Beginner's question on WPA crack

**wuitsung** · 07-27-2008, 09:46 PM

I would like to know that if you must have a good dictionary to crack WPA password? for example, if my AP password is remote_exploit. And in my dictionary, I didn't include this word there... does this mean I will not be able to crack it?

Second question.. is there any other method for cracking WPA without using DICTIONARY?

Thank you for your help!!

**Thorn** · 07-27-2008, 10:08 PM

Originally Posted by wuitsung

I would like to know that if you must have a good dictionary to crack WPA password? for example, if my AP password is remote_exploit. And in my dictionary, I didn't include this word there... does this mean I will not be able to crack it?

No, you will not be able to crack it. This is why a long, random passphrase recommended. It becomes is almost impossible to break, to the point of being mathematically impossible.

Originally Posted by wuitsung

Second question.. is there any other method for cracking WPA without using DICTIONARY?

You can use the Church of Wifi WPA Rainbow Tables. However, these table are dictionary-based, but by using hashes, they give you the ability to test common SSIDs and common passphrases much faster.

**jkroeder** · 07-27-2008, 10:08 PM

nope, you can not crack WPA if your dictionary doesn't have the passphrase

You can use the Church of Wifi WPA Rainbow Tables. However, these table are dictionary-based, but by using hashes, they give you the ability to test common SSIDs and common passphrases much faster.

therefore in terms of WPA security, rainbow tables don't improve the aspect of cracking WPA except for speed, is that correct? So how are rainbow tables compared with something like ophcrack and WPA tables different?

Is it because with WPA, the passphrases are salted with the SSIDs?

**wuitsung** · 07-27-2008, 11:14 PM

Thanx Thorn!! you mentioned the Church of Wifi WPA Rainbow Tables is dictionary based... so if it doesn't include the password of the AP, we are still not able to crack it right? it just help the speed of cracking right?

**Thorn** · 07-27-2008, 11:39 PM

Originally Posted by wuitsung

Thanx Thorn!! you mentioned the Church of Wifi WPA Rainbow Tables is dictionary based... so if it doesn't include the password of the AP, we are still not able to crack it right? it just help the speed of cracking right?

Correct.

If you don't have the passphrase, WPA is mathematically impossible to break. (Assuming standard computer equipment.)

**Thorn** · 07-27-2008, 11:50 PM

Originally Posted by jkroeder

therefore in terms of WPA security, rainbow tables don't improve the aspect of cracking WPA except for speed, is that correct?

Correct.

Originally Posted by jkroeder

So how are rainbow tables compared with something like ophcrack and WPA tables different?

I can't give a comparison, as I haven't run ophcrack of late. However, we would routinely crack a standard SSID secured with a dictionary password in under 30 seconds using the CoWF Rainbow Tables. (Excluding the time needed to collect the four way handshake.) The quickest I recall was about 11 seconds.

Originally Posted by jkroeder

Is it because with WPA, the passphrases are salted with the SSIDs?

Yes. So the tables are the top 1000 common SSIDS as reported to WIGLE, run against a password dictionary of ~172,000 passwords known to be commonly used.

BackTrack Linux - Penetration Testing Distribution

Thread: Beginner's question on WPA crack

Thread Tools

Search Thread

Display

Beginner's question on WPA crack

Posting Permissions