Auditing Wi-Fi Protected Access (WPA) Pre-Shared Key Mode

Several methods can be used to capture the wireless traffic that contains the WPA-PSK four-way handshake of interest. tcpdump allows for network monitoring and data acquisition, but it does not readily provide meaningful AP data. Kismet is arguably the best tool for wireless data capture, auditing traffic, network detection and general wireless sniffing. Specifically, Kismet can log the packet data into a dump file required for this demonstration, but it is overkill for this situation. The most elegant method of capture is to use airodump, which is part of the Aircrack 2.1 suite written by Christopher Devine. Aircrack can handle large capture files and displays meaningful AP information to include SSID, total number of unique IVs and packet size. Aircrack is available in the Tar File Gzipped format (tgz). Install by following these steps to build the Aicrack suite of tools; the specific tool of interest in this situation is airodump:

# tar zxvf aircrack-2.1.tgz
# cd aircrack-2.1
# make

With the tools compiled, wireless traffic now can be captured. The wireless NIC first must be placed in rf monitor mode. For example, if using the patched version of the Orinoco driver, the following commands would be issued, where <AP channel> is the channel of interest:

# iwpriv eth0 monitor 1 <AP channel>

The wireless NIC then is enabled:

# ifconfig wlan0 up

Finally, commands to capture traffic would be issued:

# airodump wlan0 datafilename

Airodump continuously displays the AP SSID and packet capture information on the specified channel. To reduce the amount of captured data, the MAC address of the AP may be appended after the datafilename. To exit airodump, use the Ctrl-C command.

Although airodump happily captures traffic, the four-way handshake is not captured until a client-to-AP association occurs. This is a random occurrence from the attacker's point of view, but forced reassociations can be accomplished by executing a death attack using a tool such as void11 that forces the de-authentication of wireless clients from their associated APs. The wireless client automatically attempts reassociation, which allows the capture of the WPA-PSK four-way handshake. Assuming the handshake has been captured, it is time to execute the brute-force dictionary attack.

coWPAtty requires that OpenSSL be installed on your system. After downloading coWPAtty, install it using the following steps:

# tar zxvf Cowpatty-2.0.tar.gz
# cd cowpatty
# make

You now have built the coWPAtty binary. Execute the binary by supplying the libpcap that includes a captured four-way handshake, a dictionary file of passphrases from which to guess and the SSID of the network. The options are:

The binary is executed with the following command:

# ./cowpatty -r datafilename \
 -f dictionaryfile -s SSID

If there is no WPA four-way exchange, the following message is displayed:

End of pcap capture file, incomplete TKIP four-way exchange.
Try using a different capture.

If the file did contain the four-way handshake, the following is displayed:

coWPAtty 2.0 - WPA-PSK dictionary attack.
<jwright@hasborg.com>
Collected all necessary data to mount crack against
passphrase.  Loading words into memory, please be
patient ... Done (XX words).  Starting dictionary
attack. Please be patient.

coWPAtty continues the intensive and relatively slow process of testing each dictionary word as a passphrase by using the PBKDF2 function and making 4096 SHA-1 passes on each passphrase in the supplied data set. coWPAtty updates its progress until it reports either it has found the WPA-PSK passphrase or it was unable to identify the WPA-PSK passphrase from the supplied dictionary file. As noted in the documentation, coWPAtty is not fast, due to the number of repetitions required for each passphrase. Expect approximately 45 keys per second in actual use.

For users who care to demonstrate this tool but are unable to capture the network data, coWPAtty includes a sample packet capture file, named eap-test.dump, that was generated from an AP with SSID somethingclever and a PSK of family movie night. To demonstrate the attack utilizing the supplied file, enter the following command ensuring that the supplied dictionary has the phrase somethingclever included:

# ./cowpatty -r eap-test.dump \
-f dictionaryfile -s somethingclever