Correct, as WPA passwords are actually not cracked but essentially guessed based on a list of predetermined words it will have to be present in the wordlist in order to be found.Originally Posted by Acester
Bleh, back to square one.. lol
Okay, so my original intentions were to create a wordlist with JTR that would include all letters and numbers.. Then run that through airolib.. then use the database to crack the wpa handshake. The main issue is that the passphrase is not in any of my dictionarys, so with that said, you would have to create your own wordlist, correct?
The following statement is true:
The previous statement is false.
:confused:
Correct, as WPA passwords are actually not cracked but essentially guessed based on a list of predetermined words it will have to be present in the wordlist in order to be found.
-Monkeys are like nature's humans.
Okay.. now with all that said, I understand John can create a wordlist.. Could you help me with this tron? :P As a test, I would just like to know how to create one, how to set a minimum number of characters and a maximum number of characters, and how to include both alpha and numeric.
I've looked everywhere for an example, but I cannot find one..
The following statement is true:
The previous statement is false.
:confused:
I am not convinced that John would be the best program to use for achieving this. As already mentioned in this thread I would advice you to check out a few of the dictionary permutators posted under the Programming section of the forum.
http://forums.remote-exploit.org/forumdisplay.php?f=27
-Monkeys are like nature's humans.
Crunch Dictgen - Can be found in /pentest/password/crunch
Hope you have 5+ terabytes drives laying around for your "wordlist" and a couple years to spare watching it try to crack it.
Μολὼν λαβέ - Great spirits encounter heavy opposition from mediocre minds.
Yes, that is what I was looking for.
Holy cow. :|
Well at least I learned a bunch of things from this..
I'm starting to believe that WPA is extreemly strong when you have a unique SSID and Password.. Like, it's just impossible to create a dictionary. :| The password was my name, which is 11 chars. My computer is a beast, so I just wanted to see what it could do lol.. But it dosn't have TB's, unfortunately. Anyway, thanks for all the help everyone.
The following statement is true:
The previous statement is false.
:confused:
generally brute force a remote service over 6 chars is 'takes way too long' less you use distributed attacks.
might not right place to post but
I've downloaded jtr for windows and dumped the LM hash with pwdump7 but it dos'nt seem to be working right I know the password and added it to the standard wordlist that comes with john the ripper but it still won't find it here's the output
C:\cracks\john171w\john1701\run>john-mmx c:\cracks\hash1.txt
Loaded 1 password hash (NT LM DES [64/64 BS MMX])
(Administrator)
guesses: 1 time: 0:00:00:00 100% (2) c/s: 8933 trying: 12345 - GANDALF
and the LMhash
Administrator:888888888888888888888888888888888888 88888888888888888888888888888888
Thanks
Try using john -w:wordlist.txt c:\cracks\hash1.txt
I like the bleeding edge, but I don't like blood loss
This is very intersting. thank you. It's a bit advanced for me but I plan to learn a little over the next few months.
Thank you to everyone for all yuor helps.
Posting Permissions