{"id":203,"date":"2015-02-18T16:51:22","date_gmt":"2015-02-18T21:51:22","guid":{"rendered":"http:\/\/dageek247.tk\/wordpress\/?p=203"},"modified":"2021-04-06T03:46:03","modified_gmt":"2021-04-06T03:46:03","slug":"wpa-password-verification-tool","status":"publish","type":"post","link":"https:\/\/dageek247.com\/wordpress\/uncategorized\/wpa-password-verification-tool\/","title":{"rendered":"WPA Password Verification Tool"},"content":{"rendered":"

I was going through my computer projects and realised that I never shared this one on my website. It’s a tool, coded in C++ that checks a text file for WPA\/WPA2 password compatibility. It is most helpful in network security applications \/ pentesting when you have a password list and aren’t sure just how much of the list is actually a legitimate password.<\/p>\n

For example, we have a text file with these contents:<\/p>\n

Good Password
\ngood password<\/p>\n

Good Password 1234567890
\ngood password 1234567890<\/p>\n

GoodPassword
\ngoodpassword<\/p>\n

BadPass
\nbadpass
\nbadpa55<\/p>\n

badpas\u2122
\nBadPas\u2122
\nB3dPas\u2122<\/p>\n

This is a bad password because the character length is way above the maximum limit of 63 characters, and WPA won’t allow such horrible things to exist in the first place anyways.<\/p><\/blockquote>\n

If we run the tool on it, we get these results:<\/p>\n

\"A<\/a><\/p>\n

 <\/p>\n

Finally, here is the source code of the project. It should be able to be compiled with just about any compiler on any operating system.<\/p>\n

#include <iostream>
\n#include <fstream>
\n#include <string><\/p>\n

int help(char *argv[]) {
\nstd::cout << “Usage: ” << argv[0] << ” <PasswordFile> [Options]” << std::endl;
\nstd::cout << ”\u00a0\u00a0Options:” << std::endl;
\nstd::cout << ”\u00a0\u00a0\u00a0\u00a0-wpa\u00a0\u00a0Verify password list using WPA Rules (WPA uses same rules as WPA2)” << std::endl;
\n\/\/std::cout << ”\u00a0\u00a0\u00a0\u00a0-clean\u00a0\u00a0\u00a0\u00a0Automatically delete invalid passwords from file” << std::endl;
\nstd::cout << ”\u00a0\u00a0\u00a0\u00a0-goodlist Print all valid passwords” << std::endl;
\nstd::cout << ”\u00a0\u00a0\u00a0\u00a0-badlist\u00a0\u00a0Print all invalid passwords” << std::endl;
\nstd::cout << ”\u00a0\u00a0Example:” << std::endl;
\nstd::cout << ”\u00a0\u00a0\u00a0\u00a0” << argv[0] << ” passwordlist.txt -wpa -badlist” << std::endl;<\/p>\n

return(1);
\n}<\/p>\n

int does_exist(char *filetouse) {
\n\/\/first check to see if the cfg file exists
\nFILE * pFile;
\nif(pFile = fopen (filetouse,”r”)) {
\n\/\/the file exists
\nreturn(1);
\n} else {
\n\/\/the file doesnt exist
\nreturn(0);
\n}
\n}<\/p>\n

int verify(int argc, char *argv[]) {
\n\/\/variables for later usage
\n\/\/booleans for user options
\nbool wpa = false;
\n\/\/bool clean = false;
\nbool goodlist = false;
\nbool badlist = false;
\n\/\/strings for file reading
\nstd::string password;
\nstd::ifstream infile;
\n\/\/strings for password statistics
\nint numberoflines = 0;
\nint numberoftolong = 0;
\nint numberoftoshort = 0;
\nint numberofbadchar = 0;
\nint numberofgood = 0;
\nint numberofempty = 0;<\/p>\n

const char *filetouse = argv[1];<\/p>\n

\/\/check all the options
\nfor (int i = 0; i < argc; i++) {
\n\/\/options are -wpa -clean -goodlist -badlist
\nstd::string options[4] = {“-wpa”,”-clean”,”-goodlist”,”-badlist”};
\nif(argv[i] == options[0]) {
\nwpa = true;
\n}
\n\/*if(argv[i] == options[1]) {
\nclean = true;
\n}*\/
\nif(argv[i] == options[2]) {
\ngoodlist = true;
\n}
\nif(argv[i] == options[3]) {
\nbadlist = true;
\n}
\n}<\/p>\n

\/\/read the file line by line and check to see if the passwords are right
\ninfile.open(filetouse); \/\/open the user file
\nwhile(getline(infile, password)) { \/\/while not the end of the file
\n\/\/getline(infile,password); \/\/read the current line to std::string password<\/p>\n

\/\/count the lines in the password field
\nnumberoflines += 1;<\/p>\n

\/\/check password
\nif(wpa == true) { \/\/if checking WPA Rules
\nif(password == “”) { \/\/empty line
\n\/\/skip empty lines
\nnumberofempty += 1;
\n} else if(password.size() > 63) {
\n\/\/password is to big to be used
\nif(badlist == true) {
\nstd::cout << password << std::endl;
\n}
\nnumberoftolong += 1;
\n} else if(password.size() < 8) {
\n\/\/password is to small to be used
\nif(badlist == true) {
\nstd::cout << password << std::endl;
\n}
\nnumberoftoshort += 1;
\n} else if (password.find_first_not_of(“!\\”#$%&'()*+,-.\/0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\\\]^_`abcdefghijklmnopqrstuvwxyz{|}~ “) != std::string::npos) {
\n\/\/password contains a bad character
\nif(badlist == true) {
\nstd::cout << password << std::endl;
\n}
\nnumberofbadchar += 1;
\n} else {
\nif(goodlist == true) {
\nstd::cout << password << std::endl;
\n}
\nnumberofgood += 1;
\n}
\n}
\n}
\ninfile.close();<\/p>\n

std::cout << “Checked ” << numberoflines << ” passwords.” << std::endl;
\nstd::cout << ”\u00a0\u00a0” << numberofempty << ” lines contained no text” << std::endl;
\nstd::cout << ”\u00a0\u00a0” << numberoftoshort << ” lines were to short” << std::endl;
\nstd::cout << ”\u00a0\u00a0” << numberoftolong << ” lines were to long” << std::endl;
\nstd::cout << ”\u00a0\u00a0” << numberofbadchar << ” lines contained illegal characters” << std::endl;
\nstd::cout << ”\u00a0\u00a0” << numberofgood << ” lines contained good passwords” << std::endl;<\/p>\n

return(0);
\n}<\/p>\n

int main(int argc, char *argv[]) {
\nif(argc <= 1){ \/\/not enough options so help is shown
\nif(help(argv)) {
\nstd::cout << “Fatal error. Quitting program.” << std::endl;
\nreturn(1);
\n} \/\/else program is working fine
\n} else { \/\/plenty of options, better check to see if they are the right ones
\nif(argv[1] == std::string(“help”)) {\/\/display help
\nif(!help(argv)) {
\nstd::cout << “Fatal error. Quitting program.” << std::endl;
\nreturn(1);
\n} \/\/else program is working fine
\n} else {
\nif(does_exist(argv[1])){
\nverify(argc, argv);
\n} else {
\nstd::cout << “Invalid file” << std::endl;
\n}
\n}
\n}
\n}<\/p><\/blockquote>\n

 <\/p>\n","protected":false},"excerpt":{"rendered":"

I was going through my computer projects and realised that I never shared this one on my website. It’s a tool, coded in C++ that checks a text file for WPA\/WPA2 password compatibility. It is most helpful in network security applications \/ pentesting when you have a password list and aren’t sure just how much […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4,5,7,1,9],"tags":[],"class_list":["post-203","post","type-post","status-publish","format-standard","hentry","category-linux","category-parc","category-tutorial","category-uncategorized","category-windows"],"_links":{"self":[{"href":"https:\/\/dageek247.com\/wordpress\/wp-json\/wp\/v2\/posts\/203","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/dageek247.com\/wordpress\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/dageek247.com\/wordpress\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/dageek247.com\/wordpress\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/dageek247.com\/wordpress\/wp-json\/wp\/v2\/comments?post=203"}],"version-history":[{"count":1,"href":"https:\/\/dageek247.com\/wordpress\/wp-json\/wp\/v2\/posts\/203\/revisions"}],"predecessor-version":[{"id":258,"href":"https:\/\/dageek247.com\/wordpress\/wp-json\/wp\/v2\/posts\/203\/revisions\/258"}],"wp:attachment":[{"href":"https:\/\/dageek247.com\/wordpress\/wp-json\/wp\/v2\/media?parent=203"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/dageek247.com\/wordpress\/wp-json\/wp\/v2\/categories?post=203"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/dageek247.com\/wordpress\/wp-json\/wp\/v2\/tags?post=203"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}