Using PMK Hash for WPA/WPA2 high-speed cracking

This article describes how to create a Hash Based on the genpmk tool in Cowpatty, this is the final decision of the wireless security group of ZerOne security team after comparing the convenience and versatility of Aircrack-ng airolib-ng and related tools. For the convenience of everyone to learn, the following describes the basic wpa pmk Hash production method and the use of Hash in the WPA-PSK/WPA2-PSK cracking.

1. Create a Hash

The operation steps for the Windows version involved in the tool are exactly the same as those for the Linux version.

Specific steps: After Entering Linux Shell/Windows Command, use the genpmk tool to build a pre-computed Hash Table. here you need to specify the ESSID for the target. The Command is as follows:

Genpmk-f dictionary-d hash-s SSID

Parameter description:

-F keep up with the dictionary used here

-D: name of the Table file generated

-S ESSID of the target AP

2. Hash usage

Specific steps: After Entering Linux Shell/Windows Command, use the cowpatty tool to import the WPA pre-calculation Hash Table. Here, you still need to specify the ESSID for the target. The Command is as follows:

Cowpatty-d Hash-r *. cap-s SSID

Parameter description:

-D import wpa pmk Hash Table file name, which is dlink-birth.hash

-R: WPA handshake packet captured in advance

-S ESSID of the target AP

3. test data comparison

Test environment:

OS: Windows XP SP3

CPU: Intel dual-core T7100

Memory: 2.5 GB

In general dictionary mode, the average cracking rate is 57.28 keys/second, for example:

In WPA Hash Table mode, the average cracking rate is 71566.66 key/second, for example:

Through comparison, we can see that the cracking rate has increased by more than several times, but nearly 1300 times that of the past !! The above is the implementation and effect of the wpa pmk Hash Table used by Cowpatty.

4. test data comparison