lasertooth / cowpatty Goto Github PK
View Code? Open in Web Editor NEWThis project forked from roobixx/cowpatty
Git Repo of CoWPAtty
License: GNU General Public License v2.0
This project forked from roobixx/cowpatty
Git Repo of CoWPAtty
License: GNU General Public License v2.0
### This is just a holding for the CoWPAtty code. coWPAtty - Brute-force dictionary attack against WPA-PSK. Copyright(c) 2004, Joshua Wright <[email protected]> $Id: README,v 1.2 2004/11/02 11:49:03 jwright Exp $ -------------------------------------------------------------------------------- INTRO Right off the bat, this code isn't very useful. The PBKDF2 function makes 4096 SHA-1 passes for each passphrase, which takes quite a bit of time. On my Pentium II development system, I'm getting ~4 passphrases/second. The SHA-1 code I'm using has been optimized to the best of my ability (which isn't saying that much), but I doubt if it would be possible to optimize it such that the tool experiences an exponential performance increase. However, if you are auditing WPA-PSK networks, you can use this tool to identify weak passphrases that were used to generate the PMK. Supply a libpcap capture file that includes the 4-way handshake, a dictionary file of passphrases to guess with, and the SSID for the network: $ ./cowpatty -r eap-test.dump -f dict -s somethingclever coWPAtty 2.0 - WPA-PSK dictionary attack. <[email protected]> Collected all necessary data to mount crack against passphrase. Loading words into memory, please be patient ... Done (10201 words). Starting dictionary attack. Please be patient. [1000] [2000] [3000] [4000] The PSK is "family movie night". 4087 passphrases tested in 59.05 seconds: 69.22 passphrases/second $ The files "dict" and "eap-test.dump" are included with this distribution for testing purposes. This tool can also accept dictionary words from STDIN, allowing us to utilize a tool such as John the Ripper to create lots of word permutations from a dictionary file: $ john -wordfile:dictfile -rules -session:johnrestore.dat -stdout:63 | \ cowpatty -r eap-test.dump -f - -s somethingclever In the default configuration of John the Ripper, common permutations of dictionary words will be sent as potential passwords to coWPAtty. For example, here is a list of the words John will create from the input word "password": jwright@mercury:~$ echo password >word jwright@mercury:~$ john -session:/tmp/delme -wordfile:word -rules -stdout password Password passwords password1 Password1 drowssap 1password PASSWORD password2 password! password3 password7 password9 password5 password4 password8 password6 password0 password. password? psswrd drowssaP Drowssap passworD 2password 4password Password2 Password! Password3 Password9 Password5 Password7 Password4 Password6 Password8 Password. Password? Password0 3password 7password 9password 5password 6password 8password Passwords passworded passwording Passworded Passwording words: 49 time: 0:00:00:00 100% w/s: 49.00 current: Passwording jwright@mercury:~$ John the Ripper is available at http://www.openwall.com/john/. REFERENCE See Robert Moskowitz's paper "Weakness in Passphrase Choice in WPA Interface" for more information on WPA-PSK attacks at http://wifinetnews.com/archives/002452.html. THANKS My sincere thanks to dragorn for merging in the assembly SHA1 code, and to Randy Chou for advice on optimizing the pbkdf2 function. QUESTIONS, COMMENTS, CONCERNS Please contact [email protected] with any questions, comments or concerns. My PGP key is located at http://home.jwu.edu/jwright/pgpkey.htm.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.