Page 1 of 3 123 LastLast
Results 1 to 10 of 22

Thread: Dictonary file problem

  1. #1
    Member
    Join Date
    Mar 2007
    Posts
    121

    Default Dictonary file problem

    Hi I made a large dictionary file 36GB ish using this command:

    /pentest/password/crunch 8 8 1234567890abcdef &> /mnt/sdd1/8hex

    After that was finsihed I did the old WPA handshake grabbing but when it came to running this command:

    aircrack-ng -w /mnt/sdd1/8hex -b 00:00:00:00:00:00 psk*.cap

    All I get is:

    Empty Dictionary
    Empty Dictionary
    Opening PSK-01.cap
    Opening PSK-02.cap
    Please specify a dictionary (Option -w)

    I created a smaller dictionary with just 2 didgits and that worked fine ( well it ran through ) So is there something i need to do when handling large files like my 36Gb dictionary?
    Don't discount Windows, I would be a poor man without it ;)

  2. #2
    Member
    Join Date
    Jun 2007
    Posts
    218

    Default

    Quoted from the aircrack-ng tutorial:

    Next, we look at cracking WEP with a dictionary. In order to do this, we need dictionary files with ascii or hexadecimal keys to try. Remember, a single file can only have ascii or hexadecimal keys in it, not both.

    Example 64 bit hexadecimal key: “12:34:56:78:90” (Note the ”:” between each two characters.)

  3. #3
    Member
    Join Date
    Mar 2007
    Posts
    121

    Default

    I'm sorry but I don't quite follow. I'm not trying a WEP attack, I'm trying a WPA.

    I have set a WPA password on my router to ffffffff and out of interest I wanted to see how long it would take to go from 00000000 to ffffffff in a brute force attack. A few hours? A few days?

    I have no real practical use for this I just want to see if I could get it to work
    Don't discount Windows, I would be a poor man without it ;)

  4. #4
    Member
    Join Date
    Jun 2007
    Posts
    218

    Default

    You can't do a plain dictionary attack with WPA. You need to include the SSID. Check out the tutorials over at the aircrack-ng site.

  5. #5
    Member
    Join Date
    Mar 2007
    Posts
    121

    Default

    Yes i have included the ssid if you see in my oririnal post i wrote -b 00:00:00:00:00:00 I just put the zeros in to hide my real ssid. And like I said before I tried it with a 2 didgit version using the exact same methods and it worked. I have followed the guides exactly by setting my adaptor to monitor mode, de-authing my other station and recording the hand shake but the last command fails and only fails with the 36gb file I made earlyer.

    I have even followed this guys tutorial http://forums.remote-exploit.org/showthread.php?t=8230 and it's exactly how I've been doing it and how the guides say its done also.

    I'm thinking the problem is more to do with the way Im creating the dictonary file in the first place. aircrack-ng is telling me the dictionary file is empty which makes me think its not been finalized properly or something. k-write fails to open the file also. But if i start the crunch command then halt it almost within a few seconds k-wite can read the incomplete file with ease. This is beating me and I dont like it
    Don't discount Windows, I would be a poor man without it ;)

  6. #6
    Senior Member Thorn's Avatar
    Join Date
    Jan 2010
    Location
    The Green Dome
    Posts
    1,509

    Default

    Is the dictionary file unicode type, where the lines end in a LF, or is it MS-DOS type where the lines end in LR/CR? That can make a huge difference.
    Thorn
    Stop the TSA now! Boycott the airlines.

  7. #7
    Member
    Join Date
    Mar 2007
    Posts
    121

    Default

    To be honest I have no idea. This is the exact command I used to create the dictionary in BT3 beta:

    /pentest/password/crunch 8 8 1234567890abcdef &> /mnt/sdd1/8hex

    I've deleted the file now but it would only take 25 - 30 mins to create another using the same method. You mentioned LF & LR/CR, which is the correct format and how would I make sure I am creating the correct one? I did notice that the file I created was an unknown file type in windows and had no extension ( eg .txt ) but I have no use for it in windows. In BT3beta the file is associated with k-write but won't open. I guess 36gb is too much for k-write to handle.

    Thanks for the info so far. Hope I can get this cracked some day ( no pun intended )
    Don't discount Windows, I would be a poor man without it ;)

  8. #8
    Senior Member Thorn's Avatar
    Join Date
    Jan 2010
    Location
    The Green Dome
    Posts
    1,509

    Default

    Quote Originally Posted by johnyt View Post
    To be honest I have no idea. This is the exact command I used to create the dictionary in BT3 beta:

    /pentest/password/crunch 8 8 1234567890abcdef &> /mnt/sdd1/8hex

    I've deleted the file now but it would only take 25 - 30 mins to create another using the same method. You mentioned LF & LR/CR, which is the correct format and how would I make sure I am creating the correct one? I did notice that the file I created was an unknown file type in windows and had no extension ( eg .txt ) but I have no use for it in windows. In BT3beta the file is associated with k-write but won't open. I guess 36gb is too much for k-write to handle.

    Thanks for the info so far. Hope I can get this cracked some day ( no pun intended )
    Since you're using a Linux program, the result is probably unicode. To verify this, just look at the file in a hex editor. If a line ends in just an LF (0A), that isn't the problem. If a line ends in a pair of LF and CR together (0A 0D), then it's an issue.

    If that is the case, you'll have to look as the man page for the crunch program to see if the output can be adjusted.

    LF = Hex 0A, Decimal 10
    CR = Hex 0D, Decimal 13
    Thorn
    Stop the TSA now! Boycott the airlines.

  9. #9
    Senior Member DaKahuna's Avatar
    Join Date
    Jan 2010
    Posts
    103

    Default

    Quote Originally Posted by Thorn View Post
    Since you're using a Linux program, the result is probably unicode. To verify this, just look at the file in a hex editor. If a line ends in just an LF (0A), that isn't the problem. If a line ends in a pair of LF and CR together (0A 0D), then it's an issue.

    If that is the case, you'll have to look as the man page for the crunch program to see if the output can be adjusted.

    LF = Hex 0A, Decimal 10
    CR = Hex 0D, Decimal 13
    Thorn is correct but for n00bs I find it easier to tell them to look at the file in vi. If it is unicode there will be nothing shown at the end of the line. However, if it is MS-DOS file type in VI you will see a blue ^M at the end of each line. If that is the case then run dos2linux, which will change a MS-DOS file to unicode.

  10. #10
    Member
    Join Date
    Mar 2007
    Posts
    121

    Default

    Hi ok I have created just a 2 digit version using te same crunch method and loaded it into khexedit. It looks fine to me with just 0A ending each 2 digit. Only problem i have now is that I cant find any thing that will open up my 36gb file. It loads to about 5% then just gives up. The light on my usb stick goes crazy so is it trying to temparily load it there causing me a problem?
    Don't discount Windows, I would be a poor man without it ;)

Page 1 of 3 123 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •