Pyrit allows to create massive databases, pre-computing part of the IEEE 802.11 WPA/WPA2-PSK authentication phase in a space-time-tradeoff. Exploiting the computational power of Many-Core- and other platforms through ATI-Stream, Nvidia CUDA and OpenCL, it is currently by far the most powerful attack against one of the world’s most used security-protocols.
pyrit [options] command
Recognized options: -b : Filters AccessPoint by BSSID -e : Filters AccessPoint by ESSID -h : Print help for a certain command -i : Filename for input ('-' is stdin) -o : Filename for output ('-' is stdout) -r : Packet capture source in pcap-format -u : URL of the storage-system to use --all-handshakes : Use all handshakes instead of the best one Recognized commands: analyze : Analyze a packet-capture file attack_batch : Attack a handshake with PMKs/passwords from the db attack_cowpatty : Attack a handshake with PMKs from a cowpatty-file attack_db : Attack a handshake with PMKs from the db attack_passthrough : Attack a handshake with passwords from a file batch : Batchprocess the database benchmark : Determine performance of available cores benchmark_long : Longer and more accurate version of benchmark (~10 minutes) check_db : Check the database for errors create_essid : Create a new ESSID delete_essid : Delete a ESSID from the database eval : Count the available passwords and matching results export_cowpatty : Export results to a new cowpatty file export_hashdb : Export results to an airolib database export_passwords : Export passwords to a file help : Print general help import_passwords : Import passwords from a file-like source import_unique_passwords : Import unique passwords from a file-like source list_cores : List available cores list_essids : List all ESSIDs but don't count matching results passthrough : Compute PMKs and write results to a file relay : Relay a storage-url via RPC selftest : Test hardware to ensure it computes correct results serve : Serve local hardware to other Pyrit clients strip : Strip packet-capture files to the relevant packets stripLive : Capture relevant packets from a live capture-source verify : Verify 10% of the results by recomputation
cyborg@cyborg:~$ sudo pyrit -r packetscap-02.cap -i dict.txt attack_passthrough Pyrit 0.4.0 (C) 2008-2011 Lukas Lueg http://pyrit.googlecode.com This code is distributed under the GNU General Public License v3+ Parsing file 'packetscap-02.cap' (1/1)... Parsed 8 packets (8 802.11-packets), got 1 AP(s) Picked AccessPoint 10:fe:ed:b7:a5:42 ('tempztrela') automatically. Tried 1029 PMKs so far; 120 PMKs per second. The password is 'trendztrela'.