Search

Worlds

Login | Signup

Null Byte
The aspiring grey hat hacker / security awareness playground World Home How-To Inspiration Forum

Follow Follow

Creators

How-Tos Topics Wi-Fi Hacking

Green Tea: It Cleans More Than Just Your Body

CryptoLocker: An Innovative & Creative Hack

How to Hack WPA WiFi Passwords by Cracking the WPS PIN

How to Move the Obtrusive Volume Indicator Box to Your iPhone's Status Bar

How to Hack Wi-Fi: Cracking WPA2PSK Passwords with Cowpatty

Posted By occupytheweb
4572

Popular Now

6 months ago

Follow Follow

How to Increase Youtube Views

$10 Off Your First Order

google.com/shopping/express All Things Tech, Delivered To You Today With Google Shopping Express.

How to Disable Annoying Autoplay Media in Chrome, Firefox, Safari, and Internet Explorer

50
KUDOS

Welcome, my hacker novitiates! As part of my series on hacking Wi-Fi, I want to demonstrate another excellent piece of hacking software for cracking WPA2-PSK passwords. In my last post, we cracked WPA2 using aircrack-ng. In this tutorial, we'll use a piece of software developed by wireless security researcher Joshua Wright called cowpatty (often stylized as coWPAtty). This app simplifies and speeds up the dictionary/hybrid attack against WPA2 passwords, so let's get to it!

Related
How to Hack Wi-Fi: Cracking WPA2-PSK Passwords Using Aircrack-Ng How to Hack Wi-Fi: Getting Started with Terms and Technologies iOS 6 Broke Your Wi-Fi? Here's How to Fix Connection Problems on Your iPhone or iPad How to Hack Wi-Fi: Getting Started with the Aircrack-Ng Suite of Wi-Fi Hacking Tools How to Hack WiFi Passwords for Free Wireless Internet on Your PS3 How to Hack Wi-Fi: Cracking WEP Passwords with Aircrack-Ng

The Easiest Way to Share Your Complicated Wi-Fi Password with Friends & FamilyNo Typing

converted by Web2PDFConvert.com

Friends & FamilyNo Typing Required

Step 1: Find the Cowpatty

Cowpatty is one of the hundreds of pieces of software that are included in the BackTrack suite of software. For some reason, it was not placed in the /pentest/wireless directory, but instead was left in the /usr/local/bin directory, so let's navigate there. cd /usr/local/bin Because cowpatty is in the /usr/local/bin directory and this directory should be in your PATH, we should be able to run it from any directory in BackTrack.

How to Crack Wi-Fi Passwords with Your Android Phone and Get Free Internet! How to Crack Wi-Fi Passwords for Beginners!

Save Battery Power by Pairing Wi-Fi Connections with Cell Tower Signals on Your Galaxy Note 3 How to Fix the Wi-Fi Roaming Bug on Your Samsung Galaxy S3

Step 2: Find the Cowpatty Help Screen

To get a brief rundown of the cowpatty options, simply type: cowpatty

Port Sniffer
gfi.com

Check your Network for Open Ports. Try GFI LanGuard 2014 Free!

Mainframe Web Services Password Recovery $9.95 Why SevOne?

BackTrack will provide you a brief help screen. Take a note that cowpatty requires all of the following. a word list a file where the password hash has been captured the SSID of the target AP

Step 3: Place the Wireless Adapter in Monitor Mode

Just as in cracking with aircrack-ng, we need to put the wireless adapter into monitor mode. airmon-ng start wlan0

Newest

Being Creative with Hacking

How to Correctly Configure Realtek RTL8191SU WLAN USB to Use Reaver and Aircrack-Ng on Kali-Linux.

Community
TAXI CAB

published

Step 4: Start a Capture File

Next, we need to start a capture file where the hashed password will be stored when we capture the 4-way handshake.

Hi Im New Here as a Member but This Is Always My Go to Site for Projects I Now Have an Old Tv/Vcr (Funai) And Not Sure W
FISKER RIETBERGEN BRAMSEN

published

converted by Web2PDFConvert.com

airodump-ng --bssid 00:25:9C:97:4F:48 -c 9 -w cowpatty mon0 This will start a dump on the selected AP (00:25:9C:97:4F:48 ), on the selected channel (-c 9 ) and save the the hash in a file named cowcrack.

FISKER RIETBERGEN BRAMSEN

published

Some Ideas to Challenges

ANDREW GODINEZ

published

Step 5: Capture the Handshake

Now when someone connects to the AP, we'll capture the hash and airdump-ng will show us it has been captured in the upper right-hand corner.

How to Set the Volume Buttons to Instantly Control the Flashlight on Your HTC One
OCCUPYTHEWEB commented

on

Hack Like a Pro: How to Crash Your Roommate's Windows 7 PC with a Link Once you have a meterpreter connection, you can do anything you want. You own his computer!
FISKER RIETBERGEN BRAMSEN

published

Challenges
PHEONIX KELLER commented

on

Hack Like a Pro: How to Crash Your Roommate's Windows 7 PC with a Link Master, I am curious. ... I have successfully exploited my roommates pc and have a meterpreter connection. Can I or can I not jamm his pc without sending a link that he has to click.

Step 6: Run the Cowpatty

Now that we have the hash of the password, we can use it with cowpatty and our wordlist to crack the hash. cowpatty -f /pentest/passwords/wordlists/darkc0de.lst /root/cowcrack-01.cap -s Mandela2 -r

Pheonix

As you can see in the screenshot above, cowpatty is generating a hash of every word on our wordlist with the SSID as a seed and comparing it to the captured hash. When the hashes match, it dsplays the password of the AP.

Step 7: Make Your Own Hash

Although running cowpatty can be rather simple, it can also be very slow. The password hash is hashed with SHA1 with a seed of the SSID. This means that the same password on different SSIDs will generate different hashes. This prevents us from simply using a rainbow table against all APs. Cowpatty must take the password list you provide and compute the hash with the SSID for each word. This is very CPU intensive and slow. Cowpatty now supports using a pre-computed hash file rather than a plain-text word file, making the cracking of the WPA2-PSK password 1000x faster! Precomputed hash files are available from the Church of WiFi, and these precomputed hash files are generated using 172,000 dictionary file and the 1,000

converted by Web2PDFConvert.com

most popular SSIDs. As useful as this is, if your SSID is not in that 1,000, the hash list really doesn't help us. In that case, we need to generate our own hashes for our target SSID. We can do this by using an application called genpmk. We can generate our hash file for the "darkcode" wordlist for the SSID "Mandela2" by typing: genpmk -f /pentest/passwords/wordlists/darkc0de.lst -d hashes s Mandela2

Step 8: Using Our Hash

Once we have generated our hashes for the particular SSIDs, we can then crack the password with cowpatty by typing: cowpatty -d hashfile -r dumpfile -s ssid

Stay Tuned for More Wireless Hacking Guides

Keep coming back for more on Wi-Fi hacking and other hacking techniques! Haven't seen the other Wi-Fi hacking guides yet? Check them out here. If you have questions on any of this, please ask them in the comments below. If it's something unrelated, try asking in the Null Byte forum.

See Also
How to Hack Wi-Fi: Cracking WPA2-PSK Passwords Using Aircrack-Ng How to Hack Wi-Fi: Getting Started with Terms and Technologies iOS 6 Broke Your Wi-Fi? Here's How to Fix Connection Problems on Your iPhone or iPad Show More...
13 16

Remember to Give Kudos, Tweet, Like, & Share

IDS Software - Free Trial

gfi.com/ids-software Detect Intruders & Security Gaps w/ GFI EventsManager! Free Trial

Join the Discussion

1
A MERIC AN PA TRIO T

Subscribe

OFF

Nice work.
6 months ago Reply

1
SA NDEEP A GRA WA L

Great work .. .appreciated......

6 months ago Reply

1
STA N WILLIA MS

awesome, I love the way you explain the details, thanks a lot.
6 months ago Reply

thats awsome.............. i love it,..... buh cant someone do dis without a wireless adaptor? pls reply me
converted by Web2PDFConvert.com

LIJOKA JOSEPH A YODEL E

thanks... kudos
6 months ago - edited 6 months ago Reply

1
A LI JA BA RI

absolutely not ! do you know what this application will do after using it?? it will try a very very long list of passwords and checks the result,when it finds any true password it will save it to a target file.so if you have not any Wifi router it cannot try that passwords to find out what is true.right?
6 months ago Reply

1
SECRET KING

master OTW how many powerfull dictionaries are in bt...other than darkc0de & rockyou....... would u plz like to suggest some other powerfull dictionary for dictionary attack to wpa psk.......and why can't i use JTR with aircrack-ng...
2 months ago Reply

1
OCCUPY THEWEB

Secret: There are numerous wordlists on the web. Simply google them. Aircrack-ng and JTR do the same thing. Why would you want to use them together? OTW
2 months ago Reply

1
SECRET KING

thnx master ...understand.....

2 months ago Reply

1
SEBA STI AN NIELSEN

Otw i find this wifi hack in backtrack 5 r3 i cant upload the video just look at it into youtube I will leave a link:http://m.youtube.com/watch?v=AsHZLcz2s4s http://m.youtube.com/watch?v=AsHZLcz2s4s
last month Reply

1
SEBA STI AN NIELSEN

Master otw can you please look at this video, it looks like its a better wifi hack program in backtrack 5 r3... Is it true??? http://m.youtube.com/watch?v=AsHZLcz2s4s
last month Reply

1
OCCUPY THEWEB

Sebastian: Try it and if it works, great! OTW

last month Reply

1
PRINCE KA SHIF

bahi donwload nahin ho raha he help

2 weeks ago Reply

1
NILS HA GNER

Is there a way to crack passwords without a word list? (If you don't have a word as a password)
6 days ago Reply

1
OCCUPY THEWEB

Your approach to cracking passwords is dependent upon what type of encryption is used. If it is WEP, no wordlist is necessary. WPA2 needs a wordlist. If it uses WPS it is a bit easier. What do you mean by not using a word as a password?
6 days ago Reply

converted by Web2PDFConvert.com

1
SECRET KING

master what is diffent from cracking aircrack-ng and cowpetty???

6 days ago Reply

1
NILS HA GNER

I mean a code like ag>H/@uspLA or whatever never occours in a wordlist

4 days ago Reply

1
OCCUPY THEWEB

Nils: Many of the wordlists contain code like that. Its a misnomer to call them a wordlist as they include things other than words, but what else would you call them? OTW
4 days ago Reply

1
NILS HA GNER

crazy stuff.... But thanks for your answer! will go on reading :)

2 days ago Reply

Share Your Thoughts

Click to share your thoughts
YOU ATTACH

Related Topics

Recovery Password Reset Admin Password Wireless LAN Security

XP Password Rainbow Tables Password Cracker

Network Intrusion Password Changes MS Word Password

Popular How-To Topics in Computers & Programming

Hack router password How to Hack imvu account Activate blocked sites Get someones facebook password Hack another computer on your network Free imovie templates Hack facebook account Hack facebook account password Convert nds to iso file Track who views your facebook profile How to Google camera hack Hack other users on same wifi Hack other people webcam Hack mac app store 10.6.8 Hack security cameras Crack gmail password How to Google camera hack Hack computer through ip address How to Facebook group hack Harmless virus for mac How to Hack internet modem Bypass facebook password How to Linux wpa crack Send a computer virus

Trending Across WonderHowTo

Green Tea: It Cleans More Than Just Your Body 12 Home Remedies for Relieving Annoying Allergy Symptoms

How to Move the Obtrusive Volume Indicator Box to Your iPhone's Status Bar How to KnockOn Your HTC One (Double-Tap Screen to Wake) How to Add Your iCloud Email Account to Your Galaxy Note 3 or Other Android Device

DIY Survival: How to Filter Dirty Water with a Stick

How to Make Easy Homemade Buttermilk, Sour Cream, & Crme Frache How to Unlock the Bootloader & Root Your HTC One Running Android 4.4.2 KitKat

converted by Web2PDFConvert.com

Arts
Arts & Crafts Beauty & Style Dance Fine Art Music & Instruments

Science & Tech

Autos, Motorcycles & Planes Computers & Programming Disaster Preparation Education Electronics Film & Theater Software Weapons

Lifestyle
Alcohol Business & Money Dating & Relationships Diet & Health Family Fitness Food Home & Garden Hosting & Entertaining Language Motivation & Self Help Outdoor Recreation Pets & Animals Pranks & Cons Spirituality Sports Travel

Gaming
Gambling Games Hobbies & Toys Magic & Parlor Tricks Video Games

About Us

Privacy Policy

Terms & Conditions

converted by Web2PDFConvert.com