Description: Welcome to Part 22 of the WLAN Security Megaprimer! Please start this series by watching Part 1 http://www.securitytube.net/video/1756, if you have not done so already.
In this video, we will look at how to crack WPA-PSK using a Dictionary attack. An attacker can quietly observe the 4 way handshake and saves these packets. He now has access to the SNonce, ANonce, Supplicant MAC, and Authenticator MAC. Along with this he also has access to the MIC which was signed using the PTK.
The only unknown is the passphrase which can be anywhere between 8-63 characters. This is where the Dictionary attack comes in! We will use a wordlist with which we will try and guess the passphrase. This will be done by calculating the PMK with the guessed passphrase, then calculating the PTK with the help of the other data from the handshake and then finally verifying the MIC in the handshake. If it matches, we have a winner! else, we try the next phrase.
Look forward to your comments!