Results 1 to 8 of 8

Thread: PSKracker - An All-In-One WPA/WPS Toolkit

  1. #1
    Join Date
    2013-Jul
    Location
    United States
    Posts
    520

    PSKracker - An All-In-One WPA/WPS Toolkit

    Hi all

    I haven't posted here in a while, but I figured I'd try to get some more public exposure. I'm working on a new project called PSKracker, which is a toolkit written in C for generating default WPA/WPS keys for various wireless devices.

    The launch already supports two cutting edge vulnerabilities with anticipation to add more as they come. For speed and efficiency, everything is written in C.

    This project includes or will include:

    • Default WPA key generators
    • Default WPS pin generators
    • Dictionaries used for various manufacturers
    • A list containing keyspaces for various models as well as reduced charsets and Hashcat masks (piping to Hashcat is supported)
    • More and more


    This project is still in beta and is very incomplete, but other developers and I are working hard. Community feedback is always welcome, as well as creating pull requests for bug fixes, new algorithms, etc. Because of the size of the repository and the intended use of the code, embedded systems are not supported. This toolkit is for testing and securing your own networks, or networks you have permission to test.

    You can check it out on GitHub: https://github.com/soxrok2212/PSKracker
    Last edited by soxrok2212; 2017-10-06 at 19:07. Reason: add link

  2. #2
    This is great, and you guys did a wonderful job reversing the XHS key generator. But has the issue been patched -- and does getting the Cable Modem MAC still work?

  3. #3
    I am still looking into a way to reliably retrieve the CM mac, but we have a few other tasks that we are working on.
    And as of this post, the CM XHS-XXXXXX/PSK still remains the same.
    Last edited by aanarchyy; 2017-10-19 at 03:23.
    Skype: aanarchyy01

  4. #4
    I'm still not able to get the CM mac. I've looked for it in the following places, but nothing usable is there.
    1. DHCP ACK while connected to the hotspot.
    2. IPV6 multicast packet

    And these are devices for which I already have the hidden SSID (XHS-XXXXXX) and 18-char passphrase.

  5. #5
    If two of the three variables are known, creating something to perhaps brute force the third should be trivial.

  6. #6
    Which variables are you referring to? I'm using wireshark to inspect the packets.

  7. #7
    Join Date
    2013-Jul
    Location
    United States
    Posts
    520
    Quote Originally Posted by scorpius View Post
    Which variables are you referring to? I'm using wireshark to inspect the packets.
    I would assume aanarchyy meant the CM MAC, SSID, and PSK...?

  8. #8
    That still doesn't answer the question of how to retrieve the CM mac.

Similar Threads

  1. Replies: 3
    Last Post: 2013-12-03, 15:29

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •