Capturing a WPA2 4-way handshake, cracking it, and then using Armitage to exploit a local machine

4,822

Sign in or sign up now!

Uploaded by Backtrack5Tutorials on Dec 1, 2011

This is a demonstration of how a 'passive' attack is preformed on a wireless access point that's encrypted with WPA2/CCMP.

Standard YouTube License

Oh great.. another ms08/67 attack

MrPentester445 2 months ago
@MrPentester445 I know right! haha I wasn't focusing too much on the post exploitation so I used that just as a quick demo.

Backtrack5Tutorials 2 months ago

see all

@DevinJCan Not really. I've been able to figure out that it only affects multi-card computers so I shouldn't really care about what it does anyway., though. :p

ross817 1 week ago
Ya I figured it out. It's because I was connected so ther for it will only search the channel your on.

infowaredm 1 week ago
hey, why dont you use oclhashcat on backtrack 5? any difference in the performance?

starkdeadpool 1 week ago
@ross817 Did you gather an answer?

DevinJCan 1 week ago
@infowaredm trac(dot)aircrack-ng(dot)org/ticket/742

DevinJCan 1 week ago
I see when you do your airodump-ng mon0 you system searches all the channels from 1 to 13 i am wondering how come mine doesn't jump around and look for all different types of channels it only searches channel 1.

infowaredm 2 months ago
Out of curiosity, could someone please explain what the different --cswitch options on airodump-ng do? What's the difference between FIFO, Round Robin, and Hop on Last? Normally, when I see a term like FIFO, I think of stack memory, not a list of channels.

ross817 2 months ago
I had no idea you could use macchanger on mon0. I thought you just had to manually spoof the mac address with the utilities you were using.

Cool to know. :)

ross817 2 months ago