Home > Information > Forum > Show Topic
Show thread topic
01.03.2024
New blog post
Dumping the history of users' IP addresses in Windows
20.02.2024
Reset Windows Password v14.1
IP addresses history viewer, fast disk search, local security editor and some more
02.01.2024
Wireless Password Recovery v6.9.0
A revision of the GPU health monitor along with some minor updates
23.12.2023
HAPPY NEW YEAR!
Happy New Year greetings and holidays discount

Articles and video

You may find it helpful to read our articles on Windows security and password recovery examples. Video section contains a number of movies about our programs in action

New algorithm for loading WPA handshakes from capture files

Passcape_Admin, 10:16:13 31.05.2017 Rating: 0 #1

New algorithm for loading WPA handshakes from capture files  

The main trouble extracting handshakes from capture/dump files is that there is no way to determine if a handshake valid or not. Every WPA handshake consists of data that reside in at least two authentication packets (out of 4 authentication messages between an access point and a client). The data can be sent in different packets. For instance, in the first and second message, third and fourth, and so on.
The validation problem is complicated by the following:
- Authentication packets can be sent several times. For example: MSG1, MSG2, MSG1, MSG4.
- Authentication packets can be interleaved with the deauthentication message that is often used to force re-associating a client and an access point. For instance, MSG1, DEAUTH, MSG2. Once the deauthentication message is met, the access point predictably considers such a handshake invalid and rejects authentication, inspite the fact it contains 'valid' data.

Many programs handle such situations differently. In the most complex cases, the only way to tackle this issue is to manually sort out trash and select certain packets for building valid handshakes. WIFIPR now comes with a brand-new algorithm for exhaustive handshake generation that guarantees the presence of at least one valid handshake. The significant disadvantage of this method is that valid handshakes are generated along with a lot of junk (invalid) records. Hundreds or even thousands of them, depending on the source file. Therefore, this option should be used exclusively with the multi-mode that allows handling handshakes with identical SSID’s simultaneously.

Well anyway this algorithm is good enough for certain cases to ensure that you have at least one valid handshake.
 
Entries 1 to 1 from 1  [ <<  1  >> ]