PicoCTF - WPA-ing Out
tags: PicoCTF CTF Misc
Challenge: WPA-ing Out
Background
Day 26 Wireless Attacks-無線攻擊(aircrack-ng)
Description & Hint
I thought that my password was super-secret, but it turns out that passwords passed over the AIR can be CRACKED, especially if I used the same wireless network password as one in the `rockyou.txt` credential dump. Use this
pcap fileand therockyouwordlist. The flag should be entered in thepicoCTF{XXXXXX}format.
Hint 1: Finding the IEEE 802.11 wireless protocol used in the wireless traffic packet capture is easier with wireshark, the JAWS of the network.
Hint 2: Aircrack-ng can make a pcap file catch big air…and crack a password.
Exploit - aircrack-ng
$ aircrack-ng wpa-ing_out.pcap -w ./rockyou.txt
Reading packets, please wait...
Opening wpa-ing_out.pcap
Read 23523 packets.
# BSSID ESSID Encryption
1 00:5F:67:4F:6A:1A Gone_Surfing WPA (1 handshake)
Choosing first network as target.
Reading packets, please wait...
Opening wpa-ing_out.pcap
Read 23523 packets.
1 potential targets
Aircrack-ng 1.6
[00:00:00] 1183/10303727 keys tested (22306.13 k/s)
Time left: 7 minutes, 41 seconds 0.01%
KEY FOUND! [ mickeymouse ]
Master Key : 61 64 B9 5E FC 6F 41 70 70 81 F6 40 80 9F AF B1
4A 9E C5 C4 E1 67 B8 AB 58 E3 E8 8E E6 66 EB 11
Transient Key : 26 85 7B AC DD 2C 44 E6 06 18 03 B0 0F F2 75 A2
32 63 F7 35 74 2D 18 10 1C 25 F9 14 BC 41 DA 58
52 48 86 B0 D6 14 89 F6 77 00 67 E0 AD 10 1B 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
EAPOL HMAC : 65 2F 6C 0E 75 F0 49 27 6A AA 6A 06 A7 24 B9 A9
So…The flag is picoCTF{mickeymouse}
Reference
Install tshark Some error you may encounter ubuntu下安装lex,yacc WU1 - WPA-ing Out