Sign in to follow this  
Followers 0
bardolph

WPA security : dictionaries

6 posts in this topic

Has anyone managed to crack the password of a wless net without pre-including this password in the dictionary he was using?

I tried a couple of really big dictionaries so far - let aircrack work for several hours (great stress test for the cpu btw),

but so far nothing... what about you people?

0

Share this post


Link to post
Share on other sites

Considering the PSK is hashed 4096 times with SHA1, it's gonna take a while to brute force (SHA1(psk, ssid, ssid-length, 4096)). Especially while further considering the PSK must be at least 8 chars. To top that off it is seeded by with the SSID (i think that is correct) So premade tables must be made for an individual SSID.

The best options are:

1) use advanced rules with john and send it into aircrack:

john <john options here> --stdout | aircrack-ng -a 2 -b <mac> -w - /path/to/mycaptureddata.cap

2)Use hardware acceleration to brute force:

scrn.jpg

The above image is using two Radeon 5850's for acceleration. Along with a quad core CPU @ 3.0Hhz with all the individual cores maxed.

Edited by tekio
1

Share this post


Link to post
Share on other sites

+1 for elcomsoft's EWSA

0

Share this post


Link to post
Share on other sites

+1 for elcomsoft's EWSA

Elcomsoft makes some nice stuff. Too bad all their stuff is so expensive. I just have an unlimited trial version. The only way it is crippled, is that only shows the first five chars of the cracked key. Good enough to have fun with, though.

0

Share this post


Link to post
Share on other sites

Considering the PSK is hashed 4096 times with SHA1, it's gonna take a while to brute force (SHA1(psk, ssid, ssid-length, 4096)).

The above image is using two Radeon 5850's for acceleration. Along with a quad core CPU @ 3.0Hhz with all the individual cores maxed.

damn i knew i'd need a quad core :confused:

0

Share this post


Link to post
Share on other sites

Considering the PSK is hashed 4096 times with SHA1, it's gonna take a while to brute force (SHA1(psk, ssid, ssid-length, 4096)).

The above image is using two Radeon 5850's for acceleration. Along with a quad core CPU @ 3.0Hhz with all the individual cores maxed.

damn i knew i'd need a quad core :confused:

There are precomputed rainbow tables as well. The set I have is like 35GB, and covers some common SSID's like "netgear", "linksys", and what not. Being so huge they're really a pain to work with unless you've got an eSata external drive. I d/l them to my NAS, and when I tested them it took like almost and hour to transfer some to my laptop. Very annoying, to say the least.

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0