kali工具箱

coWPAtty Package Description

Implementation of an offline dictionary attack against WPA/WPA2 networks using PSK-based authentication (e.g. WPA-Personal). Many enterprise networks deploy PSK-based authentication mechanisms for WPA/WPA2 since it is much easier than establishing the necessary RADIUS, supplicant and certificate authority architecture needed for WPA-Enterprise authentication. Cowpatty can implement an accelerated attack if a precomputed PMK file is available for the SSID that is being assessed.

Source: http://www.willhackforsushi.com/?page_id=50br />
coWPAtty Homepage | Kali coWPAtty Repo

Author: Joshua Wright
License: GPLv2

Tools included in the cowpatty package

cowpatty – WPA-PSK dictionary attack

[email protected]:~# cowpatty -h

cowpatty 4.6 - WPA-PSK dictionary attack. <[email protected]>



Usage: cowpatty [options]



    -f  Dictionary file

    -d  Hash file (genpmk)

    -r  Packet capture file

    -s  Network SSID (enclose in quotes if SSID includes spaces)

    -c  Check for valid 4-way frames, does not crack

    -h  Print this help information and exit

    -v  Print verbose information (more -v for more verbosity)

    -V  Print program version and exit

genpmk – WPA-PSK precomputation attack

[email protected]:~# genpmk -h

genpmk 1.1 - WPA-PSK precomputation attack. <[email protected]>

Usage: genpmk [options]



    -f  Dictionary file

    -d  Output hash file

    -s  Network SSID

    -h  Print this help information and exit

    -v  Print verbose information (more -v for more verbosity)

    -V  Print program version and exit



After precomputing the hash file, run cowpatty with the -d argument.

genpmk Usage Example

Use the provided dictionary file (-f /usr/share/wordlists/nmap.lst) to generate a hashfile, saving it to a file (-d cowpatty_dict) for the given ESSID (-s securenet):

[email protected]:~# genpmk -f /usr/share/wordlists/nmap.lst -d cowpatty_dict -s securenet

genpmk 1.1 - WPA-PSK precomputation attack. <[email protected]>

File cowpatty_dict does not exist, creating.

key no. 1000: pinkgirl



1641 passphrases tested in 4.09 seconds:  401.35 passphrases/second

cowpatty Usage Example

Use the provided hashfile (-d cowpatty_dict), read the packet capture (-r Kismet-20140515-16-21-37-1.pcapdump), and crack the password for the given ESSID (-s 6F36E6):

[email protected]:~# cowpatty -d cowpatty_dict -r Kismet-20140515-16-21-37-1.pcapdump -s 6F36E6

cowpatty 4.6 - WPA-PSK dictionary attack. <[email protected]>