cowpatty

Dictionary attack on capture file

$ cowpatty -f [wordlist.txt] -r [capture.cap] -s [SSID]

$ cowpatty -d [hashfile] -r [capture.cap] -s [SSID]

$ genpmk -f [wordlist.txt] -d [hashfile] -s [SSID]

$ cowpatty -r [capture.cap] -s [SSID] -p "[passphrase]"

cowpatty [options]

cowpatty is a WPA/WPA2 PSK auditing tool that performs offline dictionary attacks against captured authentication handshakes. It's used for authorized wireless security testing.
The tool processes four-way handshake captures and tests passphrases against the captured authentication exchange. Precomputed hash tables can dramatically speed up testing for common SSIDs.

-f file

Dictionary file with passphrases.

Precomputed hash table file.

Packet capture file.

Network SSID (required).

Single passphrase to test.

Check for valid handshake only.

Verbose output.

Use frames 1 and 2 or 2 and 3.

Requires valid captured handshake. Only for authorized security testing. SSID-specific hash tables needed for each network. Dictionary attack limited by wordlist quality.

cowpatty was created by Joshua Wright around 2004 for WPA security research. It was one of the first public tools for WPA PSK auditing, demonstrating the importance of strong passphrases. The tool influenced subsequent wireless security tools like aircrack-ng.

aircrack-ng(1), genpmk(1), hashcat(1), wifite(1)