这么贵还是买了
这么贵还是英文的
这么贵怎么不翻译下
这么贵不懂 上当了
coWPAtty for Windows MAIN:; S; m, t( [/ `. e, Z# r! I3 T) S
"coWPAtty is designed to audit the pre-shared key (PSK) selection for WPA networks based on the TKIP protocol." - Joshua Wright.
# C7 }/ h9 R: N0 H
Project Homepage: http://www.willhackforsushi.com/Cowpatty.html
7 d7 b& }6 g1 R. m0 rP
, i# @- u* B% {2 _1 v2 r- t
Local Mirror: Cowpatty-4.0-win32.zipMD5: aa9ead2aacfcc493da3684351425d4c6
( A' I! E( W. S# W
$ U! w( d) a, G4 S7 _* s
coWPAtty Dictionary Attack
: S$ ~$ T4 `: h& H
Precomputing WPA PMK to crack WPA PSK
C8 R: t+ f7 `' ^& R
coWPAtty Precomputed WPA Attack
( q+ }& i, [0 H5 g: ~
coWPAtty Recomputed WPA2 Attack
( ~7 K/ u5 U# ]7 x3 u+ q" i
coWPAtty Tables
: X/ ]3 g! I7 U
coWPAtty Usage:7 b, W( \( k$ \! _
1 m+ V: T7 v5 p$ Z6 ?
% D% I8 m5 g( P6 W- [( _( acoWPAtty Dictionary Attack:
) u) I5 n& `4 y* l" A
Toperform the coWPAtty dictionary attack we need to supply the tool witha capture file that includes the TKIP four-way handshake, a dictionaryfile of passphrases to guess with and the SSID for the network.
7 }" F6 I% c9 w) l
In orderto collect the four-way handshake you can either wait until a clientjoins the network or preferably you can force it to rejoin the networkusing tools like void11 or aireplay and capture the handshakes usingsomething like kismet, ethereal or airodump.
, Y0 ~" g5 op. I+ T6 ]& l& }+ Y
cowpatty -f dict -r wpapsk-linksys.dump-s linksys
; s! t7 r7 z2 ]! a: T4 q
! m, ^0 l1 @$ i/ [- g5 c7 X; R: ], MW' K
4 P- \! qv- O" s, I
, \8 r8 x; G9 ^" ^
As youcan see this simple dictionary attack took 51 seconds, we can speed upthis process by precomputing the WPA-PMK to crack the WPA-PSK (seebelow).
; P( J: j. a% W, @
wpapsk-linksys.dump is the capture containing the four-way handshake
5 k7 P% [7 V0 ^4 o+ P1 }6 ^
dict is the password file
( ?3 m3 `# m* \* z0 V
linksys is the network SSID
4 d4 G) s5 t& G* H7 r! N, T$ Y+ ?9 i& l
Precomputing WPA PMK to crack WPA PSK:
9 q7 u" }+ G; X0 N7 E8 v6 M" O' }" Y
genpmkis used to precompute the hash files in a similar way to Rainbow tablesis used to pre-hash passwords in Windows LANMan attacks.There is aslight difference however in WPA in that the SSID of the network isused as well as the WPA-PSK to "salt" the hash.This means that weneed a different set of hashes for each and every unique SSID i.e. aset for "linksys" a set for "tsunami" etc.
0 Q3 a% ?% zF0 A( K; g+ `+ P& e! U5 F. a! {* B2 U: |
So to generate some hash files for a network using the SSID cuckoo we use:
& t$ @3 T3 @. i7 t/ r# i4 K3 L, |+ p& s/ D% g
genpmk-fdict-d linksys.hashfile-s linksys
3 r( c% ?) b6 C# R0 X
0 _' _* `; ^% _4 z) N, S/ N* t
& JS3 V. I$ U3 {9 m% r6 Q9 R/ n. X4 \N+ l, ?8 P
dict is the password file
9 s9 T& F" C9 X! z. V% l
linksys.hashfile is our output file
2 U6 w8 H, h$ t) S0 p: o
linksys is the network ESSID
# E# k+ t' ^9 C
- b- m+ Y& Z9 J' a7 HcoWPAtty Precomputed WPA Attack:
" Q8 [/ o# h- o% ^4 R
Now wehave created our hash file we can use it against any WPA-PSK networkthat is utilising a network SSID of cuckoo.Remember the capture(wpa-test-01.cap) must contain the four-way handshake to be successful.
( c8 W, U8 h' j; e) R# Q8 ?- t
- o: q- X2 Y- ?9 u3 c. o
cowpatty-d linksys.hashfile -r wpapsk-linksys.dump-s linksys
+ Y$ [6 d0 G" c, ^6 P" c
0 U! Q! M7 ^& @8 l% j8 C9 \2 D! P3 Q. m2 n0 X1 P
wpa-test-01.cap is the capture containing the four-way handshake
, ?6 D0 }/ I+ k9 q$ _; a
linksys.hashfile are our precomputed hashes
) OW, e- W) L! A6 {" C! c
linksys is the network ESSID
2 z3 D' ~% Q9 e& m; I6 d
( a0 X( u) O* ?% ~( Y( `) I
Notice that cracking the WPA-PSK took 0.04 seconds with the pre-computed attacked as opposed to 200 secondswith standard dictionary attack mode, albeit you do need to pre-computethe hash files prior to the attack.However, precomputing large hashfiles for common SSIDS (e.g. linksys, tsunami) would be a sensible movefor most penetration testers.
( F! H4 x2 Z. h/ v9 I' b! |- p& A/ I; X3 C) \& ~) [
coWPAtty Precomputed WPA2 Attack:
$ [# x! P- V$ E' z* M# \" I
coWPAtty4.0 is also capable of attacking WPA2 captures.Note: The same hashfile as was used with the WPA capture was also used with the WPA2capture.
9 [. Y: bU* Fq2 a! I% d
cowpatty-d linksys.hashfile -r wpa2psk-linksys.dump-s linksys
" ^+ _- b6 t5 x( @# x7 }
/ j! o# B* A4 N5 X; D
( e) x6 ac" K) o0 `) i3 Z
wpa2psk-linksys.dump is the capture containing the four-way handshake
. X( _8 v3 U, B+ i" p
dict is the password file
. v( p0 P- s& ?. R3 V1 k! [# B0 b
linksys is the network SSID
! w5 k3 Z$ K- V1 ~! g& _
' H: ]5 L/ v- h( F. x5 [coWPAtty Tables: ) ^4 o}: \& d" u& k
The Church of Wifi have produced some lookup tables for 1000 SSID's computed against a 170,000 word password file.The resultant table are approximately 7 Gigabytes in size and can be downloaded via Torrent:
" C' `- u6 g# T& I* k6 qv% Q9 o0 G* m
http://torrents.lostboxen.net/co ... atty-4.0_2006-10-19$ x- v6 z* \, R2 Z
# }$ g/ V1 g( @2 _H% I, BA 33 Gigabyte set of tables are also available: http://umbra.shmoo.com:6969/5 JG# p0 f8 p4 `$ g8 L1 H
6 z% R! @; `) {5 [Or you can buy them via DVD, direct from Renderman (initiator of the project): http://www.renderlab.net/projects/WPA-tables/
6 S/ x, G5 d- Y/ N' Y# b1 P# k$ B
楼主这是在抢钱啊
hahoahaoahoahao
机器要跑好几个光年
有这东西???????????????????????????????????????
骗人的,好像,还是不买了。楼主不厚道
这还叫分享吗/
是不是真的啊 买的人来回帖一下啊