Aircrack-ng forum

General Category => Newbies => Topic started by: Username-ng on May 27, 2020, 07:36:31 am

Title: Why use .cap file to crack wpa
Post by: Username-ng on May 27, 2020, 07:36:31 am
Hello,

Im wondering why to use .cap file in aircrack-ng ? If I understood correctly the only way to crack wpa is a brute force method associated with a list of possible passwords. If this is correct, what are doing the .cap files in this process ?

Could somebody also confirm without the exact password in the password list, it is impossible to find the key ? I tried to put in my password list some fragments of my key but aircrack haven't been able to put them together to recreate the full key.

Thanks in advance.
Title: Re: Why use .cap file to crack wpa
Post by: misterx on May 27, 2020, 04:41:53 pm
In order to connect to a WPA network, you need to do a handshake to create temporary keys for the session. They are changed once in a while, so they don't last forever. During this handshake, random numbers are generated by the station and the AP, which are used in the process to create the temporary keys, along with SSID, passphrase and MAC addresses).

These temporary keys are hashes, which are one way function. What we're doing when cracking is taking all that information along with the passphrase we're trying, then computing it and seeing if it matches some value in the handshake.

A quick google search gave me this which looks like has some more information and resources about the handshake: https://security.stackexchange.com/questions/17767/four-way-handshake-in-wpa-personal-wpa-psk