Dictionary Attack

A WiFi 4-way handshake dictionary attack is a method used by attackers to crack the pre-shared key (PSK) of a Wi-Fi network secured with WPA or WPA2 encryption. The 4-way handshake is a cryptographic process that occurs when a client device attempts to join a protected Wi-Fi network. Here's how the attack works:

1. Capture the Handshake: The attacker captures the 4-way handshake messages exchanged between a client device (such as a laptop or smartphone) and the access point (AP) when the client attempts to connect to the Wi-Fi network. These handshake messages contain cryptographic information necessary for establishing a secure connection.

2. Generate a Dictionary: The attacker creates or obtains a large dictionary file containing a list of potential passwords or passphrases. This dictionary may include commonly used passwords, variations of dictionary words, personal information, and other combinations.

3. Dictionary Attack: The attacker then uses software tools, such as Aircrack-ng or Hashcat, to systematically try each password in the dictionary file by computing the Pairwise Master Key (PMK) for each password candidate and comparing it to the PMK extracted from the captured handshake. The PMK is derived from the passphrase using a key derivation function (e.g., PBKDF2).

4. Successful Password Recovery: If the attacker finds a match between the computed PMK and the PMK extracted from the handshake, it means they have successfully cracked the Wi-Fi network's pre-shared key. With the pre-shared key known, the attacker can then gain unauthorized access to the Wi-Fi network and intercept or modify network traffic.