[Python-apps-commits] r6712 - in packages/pyrit/trunk/debian (pyrit.1)

chrisk-guest at users.alioth.debian.org chrisk-guest at users.alioth.debian.org
Sat Feb 26 18:58:52 UTC 2011 

    Date: Saturday, February 26, 2011 @ 18:58:50
  Author: chrisk-guest
Revision: 6712

Sync man page with wiki documentation from new upstream release.

Modified:
  packages/pyrit/trunk/debian/pyrit.1

Modified: packages/pyrit/trunk/debian/pyrit.1
===================================================================
--- packages/pyrit/trunk/debian/pyrit.1	2011-02-26 18:57:17 UTC (rev 6711)
+++ packages/pyrit/trunk/debian/pyrit.1	2011-02-26 18:58:50 UTC (rev 6712)
@@ -1,4 +1,4 @@
-.TH PYRIT 1 "2010-05-08" "pyrit" PYRIT
+.TH PYRIT 1 "2011-02-26" "pyrit" PYRIT
 .SH NAME
 pyrit \- A GPGPU-driven WPA/WPA2-PSK key cracker
 .SH SYNOPSIS
@@ -40,8 +40,9 @@
 for \fBstdout\fP. Filenames that end in \fB.gz\fP cause \fBpyrit\fP to
 gzip-compress the file on the fly.
 .TP
-.BR \-r " capfile"
-Specifies a packet-capture file in pcap format (possibly gzip-compressed).
+.BR \-r " capture-file"
+Specifies a packet-capture file in pcap format (possibly gzip-compressed) or a
+device (e.g.: 'wlan0') to capture from.
 .TP
 .BR \-u " URL"
 Specifies the URL of the storage-device in the form of
@@ -61,6 +62,16 @@
 can also be specified by the key \fBdefaultstorage\fP in \fBpyrit\fP's
 configuration file (see \fBFILES\fP below).
 .RE
+.TP
+.BR \-\-all-handshakes
+The commands \fBattack_batch\fP, \fBattack_db\fP, \fBattack_cowpatty\fP and
+\fBattack_passthrough\fP automatically use the single handshake of highest quality
+only. In some cases even this handshake may have been wrongfully
+reconstructed from the captured data, rendering the attack futile. In case more
+than one EAPOL-handshake is reconstructed from the capture-file, the option
+\fB--all-handshakes\fP may be used to attack all handshakes reconstructable
+from the captured data. Exact behaviour of the commands affected by this option
+is described below.
 .SH COMMANDS
 .TP
 .B analyze
@@ -75,9 +86,25 @@
 .RE
 .sp
 .RS
-The suffix 'handshake found' is appended to the Station's BSSID if the
-communication between the Access-Point and the Station seems to include a valid
-EAPOL-handshake.
+Pyrit shows a list of Access-Points, associated Stations and
+EAPOL-handshakes that could be identified from the captured data. Handshakes
+are shown ordered by their 'quality':
+.sp
+.RS 12
+\fBGood:\fP
+The handshake includes the challenge from the Access-Point, the
+response from the Station and the confirmation from the Access-Point.
+
+\fBWorkable:\fP
+The handshake includes the response from the Station and the
+confirmation from the Access-Point. The challenge was not captured.
+
+\fBBad:\fP
+The handshake includes the challenge from the Access-Point and the
+response from the Station. The confirmation was not captured.
+
+Handshakes of the same quality are ordered by how close the packets that
+make up the handshake are to each other.
 .RE
 .TP
 .B attack_batch
@@ -96,10 +123,13 @@
 .RE
 .sp
 .RS
-Pairwise Master Keys that have been computed and stored in the database
-previously are taken from there; all other passwords are translated into their
+Pairwise Master Keys that previously have been computed and stored in the database
+are taken from there; all other passwords are translated into their
 respective Pairwise Master Keys and added to the database for later re-use.
 ESSIDs are created automatically in the database if necessary.
+
+Pyrit works down the list of reconstructed EAPOL-handshakes in case the option
+\fB--all-handshakes\fP is supplied.
 .RE
 .TP
 .B attack_cowpatty
@@ -122,6 +152,10 @@
 .sp
 .RS
 Pyrit's own database is not touched by \fBattack_cowpatty\fP.
+
+Pyrit attacks all EAPOL-handshakes at the same time if the option
+\fB--all-handshakes\fP is supplied. This will reduce througput (e.g.: 33% throughout
+in case of three handshakes).
 .RE
 .TP
 .B attack_db
@@ -141,10 +175,13 @@
 .RS
 Only Pairwise Master Keys that have been computed previously and are stored in
 the database are used by \fBattack_db\fP.
+
+Pyrit works down the list of reconstructed EAPOL-handshakes in case the option
+\fB--all-handshakes\fP is supplied.
 .RE
 .TP
 .B attack_passthrough
-Attack an EAPOL-handshake found in the packet-capture file given by the option
+Attack an EAPOL-handshake found in the packet-capture file(s) given by the option
 \fB-r\fP using the passwords read from the file given by the option \fB-i\fP.
 The options \fB-b\fP and \fB-e\fP can be used to specify the Access-Point to
 attack; it is picked automatically if both options are omitted. The password is
@@ -161,11 +198,15 @@
 This command circumvents Pyrit's database and should only be used if
 storage-space is a problem (e.g. on LiveCDs). You should consider using
 \fBattack_batch\fP otherwise.
+
+Pyrit attacks all EAPOL-handshakes at the same time if the option
+\fB--all-handshakes\fP is supplied.
 .RE
 .TP
 .B batch
 .br
-Start to translate all passwords in the database into their respective PMKs and
+Start to translate all passwords in the database into their respective Pairwise
+Master Keys and
 store the results in the database. The option \fB-e\fP may be used to restrict
 this command to a single ESSID; if it is omitted, all ESSIDs are processed one
 after the other in undefined order. For example:
@@ -183,7 +224,7 @@
 database if necessary. Pairwise Master Keys that previously have been computed
 and stored in the database are exported from there without further processing.
 Pyrit stops and exits if an \fBIOError\fP is raised while writing to the
-specified file but signals success on exit. This makes it very convenient to
+specified file. This makes it very convenient to
 pipe results directly to other programs but also keep them for later use. For
 example:
 .RE
@@ -205,9 +246,22 @@
 .fi
 .RE
 .TP
+.B check_db
+Unpack the entire database and check for errors like data corruption or
+reference errors. This function does not check the value of computed results
+(see \fBverify\fP). For example:
+.sp
+.RS 12
+.nf
+pyrit check_db
+.fi
+.RE
+.TP
 .B create_essid
-Add the ESSID given by \fB-e\fP to the database. Re-creating an existing ESSID
-does not result in an error. For example:
+Add new ESSIDs to the database. A single ESSID may be given by the option \fB-e\fP.
+Multiple ESSIDs can be created by supplying a file (one per line) via the
+option \fB-i\fP. Re-creating an existing ESSID does not result in an error. For
+example:
 .sp
 .RS 12
 .nf
@@ -289,7 +343,7 @@
 database. The passwords may contain all characters (including NULL-bytes) apart
 from the terminating newline-character ("\\n"). Passwords that are not suitable
 for being used with WPA-/WPA2-PSK are ignored. This command does \finot\fP check
-if there are duplicating passwords within the file or between the file and the
+if there are duplicate passwords within the file or between the file and the
 database; it should be used with caution to prevent the database from getting
 poisoned with duplicated passwords. This command however can be much faster than
 \fBimport_passwords\fP. For example:
@@ -323,7 +377,8 @@
 .TP
 .B passthrough
 .br
-Read passwords from the file given by \fB-i\fP and compute their PMKs for the
+Read passwords from the file given by \fB-i\fP and compute their Pairwise
+Master Keys for the
 ESSID given by \fB-e\fP. The results are written to the file specified by
 \fB-o\fP in cowpatty's binary format and are not stored in the
 database for later use. This command therefor circumvents the entire database
@@ -449,7 +504,16 @@
 .SH EXIT STATUS
 If \fBcommand\fP succeeds, \fBpyrit\fP's process exit status is set to 0;
 otherwise it is set to 1 and (usually) an error message or a python-traceback is
-written to stderr.
+written to stderr. The following commands also indicate an error condition in certain cases:
+.RS 12
+    \fBanalyze:\fP Not at least one valid EAPOL-handshake could be detected.
+
+    \fBattack_passthrough, attack_batch, attack_db and attack_cowpatty:\fP The password could not be found.
+
+    \fBverify\fP At least one workunit contained invalid results.
+
+    \fBcheck_db\fP Errors in the database were found (and possibly fixed).
+                                                                                                                                                                      
 .SH FILES
 .TP
 .I ~/.pyrit/config

More information about the Python-apps-commits mailing list