NOTE: When cracking WPA/WPA2 passwords, make sure you check gpuhash.me first incase it's already been processed.

Home - Wireless Cracking - Introducing wpa-sec: The Largest Online WPA Handshake Database


10 Results - Page 1 of 1 -
1
Author Message
Avatar
freeroute
Moderator
Status: Trusted
Joined: Sat, 16 Jul 2016
Posts: 2325
Team:
Reputation: 7872 Reputation
Online
Sat, 09 Jun 2018 @ 21:57:59

wpa-sec started in 2011 as attempt to improve web interface to besside-ng of aircrack-ng suite. It collects WPA handshake captures from all over the world.
First version was written by sorbo (Andrea Bittau, RIP 2017) from aircrack-ng team. You can see how that looked like back then: https://web.archive.org/web/20170604070037/http://wpa.darkircop.org:80/

Contributors use client script to download handshakes and special crafted dictionaries to initiate attack against PSKs. With more than 115 GB captures from 240 000 submissions, collected samples represent invaluable source for wireless security research.

This includes:

- Many improvements for emerging wireless security tools like hcxtools suite https://github.com/ZerBea/hcxtools
- Identified default PSK key generation algorithms, used by various ISPs.
- Those, along with fixes for current implementations get in RouterKeygen project (https://github.com/routerkeygen/routerkeygenPC/
Many more to come, based on current research activities
- Performance optimizations for WPA crackers
- Identified some linux kernel driver bugs

Current features are:

- Submissions handled through hcxdumptool;
- Nonce corrections on handshakes - wpa-sec has it's own cracker, which validates PSK submissions;
- Support for hashcat and John the Ripper crackers for help_crack;
- On capture submission and PSK submission it try PMK search over the full database;
- On serverside it run routerkeygenPC + some "single" mode candidates, based on essid/bssid;
essid grouping - it fetch all uncracked same essid handshakes and run them through dicts. This greatly improves performance, because PMK is calculated only once for every PSK candidate
- Multiple dicts support - this is in current HEAD, avoids multiple GPU kernel inits for highend/multiple GPUs

Statistics on 09 June 2018:

Total handshakes: 484292 / 286440 unique BSSIDs
Cracked handshakes: 130976 / 77143 unique BSSIDs
WPA Success rate: 27.04% / 26.93% unique BSSIDs
Cracked by known algorithm: 5078 / 3821 unique BSSIDs
Known algorithm success rate: 3.88% / 4.95% unique BSSIDs


Next things:

- Better web interface;
- API introduction;
- GPS coordinates through Wigle;
- API for handshake access;
- Several default algos in the works;
- More dicts

In February 2018 the database has been reimported and wpa-sec got a lot more, previously unidentified or uncrackable handshakes.

wpa-sec is opensource project available at https://github.com/RealEnder/dwpa
Live installation at https://wpa-sec.stanev.org

Usage

First step is to issue your own key. This is nessesary if you want to see the results from your uploaded handshakes.
To obtain the WPA handshake, use hcxdumptool or wlandump-ng from hcxtools repo. hcxtools is new generation sophisticated
set of tools for WPA audit and penetration tests. You can then upload valid pcap format captures via the web interface.

Note: please do not use any additional tools to strip or modify the capture files, since they can mangle handshakes and
lead to uncrackable results.

Distributed WPA cracking

There is no dedicated resource on this machine for handshake cracking. All the work is done from volunteers, who contribute CPU/GPU to the cracking process by running help_crack.py, a script that will automatically fetch uncracked handshake, download wordlist, try to crack, and upload the results to this site.

Prerequisite: you must have python and hashcat or John the Ripper "bleeding-jumbo" branch installed. Put help_crack.py in the same directory as cracker binary and run it from there.

Cracking under Windows is also available.

wpa-sec will be presented on DEFCON26: https://www.wallofsheep.com/blogs/news/first-batch-of-accepted-packet-hacking-village-talks-at-def-con-26-announced#astanev

and BlackHat USA Arsenal: https://www.blackhat.com/us-18/arsenal/schedule/index.html#wpa-sec-the-largest-online-wpa-handshake-database-12091

FAQ:

Some of them:

Q: If I submit capture before issuing wpa-sec key, I can't then see the password. What to do?

A: Just issue a wpa-sec key through https://wpa-sec.stanev.org/?get_key , then resubmit your capture


Q: What means "Get works" on Nets tab?

A: Get work is the count of dictionaries, that were downloaded, from those with lesser words to bigger ones.


Q: Can you send me the password for net ......, my key is "........"

A: I can't. If it's cracked, you'll see it right away.


Q: Can you add dict .... to dicts?

A: Yes, but we still need years to catch up with current ones. See the stats and try to help out.


Q: I submitted a capture of net with ESSID ".....", but then I can't find it in wpa-sec.

A1: If you processed the capture in some way, just submit the original.

A2: If you used some old tool to capture the handshake, try again or use something better like hcxtools.

A3: If you still believe your handshake is correct, send me the capture to take a look.



If I helped a +rep is appreciated!

: 13hDMK85KhVnPb2eTFBacHD6kDjKYFLudb
XMPP: freeroute@xmpp.jp

Avatar
jojo93

Status: n/a
Joined: Sun, 20 May 2018
Posts: 71
Team:
Reputation: 140 Reputation
Offline
Sat, 09 Jun 2018 @ 23:30:28

A great topic from a special person like you ,,,,, thanks for all here especially freeroute and $cI$$0r$


Avatar
Nabil90

Status: n/a
Joined: Sun, 11 Jun 2017
Posts: 85
Team:
Reputation: 50 Reputation
Offline
Mon, 11 Jun 2018 @ 08:48:26

Very smart to be able to build up this database whilst getting everyone else to do
the hard work of cracking for free

Quite interesting to see that many of the handshakes cracked here are appearing
as found in the database. Are they being added to the database after the public
posting of the crack, or does this distributed cracking explain some of the
unlikely cracks that are posted here?

The geolocation link to Wigle is probably the most convenient part of the search
output for mapping enthusiasts


Avatar
mkerr

Status: Banned
Joined: Sun, 03 Sep 2017
Posts: 377
Team:
Reputation: 317 Reputation
Offline
Mon, 11 Jun 2018 @ 09:24:29

WARNING! User is BANNED and maybe a SCAMMER.

Nabil90 said:


The geolocation link to Wigle is probably the most convenient part of the search
output for mapping enthusiasts

Do not see much Wigle integration. Just seems to be a link to the Wigle site
where you are expected to search from there? Other methods are much more
effective for geolocation

Interesting observation about the correlation of cracked WPA here and founds
on wpa-sec

That one has certainly got me thinking what the connection could be


Avatar
Gibbz

Status: n/a
Joined: Tue, 23 Jan 2018
Posts: 37
Team:
Reputation: 32 Reputation
Offline
Thu, 21 Jun 2018 @ 07:20:26

wonder with rule here and gpuhash cracked key
what if same key from there get crack on wpasec
from posted here all look to be there too
person get cracked gpuhash key on wpasec free anyway


Avatar
Purpleninja225

Status: n/a
Joined: Thu, 05 Jul 2018
Posts: 116
Team:
Reputation: 212 Reputation
Offline
Fri, 06 Jul 2018 @ 01:52:44

Looks like the current round has over 2 years left on it. Is there a way to help speed up that process? Or am I not understanding what that particular stat is supposed to mean?

EDIT: Nevermind on the how can I help question. Found that info.


+rep if I helped. GTX 750 Ti & GTX 550
Github: https://github.com/PurpleNinja225/Hash-Cracking Discord: PurpleNinja225 #6785

Tipz Jar:
BTC 321aVnFwQrhZcHoCoPzp1Vh46rUiQmExzp
ETH 0xF5ab8429F6991f0232Dd4A0eB8318a4e172b1282

Avatar
freeroute
Moderator
Status: Trusted
Joined: Sat, 16 Jul 2016
Posts: 2325
Team:
Reputation: 7872 Reputation
Online
Sun, 19 Aug 2018 @ 13:47:00

For your info - Black Hat USA2018 presentation: https://alex.stanev.org/presentations/en/BlackHatUSA2018_DEFCON26-PHV_wpa-sec_AlexStanev.pdf


If I helped a +rep is appreciated!

: 13hDMK85KhVnPb2eTFBacHD6kDjKYFLudb
XMPP: freeroute@xmpp.jp

Avatar
freeroute
Moderator
Status: Trusted
Joined: Sat, 16 Jul 2016
Posts: 2325
Team:
Reputation: 7872 Reputation
Online
Fri, 31 Aug 2018 @ 00:46:32

PMKID support landed in wpa-sec.
wpa-sec is extract all available PMKIDs and handshakes from captured pcap.


If I helped a +rep is appreciated!

: 13hDMK85KhVnPb2eTFBacHD6kDjKYFLudb
XMPP: freeroute@xmpp.jp

Avatar
crypto>keys

Status: n/a
Joined: Mon, 04 Apr 2016
Posts: 133
Team:
Reputation: 43 Reputation
Offline
Sun, 11 Nov 2018 @ 15:51:26

i use this site it's great tool and free .


99% of bitcoin/crypto wallet cracking requests are posted by dreamers ~

Avatar
freeroute
Moderator
Status: Trusted
Joined: Sat, 16 Jul 2016
Posts: 2325
Team:
Reputation: 7872 Reputation
Online
Wed, 21 Nov 2018 @ 05:03:35


If I helped a +rep is appreciated!

: 13hDMK85KhVnPb2eTFBacHD6kDjKYFLudb
XMPP: freeroute@xmpp.jp


10 Results - Page 1 of 1 -
1

We have a total of 163292 messages in 20499 topics.
We have a total of 19267 registered users.
Our newest registered member is johnbranches.