Posted By
occupytheweb 2451 last month
Follow
42 42 42
Kudos
Welcome, my hacker novitiates!
As part of my series on hacking Wi-Fi, I want to demonstrate another excellent piece of hacking software for cracking WPA2-PSK passwords. In my last post, we cracked WPA2 using aircrack-ng. In this tutorial, we'll use a piece of software developed by wireless security researcher Joshua Wright called cowpatty (often stylized as coWPAtty). This app simplifies and speeds up the dictionary/hybrid attack against WPA2 passwords, so let's get to it!
Step 1: Find the Cowpatty
Cowpatty is one of the hundreds of pieces of software that are included in the BackTrack suite of software. For some reason, it was not placed in the /pentest/wireless directory, but instead was left in the /usr/local/bin directory, so let's navigate there.
• cd /usr/local/bin
Because cowpatty is in the /usr/local/bin directory and this directory should be in your PATH, we should be able to run it from any directory in BackTrack.
Step 2: Find the Cowpatty Help Screen
To get a brief rundown of the cowpatty options, simply type:
• cowpatty
BackTrack will provide you a brief help screen. Take a note that cowpatty requires all of the following.
• a word list
• a file where the password hash has been captured
• the SSID of the target AP
Step 3: Place the Wireless Adapter in Monitor Mode
Just as in cracking with aircrack-ng, we need to put the wireless adapter into monitor mode.
• airmon-ng start wlan0
Step 4: Start a Capture File
Next, we need to start a capture file where the hashed password will be stored when we capture the 4-way handshake.
• airodump-ng --bssid 00:25:9C:97:4F:48 -c 9 -w cowpatty mon0
This will start a dump on the selected AP (00:25:9C:97:4F:48), on the selected channel (-c 9) and save the the hash in a file named cowcrack.
Step 5: Capture the Handshake
Now when someone connects to the AP, we'll capture the hash and airdump-ng will show us it has been captured in the upper right-hand corner.
Step 6: Run the Cowpatty
Now that we have the hash of the password, we can use it with cowpatty and our wordlist to crack the hash.
• cowpatty -f /pentest/passwords/wordlists/darkc0de.lst -r /root/cowcrack-01.cap -s Mandela2
As you can see in the screenshot above, cowpatty is generating a hash of every word on our wordlist with the SSID as a seed and comparing it to the captured hash. When the hashes match, it dsplays the password of the AP.
Step 7: Make Your Own Hash
Although running cowpatty can be rather simple, it can also be very slow. The password hash is hashed with SHA1 with a seed of the SSID. This means that the same password on different SSIDs will generate different hashes. This prevents us from simply using a rainbow table against all APs. Cowpatty must take the password list you provide and compute the hash with the SSID for each word. This is very CPU intensive and slow.
Cowpatty now supports using a pre-computed hash file rather than a plain-text word file, making the cracking of the WPA2-PSK password 1000x faster! Pre-computed hash files are available from the Church of WiFi, and these pre-computed hash files are generated using 172,000 dictionary file and the 1,000 most popular SSIDs. As useful as this is, if your SSID is not in that 1,000, the hash list really doesn't help us.
In that case, we need to generate our own hashes for our target SSID. We can do this by using an application called genpmk. We can generate our hash file for the "darkcode" wordlist for the SSID "Mandela2" by typing:
• genpmk -f /pentest/passwords/wordlists/darkc0de.lst -d hashes -s Mandela2
Step 8: Using Our Hash
Once we have generated our hashes for the particular SSIDs, we can then crack the password with cowpatty by typing:
• cowpatty -d hashfile -r dumpfile -s ssid
Stay Tuned for More Wireless Hacking Guides
Keep coming back for more on Wi-Fi hacking and other hacking techniques! Haven't seen the other Wi-Fi hacking guides yet? Check them out here. If you have questions on any of this, please ask them in the comments below. If it's something unrelated, try asking in the Null Byte forum.
Friday, 25 October 2013
How to Hack Wi-Fi: Cracking WPA2-PSK Passwords with Cowpatty
Posted By
occupytheweb 2451 last month
Follow
42 42 42
Kudos
Welcome, my hacker novitiates!
As part of my series on hacking Wi-Fi, I want to demonstrate another excellent piece of hacking software for cracking WPA2-PSK passwords. In my last post, we cracked WPA2 using aircrack-ng. In this tutorial, we'll use a piece of software developed by wireless security researcher Joshua Wright called cowpatty (often stylized as coWPAtty). This app simplifies and speeds up the dictionary/hybrid attack against WPA2 passwords, so let's get to it!
Step 1: Find the Cowpatty
Cowpatty is one of the hundreds of pieces of software that are included in the BackTrack suite of software. For some reason, it was not placed in the /pentest/wireless directory, but instead was left in the /usr/local/bin directory, so let's navigate there.
• cd /usr/local/bin
Because cowpatty is in the /usr/local/bin directory and this directory should be in your PATH, we should be able to run it from any directory in BackTrack.
Step 2: Find the Cowpatty Help Screen
To get a brief rundown of the cowpatty options, simply type:
• cowpatty
BackTrack will provide you a brief help screen. Take a note that cowpatty requires all of the following.
• a word list
• a file where the password hash has been captured
• the SSID of the target AP
Step 3: Place the Wireless Adapter in Monitor Mode
Just as in cracking with aircrack-ng, we need to put the wireless adapter into monitor mode.
• airmon-ng start wlan0
Step 4: Start a Capture File
Next, we need to start a capture file where the hashed password will be stored when we capture the 4-way handshake.
• airodump-ng --bssid 00:25:9C:97:4F:48 -c 9 -w cowpatty mon0
This will start a dump on the selected AP (00:25:9C:97:4F:48), on the selected channel (-c 9) and save the the hash in a file named cowcrack.
Step 5: Capture the Handshake
Now when someone connects to the AP, we'll capture the hash and airdump-ng will show us it has been captured in the upper right-hand corner.
Step 6: Run the Cowpatty
Now that we have the hash of the password, we can use it with cowpatty and our wordlist to crack the hash.
• cowpatty -f /pentest/passwords/wordlists/darkc0de.lst -r /root/cowcrack-01.cap -s Mandela2
As you can see in the screenshot above, cowpatty is generating a hash of every word on our wordlist with the SSID as a seed and comparing it to the captured hash. When the hashes match, it dsplays the password of the AP.
Step 7: Make Your Own Hash
Although running cowpatty can be rather simple, it can also be very slow. The password hash is hashed with SHA1 with a seed of the SSID. This means that the same password on different SSIDs will generate different hashes. This prevents us from simply using a rainbow table against all APs. Cowpatty must take the password list you provide and compute the hash with the SSID for each word. This is very CPU intensive and slow.
Cowpatty now supports using a pre-computed hash file rather than a plain-text word file, making the cracking of the WPA2-PSK password 1000x faster! Pre-computed hash files are available from the Church of WiFi, and these pre-computed hash files are generated using 172,000 dictionary file and the 1,000 most popular SSIDs. As useful as this is, if your SSID is not in that 1,000, the hash list really doesn't help us.
In that case, we need to generate our own hashes for our target SSID. We can do this by using an application called genpmk. We can generate our hash file for the "darkcode" wordlist for the SSID "Mandela2" by typing:
• genpmk -f /pentest/passwords/wordlists/darkc0de.lst -d hashes -s Mandela2
Step 8: Using Our Hash
Once we have generated our hashes for the particular SSIDs, we can then crack the password with cowpatty by typing:
• cowpatty -d hashfile -r dumpfile -s ssid
Stay Tuned for More Wireless Hacking Guides
Keep coming back for more on Wi-Fi hacking and other hacking techniques! Haven't seen the other Wi-Fi hacking guides yet? Check them out here. If you have questions on any of this, please ask them in the comments below. If it's something unrelated, try asking in the Null Byte forum.
PKS How do I locate the MAC address of my computer?
up vote 60 down vote favorite
14 I am unable to locate the MAC address in a new computer with Windows 7. I've tried ipconfig /all in the console to which I got no items match your search. I also tried getmac. A screen flashed very briefly with what appeared to be the information, but it was not there long enough to read.
windows-7 windows command-line mac-address
share|improve this question
edited Feb 24 '12 at 22:09
Tom Wijsman
36.3k1397170 asked Nov 7 '09 at 1:49
Alibarsdad
5 Answers
active oldest votes
up vote 82 down vote accepted You have probably typed that into the Start Menu search dialog, which does execute the command but doesn't show it as the command prompt window disappears as soon as the command has been executed. This is the normal bahavior of command prompt applications, they close as soon as it is done.
In order for the command prompt to stay, you have to run those commands through the command prompt. The command prompt doesn't disappear after execution of a program; so, you can see the output as a result.
1. Click the Start Button or press the Windows key.
2. In the start menu search, type cmd.
3. Hit Enter to execute the command prompt, or click on the cmd entry that appears.
4. Type in ipconfig /all or getmac and it should execute both commands and the window will remain open such that you can see the output.
Note: getmac is great for just mac addresses ipconfig is good for ip addresses and ipconfig /all is great for IP address and a lot of other useless info (like unused connections)
to use getmac
1. type cmd in the search box and press enter or run window (windows logo + r)
2. then type getmac (no ipconfig necessary, in fact that wont work) and let it run (it may take a few seconds to rertrieve the info)
if you use ipconfig and ipconfig dose not have enough info use ipconfig /all
share|improve this answer
edited Feb 1 at 3:25
Community♦
1 answered Nov 7 '09 at 1:54
John T
97.6k9173223
up vote 30 down vote A simple way to get the MAC address(es) of your network adapter(s):
On a command prompt type
getmac
Example:
share|improve this answer
edited Aug 11 '11 at 6:55
8088
6,76382646 answered Jan 11 '10 at 8:51
splattne
8,58063965
2
+1. I was not aware about this one. I always use ipconfig /all, but this is a lot easier. – JordyOnrust Feb 21 '10 at 21:59
1
I think that the ethernet address will typically be first, and the wifi address will typically be second. – Clinton Blackmore Sep 1 '10 at 21:35
9
Also, if you use getmac /v then it will show the name of the adapter and the connection state. Much easier if you have multiple network adapters, especially if you have some virtual ones from virtual machine software. – TuxRug Oct 10 '10 at 23:40
Does it work for interfaces that aren't connected? For some reason (or unreason ;-p), ipconfig never shows me the MACs of interfaces that are not connected. This may be the solution I'm looking for. – James Haigh Jun 19 at 19:46
up vote 23 down vote For Windows Vista and Windows 7, in the control panel:
Open the Network and Sharing Center > Local Area Connection > Details > Physical Address.
share|improve this answer
edited Feb 24 '12 at 22:10
Tom Wijsman
36.3k1397170 answered Nov 7 '09 at 4:13
Molly7244
Annoyingly only accessible when connected, as is the MAC from ipconfig – a pain when I need the MAC of windows machines before they connect. – James Haigh Jun 19 at 19:46
up vote 8 down vote You can also locate the MAC address using VBScript:
strComputer = "."
Set objWMIService = GetObject("winmgmts:" _
& "{impersonationLevel=impersonate}!\\" & strComputer & "\root\cimv2")
Set colItems = objWMIService.ExecQuery("Select MACAddress from Win32_NetworkAdapter where DeviceID=1")
For Each objItem in colItems
Wscript.Echo "MAC Address: " & objItem.MACAddress
Next
share|improve this answer
edited Oct 10 '10 at 22:40
Peter Mortensen
4,71873356 answered Nov 7 '09 at 6:29
user31894
1,32745
3
getmac does the same thing and is built into Windows. – MDMarra Nov 9 '09 at 12:07
8
that's not called reinventing the wheel. That's called "there are many ways to do things". vbscript works almost in every version of windows , including Win9x. getmac is not available in every version. – user31894 Nov 10 '09 at 1:38
Well, it's a Window 7 question, so why bother writing a whoooole script when you can just type a command? – TFM May 22 '10 at 10:03
@TFM: Because the script can give you the MAC address only, while getmac requires output parsing... – Tom Wijsman Feb 24 '12 at 22:11
2
@TFM: That and WMI can be used over the network natively, without having to "reinvent the wheel" with SSH/psexec/WS-Remoting. Just change strComputer. – grawity Feb 24 '12 at 22:13
up vote 4 down vote You can use the Get-NetAdapter PowerShell cmdlet.
It displays a nice table that identify each network interface with its MAC address.
Monday, 1 October 2012
Tuesday, 14 August 2012
Wednesday, 18 April 2012
Friday, 23 March 2012
Monday, 20 February 2012
Friday, 3 February 2012
Laser Printer & adopter
A laser printer is a common type of computer printer that rapidly produces high quality text and graphics on plain paper. As with digital photocopiers and multifunction printers (MFPs), laser printers employ a xerographic printing process but differ from analog photocopiers in that the image is produced by the direct scanning of a laser beam across the printer's photoreceptor.Laser Printer A laser printer is a common type of computer printer that produces high quality printing, and is able to produce both text and graphics.The process is very similar to the type of dry process photocopier first produced by Xerox. Indeed, the first laser printer was created by Xerox researcher Gary Starkweather by modifying a Xerox copier in 1971. Laser printing eventually became a multibillion-dollar business for Xerox.
Monday, 30 January 2012
facebook acount
How to Hack a Facebook Account?
Facebook is one of the most popular social networking sites, boasting about 800 million users. Though there cannot be any monetary gain with how to hack facebook account, there are many who are interested to know how to hack a facebook account for several reasons. Though there are different ways how to hack a facebook account, the most common methods are listed below:
Phishing: This is by far the most successful and widely used method to hack facebook accounts. With this method, users are sent fake facebook login pages. When a user mistakes it to be facebook site and tries to login, it shows an error as Invalid User Name / Password and sometimes, it will just route to real facebook page after login details are entered. Once the user enters login details, it is then sent to the person who created the Phishing page. The data is then used to take control of the user account.
Key Logger: Key Loggers are programs that monitor every activity, when installed in a system. If a person has physical access to the system used by the person they intend to hack, then they just need to install the keylogger and get the details for taking control of the facebook account. Otherwise, it can be a little tough cookie to crack.
Firesheep: This is a firefox plugin. When a person logs in from a public wireless network to facebook account, it is easier to hack the account with this Mozilla plugin.
Primary E Mail Address: If a person knows the primary email id of the person’s account they are intending to hack, hacking that e-mail account and then using forgot password option would do the trick.
Facebook Forgot Password Option: In case the person’s account you are intending to hack is well known to you, then just using forgot password link for entering personal details, choosing primary address is hacked and giving alternate id will work wonders. However, here the key to make this method work is by giving right personal information. This is only possible when the victim is well known.
Software: There are few software programs that help with hacking a facebook account, upon installation. This is an easier way to hack a facebook account.
Over all, though facebook is known for its security measures, it is also the site that is prone to attacks from hackers. Thus, hacking into facebook accounts will not be a problem, when the person can follow simple instructions. Phishing pages are readily available and it would not be difficult for a person to find a template and use it. This is also a method that is highly successful.
Subscribe to:
Comments (Atom)