Private Internet Access VPN
Liked this post? Then why not share it?
Facebook separator Twitter separator Delicious separator Digg separator Reddit separator StumbleUpon separator Share on LinkedIn

Post Reply 
 
Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Capture WPA handshake on windows?
10-03-2012, 06:34 PM
Post: #1
What is best program for capture WPA handshake on windows?, not on Backtrack in VM, just windows, (Bactrack not work for me, i try it),
I use commview and capture about 12 hours, and not get working handshake Sad
please help, thanks in advance,
and sorry for my bad english!
Find all posts by this user MyIP Hash
Like This Post Quote this message in a reply
10-03-2012, 08:00 PM
Post: #2
I never tried this before but you can use aircrack-ng on windows too but it will be hard to make it run on windows.There is one alternative you can download a vmware img of aircrack-ng but to use it you must have a usb based wifi adapter that can be pluged into usb.
Find all posts by this user MyIP Hash
Like This Post Quote this message in a reply
10-04-2012, 09:44 AM
Post: #3
Just as a matter of Interest, why didn't BackTrack work for you?

For overall simplicity, BackTrack Is the way to go. As an alternative to the Handshake, If the AP Is vulnerable to WPS, you can use "Reaver" In BT to crack the WPA Pin.

"Guests cannot see links in the messages. Please register to forum by clicking HERE to the see links."
[Image: wmcaq1.png]
Visit this user's website Find all posts by this user MyIP Hash
Like This Post Quote this message in a reply
10-04-2012, 03:26 PM
Post: #4
(10-04-2012 09:44 AM)mothered Wrote: "Guests cannot see links in the messages. Please register to forum by clicking HERE to the see links."Just as a matter of Interest, why didn't BackTrack work for you?

For overall simplicity, BackTrack Is the way to go. As an alternative to the Handshake, If the AP Is vulnerable to WPS, you can use "Reaver" In BT to crack the WPA Pin.

Backtrack dont work for me because i dont have compactible WiFi card, and i dont want to spend money on new card if i can crack passwords with my old card.
Find all posts by this user MyIP Hash
Like This Post Quote this message in a reply
10-04-2012, 03:27 PM
Post: #5
Just use backtrack in a VM.
Find all posts by this user MyIP Hash
Like This Post Quote this message in a reply
10-04-2012, 03:38 PM
Post: #6
(10-04-2012 03:26 PM)M4rk096 Wrote: "Guests cannot see links in the messages. Please register to forum by clicking HERE to the see links."Backtrack dont work for me because i dont have compactible WiFi card, and i dont want to spend money on new card if i can crack passwords with my old card.
If your wifi is not compatible then it will be very hard to to hack with it as wifi hacking need a wifi card supporting injection.
Find all posts by this user MyIP Hash
Like This Post Quote this message in a reply
10-05-2012, 09:28 AM
Post: #7
(10-04-2012 03:27 PM)Galaxy Wrote: "Guests cannot see links in the messages. Please register to forum by clicking HERE to the see links."Just use backtrack in a VM.

Irrespective of how you Install BackTrack, If you don't have a compatible chipset, It's futile.

@The OP, as Azmuth mentioned above, It's best to get a compatible card. Atheros Chipsets, and Alpha cards, both work well with BT.

"Guests cannot see links in the messages. Please register to forum by clicking HERE to the see links."
[Image: wmcaq1.png]
Visit this user's website Find all posts by this user MyIP Hash
Like This Post Quote this message in a reply
10-05-2012, 02:56 PM (This post was last modified: 10-06-2012 02:35 AM by Libertine.)
Post: #8
(10-04-2012 03:27 PM)Galaxy Wrote: "Guests cannot see links in the messages. Please register to forum by clicking HERE to the see links."Just use backtrack in a VM.

I read on OSec forums that with aircrack in Vmware, if the wifi card is internal, than it won't be recognized by the host on a virtual machine. Typing airmon-ng apparently won't display any results. Switching between NAT and bridged connections doesn't seem to do anything to resolve this. The reason was stated due to the fact that the host can not recognize internal devices in a virtual environment, only external cards inserted directly into the machine.

Although, there was a workaround I remember reading about called NDIS wrapper. And most likely a variety of other possible workarounds. I'm pretty sure this unrecognizable issue is still evident in the newer R3 release when dealing with internal cards and backtrack virtual machines. Personally I prefer to use persistent USB rather than virtual.

If you have an external card you should be alright. Atheros is your best bet because it is the most supported and compatible card for aircrack. You could use a program such as Commview for Wifi in conjunction with the aircrack suite for most needs.

Commview For Wifi - "Guests cannot see links in the messages. Please register to forum by clicking HERE to the see links."

The OP could always use a live cd or install to HD as well, when working with Linux. On the topic of Windows, you need to configure the monitor mode/injection drivers for your specific wifi card. Not all cards are compatible. I know for certain Intel cards have compatibility issues. Atheros is your best option.

As for your question specific to WPA handshakes in Windows. I've found some good information here on the aircrack wiki which might be worth a read through: "Guests cannot see links in the messages. Please register to forum by clicking HERE to the see links." (see below)

"Solution Overview

The objective is to capture the WPA/WPA2 authentication handshake and then use aircrack-ng to crack the pre-shared key.

This can be done either actively or passively. “Actively” means you will accelerate the process by deauthenticating an existing wireless client. “Passively” means you simply wait for a wireless client to authenticate to the WPA/WPA2 network. The advantage of passive is that you don't actually need injection capability and thus the Windows version of aircrack-ng can be used.

Here are the basic steps we will be going through:

Start the wireless interface in monitor mode on the specific AP channel
Start airodump-ng on AP channel with filter for bssid to collect authentication handshake
Use aireplay-ng to deauthenticate the wireless client
Run aircrack-ng to crack the pre-shared key using the authentication handshake"


Apparently, you can use the Windows version of aircrack to facilitate the handshake by waiting for the client to associate. Forcing an authentication would require injection which you can test for compatibility, through the test tool on the wiki page. Either method would utilize airodump. Once you confirm the handshake you simply feed a wordlist with aircrack. For this type of procedure I'd personally use Backtrack. That's what it's meant for and therefore 'works with you' and not against you when it comes to objectives like this. I'd shy away from using Windows for these types of purposes.

Keep researching Cool thumbsup

*Here is a video that may help with Backtrack:



Find all posts by this user MyIP Hash
Like This Post Quote this message in a reply
Post Reply 


Forum Jump:

aonubf