psk-crack

psk-crack

-h
    Displays help information and exits.

-w
    Specifies the wordlist file to use for password cracking.

-p
    Specifies the PMKID value to use for cracking. Bypasses handshake requirement.

-d
    Specifies directory where the wordlists are.

-e
    Specifies encoding to apply to the wordlist for mutation.

-o
    Save cracked keys to .

-s
    Specifies the SSID to filter against.

--cpu
    Use CPU even if CUDA/OpenCL is available.

psk-crack is a command-line tool designed to recover WPA/WPA2 Pre-Shared Keys (PSK) from captured 802.11 wireless network traffic. It analyzes a packet capture file (usually in .cap or .pcap format) containing the 4-way handshake between a client and access point.

The tool attempts to crack the PSK by comparing the Pairwise Master Key Name (PMKID) or the handshake information against a wordlist. It is crucial to have a suitable wordlist tailored to the likely password complexity and vocabulary of the target network. psk-crack offers different attack modes to try different variations and encodings against the password. If successful, the tool reveals the WPA/WPA2 passphrase, enabling decryption of the captured wireless traffic and potential access to the network. This command can utilize multiple CPU cores and also supports CUDA or OpenCL acceleration to speed up the cracking process if the relevant hardware and drivers are available. The more computational power at your disposal, the quicker the process can become. Ethical considerations are paramount: psk-crack should only be used on networks you own or have explicit permission to test.

Cracking speed highly depends on the strength of the password and the wordlist used. Handshake or PMKID needs to be present in the capture file for the command to work properly. GPU acceleration dramatically speeds up cracking but depends on having appropriate hardware and drivers installed.

psk-crack offers various attack modes, including dictionary attacks, brute-force attacks, and rule-based attacks, allowing users to tailor their approach based on the target network's password policies and characteristics. Experimentation with different attack modes and wordlists is often necessary to achieve successful passphrase recovery.

aircrack-ng(1), tshark(1), tcpdump(1)