This guide is about cracking or brute-forcing WPA/WPA2 wireless encryption protocol using one of the most infamous tool named hashcat. A Tool perfectly written and designed for cracking not just one, but many kind of hashes. About hashcat, it supports cracking on GPU which make it incredibly faster that other tools. We will learn about cracking WPA/WPA2 using hashcat. I have similar problem, although I didn't manage to decrypt any wpa/wpa2 traffic so far in wireshark. Same as above it don't let me go beyond 802.11 level and I'm 100% sure in key and its format. All FCSs are good or workable states. To crack cap file I use airdecap-ng from aircrack-ng suite and then re-upload them back in wireshark. Using wireshark for packet capture on wireless network. How to obtain IP address of wifi access point on different subnet? Does dumpcap's -k option work in Windows (using AirPcap)? All Packets Malformed in Network Monitor 802.11 capture. Wireshark with external custom board. Unable to decrypt Wifi data. Missing 802.11 adapter. Here we’re going to show capturing WPA/WPA2 handshake steps (.cap), continuing with explanations related to cracking principles.We’ll go through the process step by step, with additional explanations on how things work, which WiFi keys are generated and how, using captured handshake to manually crack/calculate MIC in EAPol Frames (using WireShark and custom Python code).

1. Using Wireshark To Crack Wpa2 With Windows 8.1
2. How To Crack Wpa2 Psk
3. Using Wireshark To Crack Wpa2 With Windows Xp
4. Wpa2 Crack Tools
5. Using Wireshark To Crack Wpa2 With Windows 10

Wireshark, a network analysis tool formerly known as Ethereal, captures packets in real time and display them in human-readable format. Wireshark includes filters, color-coding and other features that let you dig deep into network traffic and inspect individual packets.

This tutorial will get you up to speed with the basics of capturing packets, filtering them and inspecting them. You can use Wireshark to inspect a suspicious program’s network traffic, analyze the traffic flow on your network or troubleshoot network problems.

Getting Wireshark

In this tutorial I will tell you how to crack wpa/wpa2 wi-fi in kali linux using aircrack-ng. To do this, first you should install kalinux or you can use live kali linux. To crack Wi-Fi, first, you need a computer with kali linux and a wireless card which supports monitor/injection mode.

You can download Wireshark for Windows or Mac OS X from its official website. If you’re using Linux or another UNIX-like system, you’ll probably find Wireshark in its package repositories. For example, if you’re using Ubuntu, you’ll find Wireshark in the Ubuntu Software Center.

Just a quick warning: Many organizations don’t allow Wireshark and similar tools on their networks. Don’t use this tool at work unless you have permission.

Capturing Packets

After downloading and installing Wireshark, you can launch it and click the name of an interface under Interface List to start capturing packets on that interface. For example, if you want to capture traffic on the wireless network, click your wireless interface. You can configure advanced features by clicking Capture Options, but this isn’t necessary for now.

As soon as you click the interface’s name, you’ll see the packets start to appear in real time. Wireshark captures each packet sent to or from your system. If you’re capturing on a wireless interface and have promiscuous mode enabled in your capture options, you’ll also see other the other packets on the network.

Click the stop capture button near the top left corner of the window when you want to stop capturing traffic.

Color Coding

You’ll probably see packets highlighted in green, blue and black. Wireshark uses colors to help you identify the types of traffic at a glance. By default, green is TCP traffic, dark blue is DNS traffic, light blue is UDP traffic and black identifies TCP packets with problems — for example, they could have been delivered out-of-order.

Using Wireshark To Crack Wpa2 With Windows 8.1

Sample Captures

If there’s nothing interesting on your own network to inspect, Wireshark’s homepage wiki has you covered. The wiki contains a page of sample capture files that you can load and inspect.

Opening a capture file is easy; just click Open on the main screen and browse for a file. You can also save your own captures in Wireshark and open them later.

Filtering Packets

If you’re trying to inspect something specific, such as the traffic a program sends when phoning home, it helps to close down all other applications using the network so you can narrow down the traffic. Still, you’ll likely have a large amount of packets to sift through. That’s where Wireshark’s filters come in.

The most basic way to apply a filter is by typing it into the filter box at the top of the window and clicking Apply (or pressing Enter). For example, type “dns” and you’ll see only DNS packets. When you start typing, Wireshark will help you autocomplete your filter.

You can also click the Analyze menu and select Display Filters to create a new filter.

Another interesting thing you can do is right-click a packet and select Follow TCP Stream.

You’ll see the full conversation between the client and the server.

Close the window and you’ll find a filter has been applied automatically — Wireshark is showing you the packets that make up the conversation.

How To Crack Wpa2 Psk

Inspecting Packets

Click a packet to select it and you can dig down to view its details.

You can also create filters from here — just right-click one of the details and use the Apply as Filter submenu to create a filter based on it.

Wireshark is an extremely powerful tool, and this tutorial is just scratching the surface of what you can do with it. Professionals use it to debug network protocol implementations, examine security problems and inspect network protocol internals.

We all know we can use aircrack-ng to run a wordlist attack to crack WPA/WPA2, in this article I’m going to show you how to do the same using a tool called HashCat, and compare its speed with aircrack-ng.

The advantage of using HashCat is unlike aircrack-ng which uses the CPU to crack the key, HashCat uses the GPU, this makes the cracking process MUCH faster (results below).

Installing & using Hashcat

1. First you need to download Hashcat from https://hashcat.net/hashcat/
2. Navigate to the location where you downloaded it, and unzip it, personally I like to use 7zip.
3. Open the Command Prompt (go to windows search and type cmd).
4. Navigate to your Hashcat folder where it’s unzipped.
5. Type hashcat32.exe or hashcat64.exe depending on the architecture of your CPU.
6. In order to use the GPU, you need to get its id using the following command

mine is #3. Then you need to use the hash type which is 2500 for WPA, I do recommend using

to get familiar with the tool.

To specify device use the -d argument and the number of your GPU.
The command should look like this in end

Example:

Where Handshake.hccapx is my handshake file, and eithdigit.txt is my wordlist, you need to convert cap file to hccapx using https://hashcat.net/cap2hccapx/

Results:

Test1: Using HashCat, with Asus GTX 1080 OC edition which has GPU Boost Clock with 1936 MHz, total GB ram of 8 Gigabytes, and Cuda cores 2560.
CUDA = Computing performance Boost Clock = Increases the Clock speed.

Using Wireshark To Crack Wpa2 With Windows Xp

Hashcat took 4 mins, 45secs to reach the end of the wordlist and crack the handshake with a wordlist of 100,000,000 passwords.

Wpa2 Crack Tools

Test 2:Using Aircrack-ng on Kali installed as main operating system with is i7-7700k CPU – base clock of 4.20, turbo clock 4.50Ghz with 4 cores and 8 threads, it would take 4 hours 22 minutes 14 seconds try all the passwords in the wordlist.

Using Wireshark To Crack Wpa2 With Windows 10

Test 3: Kali installed as a virtual machine, in this case it would take 11 hours, 31 minutes and 40 seconds to try all passwords in the wordlist!

Resources: