Score:3

Is WPA2 collision-proof?

US flag

I was experimenting with hashcat and aircrack to test WiFi security. The WiFi AP is a WPA2 encrypted network. The tool I used to capture is bettercap, which captured multiple WPA2 handshakes. The problem is that from those multiple handshakes I get two valid passwords for the same AP.

Question is, did I find a WPA2 hash collision or I am getting something wrong?!

Hashes are converted by hashcat tools to mode 22000.

Hashes from hashcat.potfile:

553228db2150902fd563d62c38682260:3a10d53d99a7:facc64a14bb8:Gastzugang:roteskreuz
cdd11e272989dc02fea3e6995b7107cb:3a10d53d99a7:f887f17c94e9:Gastzugang:123456789

UDATE: More proof that same WiFi AP handshakes(WPA2) have different passwords! enter image description here

enter image description here

forest avatar
vn flag
It's not collision proof, but what you're seeing isn't going to be a collision as the chance of getting one is astronomically low.
Kristi avatar
md
So you are imlying that hashcat does a wrong hash calculation in my case ?
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.