Cracking WPA / WPA2 handshakes using GPU on Windows

Hashcat is world's fastest password cracker, it is multi-OS (Linux, Windows and OSX), so if you have some nasty problems with proprietary drivers for GPU on Linux or just feel more comfortable inside Windows you can crack Wi-Fi password on it!

You need drivers for your video card (usually it is already done), also you need Hashcat (of course) and Aircrack-ng suite.

Download the freshest version hashcat and Aircrack-ng (use only official web-sites):

To crack Wi-Fi, you should already have WPA / WPA2 handshake.

Now unpack downloaded archives to any folder – both programs are portable.

It is necessary to convert our handshake to Hashcat format. We will use wpaclean.

Open Windows command line (Win+X and select “Command Prompt”)

For instance, I unpacked programs to C:\Users\Alex\Downloads\, I need to reach wpaclean.exe file, located in aircrack-ng-1.2-rc4-win\bin\64bit\, so I can type in Command Prompt:

cd C:\Users\Alex\Downloads\aircrack-ng-1.2-rc4-win\bin\64bit\

or drag-and-drop the execution file (wpaclean.exe) into Command Prompt.

Wpaclean Usage:

wpaclean.exe <out.cap> <in.cap>

Note: the output file has the first position!

For the output file I select name cleaned.cap, and I drag-and-drop the file with handshake into Command Prompt, so I composed my command:

C:\Users\Alex\Downloads\aircrack-ng-1.2-rc4-win\bin\64bit\wpaclean.exe cleaned.cap d:\Share\autopwner-03.cap

As you can see, I have two handshakes in capture file:

Your output file is located in folder pointed to by Command Prompt. For me it is C:\Users\Alex\.

Now with aircrack-ng we need to convert our new cleaned file in hashcat format with aircrack-ng.

Aircrack-ng Usage:

aircrack-ng-sse2.exe <out.cap> -J <out.hccap>

It is used a capital letter -J.

My command:

aircrack-ng-sse2.exe cleaned.cap -J cleaned

If you have more than 1 handshake in your capture file, select one of them:

I unpacked hashcat to C:\Users\Alex\Downloads\hashcat-3.30\ folder. So I copy my new file cleaned.hccap to this folder and type:

cd C:\Users\Alex\Downloads\hashcat-3.30\

Also I copied my dictionary to the same folder.

On Windows we can use hashcat32.exe or hashcat64.exe binary, according to your system.

My command:

hashcat64.exe -m 2500 cleaned.hccap newrockyou.txt

Where:

  • hashcat64.exe – is binary
  • -m 2500 – the number of the WPA / WPA2 hash (you can check it here)
  • cleaned.hccap – the cleaned and converted file with hash for cracking
  • newrockyou.txt – dictionary file

To learn more about hashcat options, continue reading hashcat help.

Recommended for you:

Leave a Reply

Your email address will not be published.