Cowpatty: Wifi cracking full tutorial | Updated 2024

Introduction

In this post, you will learn what is cowpatty and also by end of the post you will learn how to work with the tool.

What is cowpatty

Cowpatty is an offline dictionary attack against WPA/WPA2 networks using PSK-based authentication (e.g. WPA-Personal). 

Cowpattys can implement an accelerated attack if a precomputed PMK file is available for the SSID that is being assessed.

Advertisement

How to use the cowpatty

Just follow the below steps and have any doubt comment down below.

Previously the cowpatty was in this directory /pentest/wireless but now thecowpatty is in this location /usr/bin/cowpatty

You can download the cowpatty by just entering apt-get install cowpatty

If you just enter cowpatty you can see the help options and the usage.

cowpatty

There are three things the cowpatty needs they are

  1. a word list
  2. a file where the password hash has been captured
  3. the SSID of the target AP

Step1, Turn on airmon-ng

Just as in cracking with aircrack-ng, we need to put the wireless adapter into monitor mode.

airmon-ng start wlan0

cowpatty

Step2, Capture packet

Next, we need to start a capture file where the hashed password will be stored when we capture the 4-way handshake.

Advertisement

airodump-ng –bssid 00:25:9C:97:4F:48 -c 9 -w cowpatty mon0

cowpatty

Step3, Capture the Handshake

Now when someone connects to the AP, we’ll capture the hash and airdump-ng will show us it has been captured in the upper right-hand corner. 

Step4, Run cowpatty

Now that we have the hash of the password, we can use it with cowpatty and our wordlist to crack the hash.

cowpatty -f /usr/share/wordlists/darkc0de.lst -r /root/cowcrack-01.cap -s M

Step5, Creating our own hash

To create our own hash, We need to generate our own hashes for our target SSID.

We can do this by using an application called genpmk.

genpmk -f /usr/share/wordlists/darkc0de.lst -d hashes -s Mandela2

Step6, Using own hash to crack password cowpatty

we can then crack the password with cowpatty by typing:

cowpatty -d hashfile -r dumpfile -s ssid

Conclusion

Some alternatives for the cowpatty tool is aircrack-ng and fern. But anyways still the cowpatty depends on other tools to generate hash.

I prefer Aircrack-ng instead of cowpatty.

Advertisement


Also Read: Password cracking using aircrack-ng