Disable Wireless Security (WPA2) Preshared Key on Ubiquiti AC

OnAC radios, you can not disable WPA 2 security through the web interface. This is not necessarily bad, however, what happens if you have a client that is reset and will only connect to the default ubnt SSID?

Fortunately there is a way to disable the WPA2 Preshared key.

  1. Log into the device over ssh.
  2. Run the following command to disable WPA2 in the config
    sed -i s/aaa.1.wpa.mode=2/aaa.1.wpa.mode=0/g /tmp/system.cfg
  3. Save the config file with
    /usr/etc/rc.d/rc.softrestart save
  4. Login to the client device and configure the SSID.

After you are done, you can click the enable button to re-enable Wireless Security.

Hashcat examples

Rule based attack

Use a wordlist and best64 rules to try and crack a wordpress hash. Using rockyou.txt as an example.

-m Specifies the hash type

hashcat -m 400 wordpress.hash -r rules/best64.rule wordlist/rockyou.txt

wordpress.hash is a text file that contains the password hash. You can list multiple hashes in the file

Example contents of file

bob@localhost:~$ cat wordpress.hash 

Brute force

Attempt every 8 numeric combination for a WPA2 key.

hashcat -m 2500 -a3 capture.hccapx ?d?d?d?d?d?d?d?d

Hashcat built in Charsets

You can swap out the ?d from the above command with any of the built in character sets below.

  ? | Charset
  l | abcdefghijklmnopqrstuvwxyz
  d | 0123456789
  h | 0123456789abcdef
  H | 0123456789ABCDEF
  s |  !"#$%&'()*+,-./:;<=>?@[\]^_`{|}~
  a | ?l?u?d?s
  b | 0x00 - 0xff

More information
Rule based attacks are recommended