… and this time it stays.

Another major feature of upcoming version 0.2.5 made it’s way to svn for testing: Pyrit’s storage code was abstracted and refactored which makes it possible to use relational databases like postgresql or mysql as storage devices for Pyrit. The actual database code is fully transparent and there is no visible difference for the client.

The benefit: Create a central mysql/pgsql/mssql/oracle/firebird/sqlite-server somewhere on your network and let multiple Pyrit-clients access and work on the central server for good; enjoy the blessings of ACID, partitioning, automatic backup, replication and fine-grained user authentication.

Here is a rough guideline on creating a postgresql-server for Pyrit.:

* Install and start the postgresql-server.
* Install sqlalchemy and psycopg2
* Switch to user postgres (‘su – postgres‘) and start the interactive shell  (‘psql template1‘)
* Create a new user (‘create user pyrit;‘) and a new database (‘create database pyrit owner pyrit;‘). You do not need to create any tables, Pyrit will do that for you.
* Edit /var/lib/pgsql/data/pg_hba.conf (may be a different path for you) and add the lines “host  pyrit  pyrit  127.0.0.1/32  trust” and “host  pyrit  pyrit  192.168.0.1/24  trust” to the top of the file; this allows password-less access to the pyrit database on the local network. Restart the postgresql-server. See postgresql’s documentation for more information about authentication.
* Use the new option ‘-u‘ to tell Pyrit that it should use a server (instead of the default filesystem-driven storage). This option takes a URL which includes protocol, host, user, password and database to use. The special protocol ‘file://‘ refers to the filesystem, all other URLs are passed directly to sqlalchemy. You may want to see the documentation for details about the syntax.
* Run ‘pyrit -u postgres://pyrit:@127.0.0.1/pyrit -e test create_essid‘ to test the connection and create a new ESSID ‘test‘ in the database. All other of Pyrit’s functions also work as usual.

I’ve tried sqlite- (‘-u sqlite:///mydb.db‘), postgresql- and mysql-databases; all other rdms should work as well as long as they are supported by sqlalchemy. You should expect some rough behaviour (read: crashes with tracebacks) in case you do something which Pyrit does not expect to magically happen – deleting a ESSID from the database while a client is processing it falls under that definition.

I’ve just updated the Wiki with new entries about two of the visible changes in upcoming version 0.2.5 which are already in svn.

The new command attack_cowpatty takes PMKs from a file in cowpatty-format to attack a handshake found in a capture-file. The cowpatty-database may have been generated by genpmk or (more likely :-)) by export_cowpatty; the file can be gzip-compressed. This new command allows you to use cowpatty-databases as a more easily movable and/or manageable storage device than Pyrit’s own database. After computation has completed, you may export your PMKs to a cowpatty-file (export_cowpatty), put that single file on DVD and use it later on with attack_cowpatty…

The other new command is stripLive. As the name suggests, it works very similar to strip but is targeted more towards live capture sources. Kismet for example can create a fifo (a pseudo-file) that can be read by Pyrit. The packets captured from the air through Kismet are then fed directly into Pyrit which filters the relevant packets and immediately writes them to a new dump file. This turns Pyrit into a decent packet-sinkhole that only writes those few packets to disk that are really interesting.

Please see the manual for examples.

I finally got ATI’s drivers working on my 64bit-fedora11. All you currently got to do in order to have a working ATI-environment:

* Follow these steps to get the driver working.
* Don’t forget to rebuild your initrd if you are on Fedora11. Otherwise your screen freezes when X starts.
* Add ‘Option “SWCursor” “true”‘ to your xorg.conf. Otherwise your screen freezes after a few seconds.
* Fix brtvector.hpp like this.
* Fix brtarray.hpp by adding “#include <cstdio>” to the beginning of the file
* Symlink libbrook.so and libbrook_cal.so

You’re done. Ain’t that some quality software ?

Nvidia has released a final, public version of it’s OpenCL implementation. See here.

Happy birthday, Pyrit!

Exactly one year ago the first bits and parts were committed to svn.

Cowpatty’s genpmk – with extensive hardware support added – in 2 lines of code:

from cpyrit import util
map(util.CowpattyWriter(essid=’linksys’, f=’linksys.cow’).write, util.PassthroughIterator(essid=’linksys’, iterable=open(‘dict’)))

A GPGPU-driven WPA/WPA2-cracker in 7 lines of code:

from cpyrit import util, pckttools
with pckttools.EAPOLCracker(pckttools.PacketParser(‘wpa2psk-linksys.dump’)['00:0b:86:c2:a4:85']['00:13:ce:55:98:ef'].auths[0]) as cracker:
>>>>for pmks in util.PassthroughIterator(‘linksys’, open(‘dict’)):
>>>>>>>>cracker.enqueue(pmks)
>>>>>>>>if cracker.solution is not None:
>>>>>>>>>>>>break
print “The password is ‘%s’” % cracker.solution

Isn’t Python great?

Pyrit 0.2.4 was just tagged and is now the currently stable version. Enjoy.

The most important new feature is the ability parse packet-capture files and attack EAPOL-authentications on it’s own. See the recent posts or the documentation for more details. Pyrit can also use SSE2 on MacOS and SELinux-enabled machines now.

You can get the new version right here.

Pyrit 0.2.4-dev (r166) can now deal with multiple packet-capture files. Added with the on-the-fly handling of gzip-compressed files, this makes it particular easy to combine many pcap-dumps to one small file that holds all the essential information.

pyrit -r “*.pcap” -f summary.pcap.gz strip
Pyrit 0.2.4-dev (svn r166) (C) 2008, 2009 Lukas Lueg http://pyrit.googlecode.com
This code is distributed under the GNU General Public License v3
…
39707 packets (33997 802.11-packets), 7 APs
…
New pcap-file written (18 out of 39707 packets)

The new file “summary.pcap.gz” in this example is just 1.8kb – down from 8 files of 11mb total size.

Note that you must use quotation marks if you use wildcards on the command-line.

I’ve updated Pyrit’s documentation with some lines about the new features in 0.2.4 (including the new strip-command).

There is also some (basic) information in case you would like to port Pyrit to a new hardware-platform. Pyrit on FPGA anyone?