Description: Welcome to Part 24 of the WLAN Security Megaprimer! Please start this series by watching Part 1 http://www.securitytube.net/video/1756, if you have not done so already.
In this video, we will look at tools and techniques which can be used to speed up WPA/WPA2 PSK based cracking.
The basic idea is to first understand the Dictionary attack in more depth. The CPU and time consuming calculation is that of the PBKDF2 which converts a Passphrase into the Pre-Shared Key, which is also the Pairwise Master Key (PMK) in this case. Apart from the Passphrase, the other variable input to this function is SSID of the network. To speed up cracking, we need to pre-compute all the PMKs using probable SSIDs and Passphrase combinations. Now all we will have to do is use variables in the 4 way handshake (ANonce, SNonce, Authenticator MAC, Supplicant MAC) along with this PMK to generate a PTK and verify it by using one or more MICs from the handshake. If the MIC matches, then our assumed Passphrase is correct! and the key is cracked!
In course of this video, we will touch upon the following tools: Genpmk, Cowpatty, Pyrit, Airolib-NG, Aircrack-NG. I don't have a monster muti-CPU demon at my disposal, so we will use our slow, 1 GB RAM VM for the demos :)
Look forward to your comments and suggestions!