[原创]BackTrack2下破解无线WPA-PSK加密实战

sy100

好文章! 好方法! 用自的路由测试,学习一下,谢谢了!

shrfish

很好的教程，昨天入手的500MW卡王，按照教程在实验室环境下成功破解WPA，wep。

不过在破解WPA的时候感觉字典很重要。平时收集一点比较好。对了longas的无线安全实体书什么时候出啊，一定要买来看看的，呵呵

lyhlyh

大家好，我只有笔记本一台（无线网卡是INTEL 3945），能否破解我小区的WPA加密的信号？

如果能，我就一步一步来按步骤试着破解。

如果不能，我应该买哪一种型号的无线网卡？谢谢大家指点！！

mtmbice

我用的密码字典可能不全，每次破解出来的密码还不一样，都是在这个字典的某个字母段内，比如

第一次破解出来是 zoologically

第二次破解出来是 zillions

第三次破解出来是 zoological

再用了另一个比较全的密码字典，不过里面都是大写的，破解出来是 ZZETSUEN

那么是不是说明这个密码是z字母开头的？

还是说aircrack-ng 这个工具只找到了相近的密码字符？

dot5171

多谢，学习中。。。。。。。。。。。。。。。。。。

cxiaoyong

[QUOTE]高手啊 !我在BT3里为什么看不见我自己的接口名啊,我到底哪出错了,都桥好了,我用的是rtl8187

hzjackq

虚心学习虚心学习虚心学习虚心学习
转自中国无线门户,原文地址：http://forum.anywlan.com/dispbbs.asp?BoardID=15&ID=6620&replyID=&skin=1

虚心学习虚心学习虚心学习虚心学习
转自中国无线门户,原文地址：http://forum.anywlan.com/dispbbs.asp?BoardID=15&ID=6620&replyID=&skin=1

虚心学习虚心学习虚心学习虚心学习
转自中国无线门户,原文地址：http://forum.anywlan.com/dispbbs.asp?BoardID=15&ID=6620&replyID=&skin=1

myw805

非常感谢版主longas的好教程：BackTrack2下破解无线WEP加密实战讲解和BackTrack2下破解无线WPA-PSK加密实战讲解。

在实施破解WPA-PSK的过程中遇到一些问题，请版主给我指点一下：我用的是BT3，在破解WPA-PSK的过程中，我输入：zcat /pentset/password/dictionaries/wordlist.txt.Z > password.txt 后，出现一句错误提示：gzip: /pentest/password/dictionaries/wordlist.txt.Z: No such file or directory.请版本指点一下是什么意思？如何操作才能解决此错误？

还有一个问题：接下来，将字典cp回当前目录下，就可以同步开启aircrack-ng来进行同步破解了。这一句话中的操作请版主用命令的方式给我指明一下，就将字典cp到BT中默认的当前目录为例来写命令吧，不盛感激ing。

再次谢谢版主的指导，我刚接触BT，不是很熟悉，请版主不要怕麻烦，来指导一下我这个菜鸟吧。

myw805

请问一下,在BT3下如何将文件拷贝到本地磁盘中?请大虾门指点一下,谢谢.

kingstones1978

Elcomsoft Distributed Password Recovery：
NVIDIA GPU Acceleration

ElcomSoft has pioneered many software innovations that have made it easier to recover lost passwords from the operating system, Microsoft Office products, Adobe PDF files, ZIP and RAR archives, and a variety of other applications. The latest development revolutionizes the speed of password recovery without requiring expensive hardware.

Elcomsoft Distributed Password Recovery employs a revolutionary, patent pending technology to accelerate password recovery when a compatible NVIDIA graphics card is present in addition to the CPU-only mode. Currently supporting all GeForce 8 and GeForce 9 boards, the acceleration technology offloads parts of computational-heavy processing onto the fast and highly scalable processors featured in the NVIDIA抯 latest graphic accelerators.

The acceleration technology developed by ElcomSoft allows the execution of mathematically intensive password recovery code on the massively parallel computational elements found in latest NVIDIA graphic accelerators. The GPU acceleration is unique to Elcomsoft Distributed Password Recovery, making password recovery up to fifty times faster compared to password recovery methods that only use the computer抯 main CPU.


Broad Compatibility

Elcomsoft Distributed Password Recovery supports a variety of applications and file formats, allowing password recovery from Office documents, Adobe PDF files, PGP disks and archives, personal security certificates and exchange keys, MD5 hashes and Oracle passwords, Windows and UNIX login passwords.

Microsoft Word/Excel/PowerPoint/Project, all versions (password recovery - "open" password only)
Microsoft Word/Excel 97/2000 (guaranteed decryption)
Microsoft Money and OneNote (password recovery)
OpenDocument (OpenOffice, StarOffice) (password recovery)
PGP: zip archives (.PGP), PGP disks with conventional encryption (.PGD), self-decrypting archives (.EXE), whole disk encryption, secret key rings (.SKR) (password/passphrase recovery)
Personal Information Exchange certificates - PKCS #12 (.PFX, .P12) (password recovery)
Adobe Acrobat PDF files ("user" and "owner" password recovery)
Adobe Acrobat PDF files with 40-bit encryption (guaranteed decryption)
Windows NT/2000/XP/2003/Vista logon passwords (LM/NTLM) (password recovery)
Windows SYSKEY startup passwords (password recovery)
Windows DCC (Domain Cached Credentials) passwords (password recovery)
UNIX users' passwords (password audit/recovery)
Intuit Quicken (.QDF) (password recovery)
Lotus Notes ID files (password recovery)
MD5 hashes (plaintext recovery)
Oracle users' passwords (password audit/recovery)
能否用于WPA破解

Hashing module	Average speed (with NVIDIA GeForce 8800GS)
MD5	270 million p/s
MySQL	620 million p/s
NTLM	320 million p/s
SHA-1	70 million p/s
MySQL5	38 million p/s

kingstones1978

还有这个网站关于MD5破解的达到275.84M p/s
http://winsidepro.com/eng/egb.shtml

longas

呵呵，又有人找到这款Elcomsoft Distributed Password Recovery了，该工具最新版目前支持WPA破解，但是效率很低，而且免费版只支持10客户端，你可以试试。据我们ZerOne测试结果表明，这个免费版的工作效率不是一般的底，应该是产权保护的缘故。

另外，你所提及的告诉破解，那是基于NVIDIA GeForce 8800GS的，建议你好好看看相关的资料，这个投入不是一般地高。