防范Cowpatty for Windows的主要:
"coWPAtty is designed to audit the pre-shared key (PSK) selection for WPA networks based on the TKIP protocol." - Joshua Wright. “防范Cowpatty设计审核预共享密钥(PSK)网络选择WPA协议基于TKIP的。” -约书亚赖特。
Project Homepage: 项目主页:
Local Mirror: MD5: aa9ead2aacfcc493da3684351425d4c6本地镜像: 的MD5:aa9ead2aacfcc493da3684351425d4c6
coWPAtty Dictionary Attack
防范Cowpatty字典
攻击 Precomputing WPA PMK to crack WPA PSK 预计算的WPA破解的WPA的PSK胡椒基甲基酮
coWPAtty Precomputed WPA Attack 防范Cowpatty预计算WPA的攻击
coWPAtty Recomputed WPA2 Attack 防范Cowpatty重新计算WPA2的攻击
coWPAtty Tables 防范Cowpatty表
c oWPAtty Usage:
ç oWPAtty用法:
coWPAtty Dictionary Attack: 防范Cowpatty字典攻击:快波
To perform the coWPAtty dictionary attack we need to supply the tool with a capture file that includes the TKIP four-way handshake, a dictionary file of passphrases to guess with and the SSID for the network.要执行防范Cowpatty字典攻击,我们需要提供网络的工具捕获文件,其中包括TKIP的四向握手字典文件,一个口令猜测与和的SSID。 In order to collect the four-way handshake you can either wait until a client joins the network or preferably you can force it to rejoin the network using tools like void11 or aireplay and capture the handshakes using something like kismet, ethereal or airodump.为了收集的4次握手你可以等待,直到客户端加入网络或最好你能迫使它重新加入网络使用
aireplay void11或工具,如握手,并捕获使用克斯梅特是像这样的空灵或airodump中。
cowpatty -f dict -r wpapsk-linksys.dump -s linksys 防范Cowpatty - F座的dict - R的wpapsk - linksys.dump - S的Linksys公司
As you can see this simple dictionary attack took 51 seconds, we can speed up this process by precomputing the WPA-PMK to crack the WPA-PSK (see below).正如你可以看到这个简单的字典攻击了51秒,我们可以加快这一进程,预计算的PSK的WPA -胡椒基甲基酮破解WPA的(见下文)。
wpapsk-lin is the capture containing the four-way handshake 是捕获包含4路握手
dict is the password file dict的是密码文件
linksys is the network SSID Linksys公司是网络的SSID
Precomputing WPA PMK to crack WPA PSK: 调节杆预计算的WPA破解的WPA的PSK胡椒基甲基酮:
genpmk is used to precompute the hash files in a similar way to Rainbow tables is used to pre-hash passwords in Windows LANMan attacks. There is a slight difference however in WPA in that the SSID of the network is used as well as the WPA-PSK to "salt" the hash. This means that we need a different set of hashes for each and every unique SSID ie a set for "linksys" a set for "tsunami" etc. genpmk用于预先计算哈希表文件以类似的方式,以彩虹是用来在Windows兰曼袭击前的哈希密码。有一个略有不同的WPA但是在该网络的SSID的使用以及WPA的云芝多糖为“盐”的哈希。这意味着,我们需要“等”海啸一套不同的哈希每一个独特的SSID即设置“为”Linksys的一集
So to generate some hash files for a network using the SSID cuckoo we use:因此,要产生一些哈希文件1使用网络使用的SSID杜鹃,我们:
genpmk -f dict -d linksys.hashfile -s linksys genpmk - F座dict的三维linksys.hashfile - S的Linksys公司
dict is the password file dict的是密码文件
is our output file 是我们的输出文件
linksys is the network ESSID Linksys公司是网络的ESSID
coWPAtty Precomputed WPA Attack: 狐狸之歌防范Cowpatty预计算WPA的攻击:
Now we have created our hash file we can use it against any WPA-PSK network that is utilising a network SSID of cuckoo. Remember the capture (wpa-test-01.cap) must contain the four-way handshake to be successful.智能建筑与智慧城市现在,我们已经创造了哈希文件,我们可以使用它杜鹃对任何WPA - PSK和网络,这是一个利用网络的SSID。记住捕获(WPA的试验01.cap)必须包含4次握手是成功的。
cowpatty -d linksys.hashfile -r wpapsk-linksys.dump -s linksys 防范Cowpatty三维linksys.hashfile - R的wpapsk - linksys.dump - S的Linksys公司
is the capture containing the four-way handshake 是捕获包含4路握手
are our precomputed hashes 是我们预先计算哈希
linksys is the network ESSID Linksys公司是网络的ESSID
Notice that cracking the WPA-PSK took 0.04 seconds with the pre-computed attacked as opposed to 己二腈200 seconds with standard dictionary attack mode, albeit you do need to pre-compute the hash files prior to the attack. However, precomputing large hash files for common SSIDS (eg linksys, tsunami) would be a sensible move for most penetration testers.请注意,破解WPA - PSK和采取与预先计算的攻击,而不是字典攻击模式,以200秒的标准,尽管你需要预先计算哈希文件之前攻击。然而,预计算大文件哈希常见的SSID(例如Linksys公司,海啸)将是一个渗透测试的最明智的举措。
coWPAtty Precomputed WPA2 Attack: 防范Cowpatty预计算WPA2的攻击:
coWPAtty 4.0 is also capable of attacking WPA2 captures. Note: The same hash file as was used with the WPA capture was also used with the WPA2 capture.防范Cowpatty 4.0也能够捕获攻击的WPA2。注:同哈希文件作为被捕捉用于捕获的WPA也使用与WPA2。
cowpatty -d linksys.hashfile -r wpa2psk-linksys.dump -s linksys 防范Cowpatty三维linksys.hashfile - R的wpa2psk - linksys.dump - S的Linksys公司
is the capture containing the four-way handshake 是捕获包含4路握手
dict短时傅里叶变换 is the password file dict的是密码文件
linksys is the network SSID Linksys公司是网络的SSID
coWPAtty Tables: 防范Cowpatty表:
The Church of Wifi have produced some lookup tables for 1000 SSID's computed against a 170,000 word password file . The resultant table are approximately 7 Gigabytes in size and can be downloaded via Torrent: WiFi的教会产生查表的SSID为约1000的计算机对一个17万字的密码文件 。由此产生的表是约 700 千兆字节大小,可通过下载激流:
