1
00:00:00,330 --> 00:00:07,980
Hi and welcome in this video, I will show you how you can speed up the WPA cracking process using Coalbed,

2
00:00:07,980 --> 00:00:14,130
the engine RPM key capacity supports using a pre computed hash file.

3
00:00:14,580 --> 00:00:21,240
We computed hash files are used to accelerate the cracking process by eliminating the transformation

4
00:00:21,240 --> 00:00:23,790
of a password into an encryption key.

5
00:00:24,600 --> 00:00:28,500
So I was used to my calling machine and type call Pad D.

6
00:00:29,040 --> 00:00:31,470
And here you can see different options.

7
00:00:32,580 --> 00:00:38,460
First of all, make sure you have a capture file with the four way handshake and the word list to start

8
00:00:38,460 --> 00:00:39,900
the cracking process.

9
00:00:40,860 --> 00:00:47,190
So I will first show you how you can do the attack with a dictionary file the same way I did with air

10
00:00:47,190 --> 00:00:47,820
crack.

11
00:00:48,480 --> 00:00:57,720
So go ahead and type Colbert the Dash F and your dictionary file and Dash R for the packet capture file.

12
00:00:57,960 --> 00:01:00,630
And then Dash is for the SS ID.

13
00:01:01,860 --> 00:01:06,870
As you can see, Colbert is generating a hash of every word from my word list.

14
00:01:07,350 --> 00:01:11,640
When the hashes match, it displays the password of the access point.

15
00:01:12,390 --> 00:01:20,700
This process is very CPU intensive and slow, so I'm going to skip ahead here and you can see it takes

16
00:01:20,700 --> 00:01:23,580
almost five minutes to crack the password.

17
00:01:24,480 --> 00:01:31,980
But the way that will speed this up is to create your own hashes by using a tool called JPMC.

18
00:01:32,580 --> 00:01:38,610
This tool is very useful when you don't have any client connected to the access point, but you want

19
00:01:38,610 --> 00:01:42,930
to start generating the hashes for the S side you are targeting.

20
00:01:43,980 --> 00:01:54,390
Now go ahead and type JPMC Dash F and your dictionary fire and Dash D for output file, which is going

21
00:01:54,390 --> 00:01:55,410
to be hash.

22
00:01:55,740 --> 00:02:02,130
And then Dash is for the S ID, which I want to create the pre generated hashes.

23
00:02:02,580 --> 00:02:06,480
Now it's creating pre generated hashes for the network.

24
00:02:06,870 --> 00:02:13,830
So again, I will skip ahead and now whenever I want to attack the network, I will use the hash file,

25
00:02:14,130 --> 00:02:15,990
which is this one right here.

26
00:02:16,860 --> 00:02:24,960
So go ahead and type Colbert Dash DX for the hash file and Dash R for the packet capture.

27
00:02:25,200 --> 00:02:28,080
And then Dash is for the SS ID.

28
00:02:29,040 --> 00:02:33,480
And as you can see, it took less than a second to crack the same password.

29
00:02:34,230 --> 00:02:35,670
So that's it for now.

30
00:02:36,090 --> 00:02:39,060
Thanks for watching, and I'll see you next time.