Extreme Hacking
Advanced Ethical Hacking Institute in Pune

This tutorial shows you how to crack the WPA/WPA2 wireless network key using oclHashcat on Windows with the power of GPU’s. My older Radeon 7670M video card does an average of 20kh (20.000 attempts) per second where a AMD HD7970 videocard can do 142kh (142.000 attempts) per second and 8 x NVidea Titan X cards can do 2233 kh per second. This makes brute forcing routers with easy default passwords like TP-LINK (default WPS PIN) or the standard UPC broadband routers (8 capital letters) a piece of cake. In the first part of the tutorial we created 26 different wordlists which allows us to distribute the wordlist over multiple PC’s with multiple GPU’s. Off course you can and you will question the cost effectiveness of this setup with it gives us a good understanding of what is a strong password and what isn’t in terms of crackability with GPU’s.


oclHashcat downloads

First we need to install AMD Catalyst 14.9 (and exactly this version, otherwise oclHashcat won’t work) and download oclHashcat. Windows and Linux versions should work on both 32 and 64 bit.

oclHashcat 1.35 Windows download: http://hashcat.net/wiki/doku.php?id=oclhashcat
AMD Catalyst 14.9: http://www.techpowerup.com/downloads/2405/amd-catalyst-14-9-software-suite-vista-7-8-64-bit/mirrors (or use AMD website)

Cracking WPA with oclHashcat

Store the wordlist text file and the .hccap file in the oclHashcat folder and right click the oclHashcat folder and select “Open Command Prompt Here”.


Use the following command to start oclHashcat:

oclHashcat64 -m 2500 -w 3 –gpu-temp-retain=60 –status -o cracked.txt upc.hccap alist.txt

-m 2500 = WPA/WPA2
-w 3 = Workload profile high latency
-o = Output file path for result file

Note: –gpu-temp-retain is AMD only.

When oclHashcat is done take a look at the cracked.txt file which is stored in the oclHashcat folder.


Lesson learned

Now fast GPU’s are available for decent prices and become the standard in consumer laptops and desktops, the average home user has the power to crack passwords which are considered strong and safe by many end users. A password containing 8 numbers can be cracked with great ease within a very reasonable time frame (couple hours with 20kh/sec). When you’re the proud owner of a TP Link router than change the default password as soon as possible. Consider a password of at least 10 characters containing lower- and uppercase letters, digits and special signs.

CEHv8 CHFIv8 ECSAv8 CAST ENSA CCNA CCNA SECURITY MCITP RHCE CHECKPOINT ASA FIREWALL VMWARE CLOUD ANDROID IPHONE NETWORKING HARDWARE TRAINING INSTITUTE IN PUNE,Certified Ethical Hacking, Center For Advanced Security Training in India,IT Security Training Information Security Traning Courses in Pune, ceh certification in pune, Ethical Hacking Course in Pune