WLAN Security Megaprimer Part 22: WPA-PSK Cracking
In this video, we will look at how to crack WPA-PSK using a Dictionary attack. An attacker can quietly observe the 4 way handshake and saves these packets. He now has access to the SNonce, ANonce, Supplicant MAC, and Authenticator MAC. Along with this he also has access to the MIC which was signed using the PTK.
The only unknown is the passphrase which can be anywhere between 8-63 characters. This is where the Dictionary attack comes in! We will use a wordlist with which we will try and guess the passphrase. This will be done by calculating the PMK with the guessed passphrase, then calculating the PTK with the help of the other data from the handshake and then finally verifying the MIC in the handshake. If it matches, we have a winner! else, we try the next phrase.
Have any Questions? or would like to add a point?
Visit the video page on SecurityTube to post your questions and comments : http://www.securitytube.net/video/1908