NOTE: Why not use our List Manager to crack your lists? Its easy and enables better management.

NOTE: When cracking WPA/WPA2 passwords, make sure you check gpuhash.me first incase it's already been processed.

Home - WPA Packet Cracking - BtHub3 Handshake


4 Results - Page 1 of 1 -
1
Author Message
Avatar
Blegos

Status: n/a
Joined: Mon, 04 Nov 2013
Posts: 68
Team:
Reputation: 125 Reputation
Offline
Wed, 18 Jun 2014 @ 21:19:58

I don't normally submit requests, but I thought why the heck not. It's a BtHub3 (BTHub3-C64G) and I'll be honest and say that although I've passed this through my wordlists I haven't attempted the 0-9 a-f key that it probably is. If not it's more or less guaranteed to be English. If not it will be Welsh!!!

I've cleaned the cap file via the Script_it.sh script, so hopefully (as long as the handshake was good to start with) all will be good.

I know it's a big ask, but if anyone has the time or inclination to attempt to crack it I'll be forever in their debt. I will, at the very least, contribute a fair contribution to the site..............blandyuk



Attachments: Login to view attachments.
Avatar
Hash-IT

Status: Trusted
Joined: Tue, 02 Aug 2011
Posts: 4598
Team: HashKiller
Reputation: 2982 Reputation
Offline
Wed, 18 Jun 2014 @ 21:50:54

Just to save anyone trying this a lot of time, I believe the characters are 2-9a-f ( no 0 or 1 )


Please read the forum rules. | Please read the paid section rules.

BTC: 1MmWESN5bKZ1YSuHrm5uNwnQYxWyQnEQ6E

Avatar
Blegos

Status: n/a
Joined: Mon, 04 Nov 2013
Posts: 68
Team:
Reputation: 125 Reputation
Offline
Sat, 21 Jun 2014 @ 13:54:08

Hash-IT said:

Just to save anyone trying this a lot of time, I believe the characters are 2-9a-f ( no 0 or 1 )

Thanks Hash-IT, you're quite correct.


Avatar
messenger

Status: n/a
Joined: Wed, 11 Jun 2014
Posts: 7
Team:
Reputation: 20 Reputation
Offline
Sat, 21 Jun 2014 @ 16:52:30

Hi Blegos,

I've been working on the BTHub3 with some success:) The key space is indeed 2-9a-f, I also suspect more often than not the first digit is a letter, so I would suggest starting there.

As posted by Blandyuk :- (quote)
------------------------------------


[2-9][a-f] length 10 = (14 ^ 10) = 289,254,654,976

Best way forward is to split this into chunks:

-1 23456789abcdef

Masks:

2?1?1?1?1?1?1?1?1?1
3?1?1?1?1?1?1?1?1?1
4?1?1?1?1?1?1?1?1?1
...etc...
e?1?1?1?1?1?1?1?1?1
f?1?1?1?1?1?1?1?1?1

-------------------------------------


Known passkeys I've collected so far:-


BTHub3-R2xx:d97e7956c7
BTHub3-X2xx:f864983c23
BTHub3-M6xx:aea6732df7
BTHub3-HNxx:baa8eec35b
BTHub3-35xx:d7a2b6544c
BTHub3-2Cxx:ca7e73ddaa
BTHub3-53xx-b29eedd4ee
BTHub3-HTxx-256ef4ae78
BTHub3-QPxx-b5a29a323b


The command line that's worked for me... (mask for chunk 'b' shown)

mp32.exe -1 23456789abcdef b?1?1?1?1?1?1?1?1?1 | cudaHashcat32.exe -m 2500 "C:\pentest\caps\bthub3xxxx.hccap" -o found_key.txt


I hope this helps... I would love to assist but my rig has been returned to its CCTV duties and my GPUs are back in there boxes for the moment... new tower required!

With your GPU Muscle I would think a chunk would take you ~15 hours



4 Results - Page 1 of 1 -
1

We have a total of 206735 messages in 25465 topics.
We have a total of 22620 registered users.
Our newest registered member is benkej.