Working with EWSA

Input data

EWSA supports the following input data:

For more details on importing data from tcpdump and Tamos CommView logs, see Capturing network packets chapter.

Alternatively, you can import the data from PSPR log, where PSPR stands for Proactive System Password Recovery. When used on the computer with WZC (Wireless Zero Configuration), that program can save WPA-PSK password hash into the text file (press Export button on Misc Features | Wireless network page); EWSA can also dump password hashes from the local Registry itself (use Dump Windows WPAPSK hashes menu item). Please note that neither PSPR nor EWSA cannot extract hashes in the situation when wireless configuration is driven by 3rd party (vendor-supplied) utility instead of WZC.

Finally, you can add the password hash manually.

Program options

CPU Options

Here you can set the number of CPU(s) or cores to run the attack on (Processor utilization option). Press Auto detect to set this option automatically according to the number of processors you have installed. The Summary box shows more information on your operating system, machine name, user name (and whether you have Administrator privileges), CPU(s) name and speed.

GPU Options

Available devices box shows information about "compatible" video cards EWSA can run the attack on. If multiple cards are installed, all of them are shown; select the one you want to get more information about, and look at Device info box; press Drivers info to get additional information about video drivers installed. For more information, consult with Hardware acceleration chapter.

Dictionary options

Press Add to add dictionary file(s) to the list, Remove to remove the selected one(s), and Up/Down to change an order.

You can also set Ignore password if it is shorter than 8 or longer than 64 characters; with it, the program will check only those words (from the given wordlist) that are from 8 to 64 characters and so copmly with the wireless encryption standards.

Password mutation options

Here you select the name of the dictionary file, as well as the options that affect the speed and efficiency of the attack. See Dictionary mutations chapter for more details.

Logging options

Select what kind of information you want to be printed by the program: regular messages, warnings, error messages.