During a wireless assessment you use airodump-ng to capture a four-way handshake from an 802.11i network that advertises WPA2-PSK with AES-CCMP. You plan to launch an offline dictionary attack against the capture in hashcat. Besides the wordlist itself, which additional piece of information must you supply to calculate candidate pairwise master keys?
The group temporal key (GTK) from message 3 of the handshake
The client station's MAC address
The access point's channel number at the moment of capture
The access point's SSID exactly as it is broadcast
In WPA/WPA2-PSK, the Pairwise Master Key (PMK) that you try to recover in an offline dictionary or brute-force attack is derived with the PBKDF2 function: PMK = PBKDF2(HMAC-SHA1, passphrase, SSID, 4096, 256). The service-set identifier (SSID) of the access point, including its exact case, is used as the salt in this key-derivation step. While the four-way handshake file already contains the AP and station MAC addresses and both nonces, it does not include the plaintext SSID; hash-cracking tools therefore require you to specify it (or have it embedded in the capture via beacon/probe frames). The group temporal key, channel number, or client MAC are either unnecessary for PMK computation or already present in the handshake capture, so providing them separately will not enable the key-cracking process.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is PBKDF2 and how is it used in WPA2-PSK?
Open an interactive chat with Bash
Why is the access point's SSID important in WPA2 handshake cracking?
Open an interactive chat with Bash
What role does AES-CCMP play in WPA2 security?
Open an interactive chat with Bash
What is PBKDF2, and how does it work in WPA2-PSK key derivation?
Open an interactive chat with Bash
What is the purpose of the four-way handshake in WPA2-PSK networks?
Open an interactive chat with Bash
Why is the SSID important for offline dictionary attacks against WPA2-PSK?
Open an interactive chat with Bash
Certified Ethical Hacker (CEH)
Wireless Network Hacking
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .