Show 40 post(s) from this thread on one page
Page 2 of 3 First 123 Last
• 05-16-2011, 04:17 PM
comaX
Re: bruteforce 8 character (uppercase) password
About the dictionnary attack, it's assuming the WPA is based on a passphrase... Which where I live is pretty much never the case ! And I believe dictionnary attacks are a sub-kind of brute force, so I stand on the point that the only way to crack WPA is brute force !
(Except if you go in the hole 196-ish thing...)
• 05-16-2011, 05:05 PM
2901119
Re: bruteforce 8 character (uppercase) password
brute force and dictionary attacks are two very different things. A dictionary attack has nothing to do with enumerating every possible combination of characters, unless you generate a list of every possible combination. Even in that case that's still just a brute force list.;)
• 05-16-2011, 06:31 PM
Scamentology
Re: bruteforce 8 character (uppercase) password
I always considered dictionary attacks to be a kind of brute force as well. I may be wrong but its always the way I viewed them. If this is not the case then there are 2 ways of cracking WPA and I stand corrected.

Quote:

Originally Posted by 2901119
brute force and dictionary attacks are two very different things. A dictionary attack has nothing to do with enumerating every possible combination of characters, unless you generate a list of every possible combination. Even in that case that's still just a brute force list.;)

• 05-16-2011, 06:47 PM
2901119
Re: bruteforce 8 character (uppercase) password
https://www.infosecisland.com/blogvi...y-Attacks.html

and

http://en.wikipedia.org/wiki/Brute-force_attack

and

http://thehackerslounge.blogspot.com...ruteforce.html

If you search the backtrack 4 forums this topic has also been covered multiple times where many knowledgeable people come to agree that they are two very different attacks.

When you break it all down: one attack, if given enough time is guaranteed to work while the other attack only works if the word is in the dictionary file.

Why do you guys think its called a BRUTE FORCE attack? Certainly not because you're trying a small fraction of possible passwords that you have in a dictionary file, but because you're throwing everything at it and trying all of possible combinations of characters until you do find the right password.
• 05-16-2011, 07:06 PM
comaX
Re: bruteforce 8 character (uppercase) password
Yeah, I see your point. And I'm not saying they are the same, but very similar since in both case you try a large number of possibilities against a hash (for example). One is just more "intelligent" than the other, even if risks of failure are greater*.

(*depends on a lot of things though...)
• 05-16-2011, 07:19 PM
Scamentology
Re: bruteforce 8 character (uppercase) password
Very cool - thanks for clearing that up for me.

Quote:

Originally Posted by 2901119
https://www.infosecisland.com/blogvi...y-Attacks.html

and

http://en.wikipedia.org/wiki/Brute-force_attack

and

http://thehackerslounge.blogspot.com...ruteforce.html

If you search the backtrack 4 forums this topic has also been covered multiple times where many knowledgeable people come to agree that they are two very different attacks.

When you break it all down: one attack, if given enough time is guaranteed to work while the other attack only works if the word is in the dictionary file.

Why do you guys think its called a BRUTE FORCE attack? Certainly not because you're trying a small fraction of possible passwords that you have in a dictionary file, but because you're throwing everything at it and trying all of possible combinations of characters until you do find the right password.

• 05-17-2011, 12:23 AM
2901119
Re: bruteforce 8 character (uppercase) password
No problem:)
• 05-17-2011, 12:57 PM
Barry
Re: bruteforce 8 character (uppercase) password
Quote:

Originally Posted by erhardm
You probably want to find another way of cracking that WPA passphrase. There are 302231454903657293676544 possible combinations.:)

Regards

Not if you know it's an 8 character all uppercase password. Then it's only 208872064576 combinations.
• 05-17-2011, 01:22 PM
comaX
Re: bruteforce 8 character (uppercase) password
Quote:

Originally Posted by Barry
Then it's only 208872064576 combinations.

Oh, much better then ;)
(which it is in fact, given the previous figure... but hell, that's an awful lot too !)
• 05-18-2011, 09:52 PM
Barry
Re: bruteforce 8 character (uppercase) password
Quote:

Originally Posted by comaX
Oh, much better then ;)
(which it is in fact, given the previous figure... but hell, that's an awful lot too !)

True, just shows you why wpa2 is such a bitch to crack. It would probably be easier to just watch someone enter the password on their laptop from a spy satellite.....
Show 40 post(s) from this thread on one page
Page 2 of 3 First 123 Last