How to Use the Command 'pyrit' for WPA/WPA2 Cracking (with examples)

How to Use the Command 'pyrit' for WPA/WPA2 Cracking (with examples)

Pyrit is a powerful tool designed to exploit the computational power of GPUs and multi-core CPUs to accelerate the process of cracking WPA/WPA2-PSK passwords. Its ability to handle large datasets and efficiently distribute the computing workload makes it an attractive choice for security researchers and network administrators looking to test the robustness of wireless network passwords. The command line interface of Pyrit provides various use cases which facilitate everything from analyzing system efficiency to cracking encrypted passwords.

Use case 1: Display System Cracking Speed

Code:

pyrit benchmark

Motivation: Understanding the cracking speed of your system is essential for making informed decisions regarding computational resource allocation and task prioritization. The benchmark feature in Pyrit provides insights into how quickly tasks will be processed, allowing you to gauge the effectiveness of your current hardware.

Explanation: The benchmark command in Pyrit performs a series of calculations to stress-test and evaluate the speed of your system’s processing units (CPUs, GPUs). It doesn’t require any specific input beyond the command itself, making it a straightforward way to assess system capability.

Example Output:

Pyrit 0.5.1 (C) 2008-2011 Lukas Lueg, 2011- Jürgen Kutscher 
This code is distributed under the GNU General Public License v3+

Running benchmark (375.1 PMKs/s, 1.7 seconds)
Attained maximum speed of 375.1 PMKs/s

Use case 2: List Available Cores

Code:

pyrit list_cores

Motivation: Identifying the available processing units in your system assists in optimizing Pyrit’s performance. By knowing which cores are active and available, users can better manage their computational resources for high-efficiency tasks.

Explanation: The list_cores command scans the system for all available cores on the CPU and any compatible GPUs. It displays the status of each core, listing details such as vendor, device name, and type of core, which helps users understand their processing inventory.

Example Output:

Pyrit 0.5.1 (C) 2008-2011 Lukas Lueg, 2011- Jürgen Kutscher 
This code is distributed under the GNU General Public License v3+

Available cores:
#1:  'CUDA-Device 'GeForce GTX 1070''
#2:  'Multicore CPU'

Use case 3: Set ESSID

Code:

pyrit -e "ESSID" create_essid

Motivation: Setting an ESSID is the preliminary step in configuring Pyrit for specific wireless networks. This prepares Pyrit to work with the relevant protocol settings and password databases associated with a specific network environment.

Explanation: The -e option requires the user to input the desired ESSID in quotation marks. This identifies the wireless network for which Pyrit will generate Pre-Shared Keys (PSK) and initiate cracking tasks, thereby creating a tailored approach to the WPA/WPA2 cracking process.

Example Output:

Pyrit 0.5.1 (C) 2008-2011 Lukas Lueg, 2011- Jürgen Kutscher 
This code is distributed under the GNU General Public License v3+

Created new ESSID "MyNetwork"

Use case 4: Read and Analyze a Specific Packet Capture File

Code:

pyrit -r path/to/file.cap|path/to/file.pcap analyze

Motivation: Analyzing packet capture files is crucial for understanding the structure of traffic within a network. This helps in identifying if sufficient data has been captured to proceed with WEP/WPA key recovery.

Explanation: The -r option specifies the path to a packet capture file (.cap or .pcap) that you want Pyrit to analyze. The analyze subcommand processes this data to assess which access points and clients are present, helping users ensure they’ve captured necessary handshake data for subsequent tasks.

Example Output:

Pyrit 0.5.1 (C) 2008-2011 Lukas Lueg, 2011- Jürgen Kutscher 
This code is distributed under the GNU General Public License v3+

Parsing file 'example.cap' (1/1)...
AccessPoint 01:23:45:67:89:ab ('MyNetwork'):
  #1  11/04 15:32:54  Client 23:45:67:89:ab:cd

Use case 5: Read and Import Passwords to the Current Database

Code:

pyrit -i path/to/file import_unique_passwords

Motivation: Combining a diverse set of passwords significantly increases the effectiveness of cracking attempts. This command allows users to enrich their password database with unique entries from an external file.

Explanation: The -i flag is used to specify the input file from which passwords should be imported. The import_unique_passwords ensures that only non-duplicate passwords are added to Pyrit’s database, maintaining efficiency and resource management.

Example Output:

Pyrit 0.5.1 (C) 2008-2011 Lukas Lueg, 2011- Jürgen Kutscher 
This code is distributed under the GNU General Public License v3+

Importing passwords from 'password-list.txt'...
Imported 150 words.

Use case 6: Export Passwords from Database to a Specific File

Code:

pyrit -o path/to/file export_passwords

Motivation: Exporting passwords from Pyrit’s database allows users to back up their work, share with team members, or use in other tools or environments. This ensures flexibility in managing password lists.

Explanation: The -o option is followed by a file path to save the exported passwords. The export_passwords command outputs all current database passwords into the specified file, often for safekeeping or further analysis.

Example Output:

Pyrit 0.5.1 (C) 2008-2011 Lukas Lueg, 2011- Jürgen Kutscher 
This code is distributed under the GNU General Public License v3+

Export passwords to 'exported-passwords.txt' done.

Use case 7: Translate Passwords with Precomputed Master Keys

Code:

pyrit batch

Motivation: By precomputing master keys, users can dramatically reduce the time required for subsequent password checks, optimizing the process when dealing with large networks or extensive password lists.

Explanation: The batch command iterates over all entries in Pyrit’s database, translating each password into precomputed Master Keys. This operation is computationally intensive but results in faster attack execution during future tasks.

Example Output:

Pyrit 0.5.1 (C) 2008-2011 Lukas Lueg, 2011- Jürgen Kutscher 
This code is distributed under the GNU General Public License v3+

Precomputed 350 Master Keys.

Use case 8: Read the Capture File and Crack the Password

Code:

pyrit -r path/to/file attack_db

Motivation: Actually cracking a captured WPA/WPA2 handshake is the culmination of efforts when using Pyrit, reflecting its primary purpose. This command allows users to attempt to decrypt the password of a network using the precomputed database.

Explanation: The -r flag points to the capture file containing the handshake data. The attack_db subcommand utilizes the database of PSKs and Master Keys to attempt to find the correct password, closing the loop in the cracking process.

Example Output:

Pyrit 0.5.1 (C) 2008-2011 Lukas Lueg, 2011- Jürgen Kutscher 
This code is distributed under the GNU General Public License v3+

Reading capture file 'example.cap'
Using ESSID 'MyNetwork'
Master Key found: 01:23:45:67:89:ab:cd:ef:gh:ij:kl:mn:op:qr:st

Conclusion:

Pyrit is an essential tool for those involved in testing the security of WPA/WPA2 networks. Its capability to leverage substantial computational power makes it exceptionally efficient. From benchmarking your system’s speed to executing a full-fledged password attack, these examples illustrate how Pyrit functions as a comprehensive suite for wireless network security assessment. Understanding each command and its application broadens one’s ability to navigate the challenges of network security confidently and effectively.

Related Posts

How to Use the 'assoc' Command (with Examples)

How to Use the 'assoc' Command (with Examples)

The assoc command is a valuable tool in Windows operating systems for managing file associations.

Read More
How to use the command 'pamfunc' (with examples)

How to use the command 'pamfunc' (with examples)

The pamfunc command is a powerful tool within the Netpbm suite designed to apply arithmetic or bit string functions to PAM (Portable Arbitrary Map) images.

Read More
How to Use the Command 'pamoil' (with Examples)

How to Use the Command 'pamoil' (with Examples)

The ‘pamoil’ command is a part of the Netpbm suite, a vast collection of pixel manipulation utilities.

Read More