:
ifconfig wlan0 down
iwconfig wlan0 mode monitor
ifconfig wlan0 up
airodump-ng –bssid 9c:d6:43:a8:9d:60 -c 4 -w test2015 wlan0
My pcap file show only control frames: Clear-to-send, ack; and beacon frames.
I would like capture a bit stream encrypted 1001110110101001 by data frames…. How can I do it?
Thank you very much.
Your explanation is way better than the shit they gave back in wiki.Thanks for your patience.Appreciate it.
Problem with Wiki is you get more than you ask for! I gave a very simple but working explanation. Once someone is used to that, they can start making complex ones.
Thanks for your compliment. Cheers,
-BMO
Sir, what is the difference between Mask attack and dictionary attack ?
THank you !
Great tutorial, I always revisit this tutorial.
Thanks for this guide. It is great as a primer. From here you can dive deeper to understand the working parts in more detail. Awesome work!
Can anyone help me eith issue with hashcat and cudahashcat64 i have all drivers installed correctly but hashcat is 1000 time faster than cudahashcat. to crack 8 letter including upercase and digits passwords takes 10 years in cudahashcat but when piped to pyrit using hahscat 1hr 12 Minutes the VGA driver is gtx760 and works with no errors.
Also running hashcat displays 42million words per second when crunching
But in cudahashcat it shows around 40,000 pks .
Hardware intel i7 4820k 16 Gb ram Nvidia gtx 760 1gb ram
Is this possible without an Nvidia or Amd graphic card ? because i am using an standard intel videocard hope ro hear you soon
Hi Stefan,
You can always use
hashcatinstead. Thanks,-BMO
When running the conversion from .cap to .hccap, I get a “Failed to create Hashcat capture file” error :(
Any help?
This video leads me here, just posting so you know that the tutorial works
Amazing tutorial! Thank you so much!
Is there any disadvantage using just hashcat instead of oclhashcat or cudahashcat ?
Hi first of all many thanks for taking the time for this tutorial.
I am currently stuck in that I try to use the cudahashcat command but the parameters set up for a brute force attack, but i get “bash: cudahashcat: command not found”.
I have followed the previous instructions and have my graphics card showing as a CUDA device when i use the pyrit list_cores command and also when running a benchmark.
My card is a GTX 970 and I am running on Kali 4.4.0 amd-64
Using “hashcat” works fine but I assume that it is not using my GPU.
Any help would be appreciated!
Thanks
Any device running a WN823N chip is confirmed on mon and injection.
With the command aircrack-ng I will always get this:
Opening hs/haha.cap
Read 0 packets.
No networks found, exiting.
Any sugestions what’s going on here?
By the way I’ve used wifite -wpa -cowpatty to got my Handshakes. This worked instandly. Maybe is this the failure, I don’t know.
hey ho%**
i got hashcat running nicely. i have a converted handshake file i want sorted but i want to know
how much faster is cudahashct? than regular hashcat?
salutation and supplications
Significantly.
Am getting this error as hashcat is starting
ERROR: clGetDeviceIDs () : -1 : CL_DEVICE_NOT_FOUND
Where could i have gone wrong? What is it exactly am I missing?
Thank in advance
I think the problem is with your graphics card driver. Make sure that’s up to date…
http://lists.alioth.debian.org/pipermail/pkg-nvidia-devel/2013-January/008420.html
i got this question, how fast, in keys per sec, is cudahashcat quicker than usual cpu hashcat?
many thanks and cranks
Hello,
I have same gpu gtx210. But i get this error: hashcat: this device local mem size is too small.
Sir …. I have intel HD Graphic cars what should I install???? Plzzzzz
Nothing required for Intel cards. It uses standard drivers.
Question, but not related to post
Would a D-Link DWA-125 work for kali linux as a wireless card?
windows.alert(“wdwe”)
“>alert();