WPA-ing Out picoGym Exclusive Solution

Published: March 5, 2024

Description

Capture a WPA handshake from the supplied pcap and crack the network key using rockyou.txt. The discovered passphrase becomes the picoCTF flag.

Wireless forensicsDownload wpa-ing_out.pcap

Fetch the capture file and ensure you have the rockyou.txt wordlist installed (commonly at /usr/share/wordlists/rockyou.txt).

Use aircrack-ng to test each candidate password against the handshake contained in the pcap.

bash
wget https://artifacts.picoctf.net/c/41/wpa-ing_out.pcap
bash
aircrack-ng -w /usr/share/wordlists/rockyou.txt wpa-ing_out.pcap

Solution

Want to try it yourself first?

The guided walkthrough reveals hints one step at a time.

Walk me through it
  1. Step 1
    Run aircrack-ng
    Observation
    I noticed the challenge supplied a .pcap capture file and described extracting the WPA network key, which indicated a captured 4-way handshake was present and that aircrack-ng, the standard tool for offline WPA dictionary attacks against pcap files, was the direct solution path.
    The tool automatically identifies the captured handshake frames and begins testing rockyou passwords until one matches. Copy the recovered key.
    What didn't work first

    Tried: Using hashcat with the pcap file directly instead of aircrack-ng.

    hashcat does not read .pcap files natively. It requires a pre-converted hash in hccapx or 22000 format, which means first running hcxpcapngtool or cap2hccapx to extract the handshake. Feeding the raw pcap to hashcat produces an 'no hashes loaded' error. aircrack-ng accepts the pcap directly and handles handshake extraction internally.

    Tried: Running aircrack-ng without the -w flag to let it auto-detect the password.

    aircrack-ng without a wordlist enters a pure brute-force mode that requires specifying a character set and key length with additional flags (-c, -t, etc.), and even then it is impractically slow against WPA2 due to PBKDF2 cost. The tool will report 'Please specify a dictionary' and exit. The -w flag pointing at rockyou.txt is required for a dictionary attack.

    Learn more

    WPA2 (Wi-Fi Protected Access 2) uses the 4-way handshake to establish a session key between a client and an access point. During this handshake, both parties exchange nonces (random values) and prove knowledge of the PSK (Pre-Shared Key) - the Wi-Fi password - by computing a MIC (Message Integrity Code) using PBKDF2-SHA1. Crucially, the handshake can be captured passively by anyone within radio range.

    aircrack-ng is the premier open-source wireless auditing suite. Its core cracking function works by taking a candidate password, computing the same PBKDF2 derivation the access point uses, and checking whether the resulting MIC matches what's in the captured handshake. If it matches, the password is correct. This is an offline attack - once the handshake is captured, cracking proceeds without further interaction with the network.

    PBKDF2(Password-Based Key Derivation Function 2) is deliberately slow, iterating SHA1 4096 times to derive the PMK (Pairwise Master Key) from the password. This makes cracking expensive: a modern GPU can try roughly 500,000 WPA2 passwords per second, compared to billions per second for simple MD5. With rockyou.txt's ~14 million entries, an exhaustive search takes about 30 seconds on a GPU - but against a truly random 12-character password, a dictionary attack is hopeless.

  2. Step 2
    Wrap as picoCTF flag
    Observation
    I noticed the challenge prompt states 'the discovered passphrase becomes the picoCTF flag,' which indicated the raw cracked password from aircrack-ng needed to be wrapped in picoCTF{...} before submission.
    Place the cracked password inside picoCTF{...} to form the final answer as instructed in the prompt.
    Learn more

    rockyou.txt is the most famous password wordlist in the security community. It was leaked in 2009 from the RockYou social gaming site, which stored ~32 million user passwords in plaintext. The list covers the most commonly chosen passwords across millions of real users, making it highly effective against human-chosen passwords. It ships by default with Kali Linux at /usr/share/wordlists/rockyou.txt.gz (decompress with gunzip before use).

    Wireless security recommendations: The successful crack here demonstrates why WPA2-PSK with a short or common password is dangerous. Best practices include:

    • Use a passphrase of at least 20 random characters to make dictionary and brute-force attacks infeasible
    • Prefer WPA3, which uses Simultaneous Authentication of Equals (SAE) instead of PSK - resistant to offline dictionary attacks even with a captured handshake
    • For enterprise environments, use WPA2/3-Enterprise with RADIUS authentication and per-user credentials rather than a shared PSK
    • Regularly rotate the PSK, especially after staff changes

    Legal note: Capturing Wi-Fi traffic and cracking handshakes is only legal on networks you own or have explicit permission to test. Unauthorized interception of wireless communications is illegal in most jurisdictions under computer fraud and wiretapping laws.

Interactive tools
  • Hash IdentifierIdentify unknown hash types by length and prefix. Covers MD5, SHA-1, SHA-256, SHA-512, bcrypt, NTLM, and more.
  • Checksum CalculatorCompute CRC32, SHA-1, SHA-256, SHA-384, and SHA-512 hashes for text or uploaded files. Verify against known hashes.

Flag

Reveal flag

picoCTF{mick...}

Aircrack-ng prints the recovered PSK explicitly; use that exact text between picoCTF{...}.

Key takeaway

WPA2-PSK authentication proves knowledge of the pre-shared key through a 4-way handshake that is fully visible on the air, making it an offline dictionary attack target the moment an adversary captures the exchange. PBKDF2 slows each guess to roughly 500,000 attempts per second on a GPU, so a weak or common passphrase from a list like rockyou.txt falls in seconds while a 20-character random passphrase remains infeasible. WPA3 replaces PSK with the Simultaneous Authentication of Equals protocol, which provides forward secrecy and closes the offline-crack window even when a handshake is captured.

Related reading

Want more picoGym Exclusive writeups?

Useful tools for Forensics

What to try next