Is WPA2 collision-proof?

Kristi

11/18/23, 9:47 AM

I was experimenting with hashcat and aircrack to test WiFi security. The WiFi AP is a WPA2 encrypted network. The tool I used to capture is bettercap, which captured multiple WPA2 handshakes. The problem is that from those multiple handshakes I get two valid passwords for the same AP.

Question is, did I find a WPA2 hash collision or I am getting something wrong?!

Hashes are converted by hashcat tools to mode 22000.

Hashes from hashcat.potfile:

553228db2150902fd563d62c38682260:3a10d53d99a7:facc64a14bb8:Gastzugang:roteskreuz
cdd11e272989dc02fea3e6995b7107cb:3a10d53d99a7:f887f17c94e9:Gastzugang:123456789

UDATE: More proof that same WiFi AP handshakes(WPA2) have different passwords!

118

0 + 2

brute-force-attack

wpa2-psk

collision-resistance

collision-attack

forest

11/18/23, 10:46 PM

It's not collision proof, but what you're seeing isn't going to be a collision as the chance of getting one is astronomically low.

Kristi

11/21/23, 9:53 AM

So you are imlying that hashcat does a wrong hash calculation in my case ?

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Is WPA2 collision-proof?

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.