Page 1 of 2 12 LastLast
Results 1 to 10 of 18

Thread: What's the advantage of cracking wpa with a DB ?

  1. #1
    Junior Member
    Join Date
    Jul 2008
    Posts
    63

    Default What's the advantage of cracking wpa with a DB ?

    Hi.

    Recently I've been trying to test WPA2-cracking using airolib-ng against my own AP, but it seems that it take as many time as using only aircrack-ng.
    I mean, if there are people to invent such tools, consequently it would be an advantage cracking wpa this way. And this is that advantage that I can't put my finger on. Does somebody can help me to find this advantage out ?
    Thanks.

  2. #2
    Senior Member
    Join Date
    Apr 2008
    Posts
    2,008

    Default

    The short answer would be that it is exploiting the time-memory tradeoff. The whole benefit, as well as the process itself, is thoroughly explained here:
    http://www.renderlab.net/projects/WPA-tables/
    -Monkeys are like nature's humans.

  3. #3
    Senior Member secure_it's Avatar
    Join Date
    Feb 2010
    Location
    在這兩者之間 BackTrack是4 FwdTrack4
    Posts
    854

    Default

    Nope it again depends on your hardware specifications like RAM,Processor while using normal Aircrack-ng wpa/wpa2 dictionary attack.because in that it will check passwords very slowly.instead airolib-ng uses sqlite 3 and pre computed the hashes/PMK with all the give essid and passwords thus making cracking of wpa/wpa2 damn faster.on core 2 duo 2 Ghz and with 4 GB RAM I cracked my router's WPA Passphrase in offline attack.the speed on aircrack-ng was some 250 words/second where in airolib-ng it got upto 9000-10,000 words/seconds.the best bet is to use Church of wifi CoWPAtty rainbow tables for already pre-salted essid and passphrase list containing 1000 ESSIDs and pre-salted passphrases.


    http://www.aircrack-ng.org/doku.php?...32de6cb63418b1

  4. #4
    Junior Member
    Join Date
    Jul 2008
    Posts
    63

    Default

    Ok, I see what is the target
    Unfortunately, it wouldn't be useful for me since I'm a native french speaker and I imagine there are no rainbow table in french, so I would have to compute mine, and in this case it's no longer an advantage for me, but...
    Given, for example, 5 known SSID with their related handshake already gathered : it would be more convenient to pre-compute your dictionnaries with these SSID one time to crack the keys at speed of light after, instead of running only aircrack on the first SSID, wait some time, then try the second SSID, etc...
    Am I right ?

    I think I'm going to be a rainbow table geek ^^

  5. #5
    Senior Member
    Join Date
    Apr 2008
    Posts
    2,008

    Default

    Quote Originally Posted by alan-smithee View Post
    ...Given, for example, 5 known SSID with their related handshake already gathered : it would be more convenient to pre-compute your dictionnaries with these SSID one time to crack the keys at speed of light after, instead of running only aircrack on the first SSID, wait some time, then try the second SSID, etc...
    Am I right ?
    This will only be a good choice if you intend to re-use the same dictionary against the same SSID(s) more times than one. In case you plan to only run the specific dictionary against the target SSID(s) once it will be more time-efficient to simply use the standard wordlist approach.

    The reason is that the wordlist will have to be computed for each of the target SSIDs, meaning that computing a rainbow table for 2 SSIDs will take twice as long as computing the same wordlist against only one SSID.
    -Monkeys are like nature's humans.

  6. #6
    Junior Member
    Join Date
    Jul 2008
    Posts
    63

    Default

    So, to sum up, it's not a tool for me, except if I find a rainbow table in french

  7. #7
    Junior Member
    Join Date
    Jul 2008
    Posts
    63

    Default

    Quote Originally Posted by =Tron= View Post
    This will only be a good choice if you intend to re-use the same dictionary against the same SSID(s) more times than one. In case you plan to only run the specific dictionary against the target SSID(s) once it will be more time-efficient to simply use the standard wordlist approach.

    The reason is that the wordlist will have to be computed for each of the target SSIDs, meaning that computing a rainbow table for 2 SSIDs will take twice as long as computing the same wordlist against only one SSID.
    But, I know some people who affirm that it is faster to crack wpa with airolib-ng even for a single essid if the wordlist is big. True or false ?

  8. #8
    Senior Member Thorn's Avatar
    Join Date
    Jan 2010
    Location
    The Green Dome
    Posts
    1,509

    Default

    Quote Originally Posted by alan-smithee View Post
    But, I know some people who affirm that it is faster to crack wpa with airolib-ng even for a single essid if the wordlist is big. True or false ?
    False.

    It may be true for some networks if, a) you are lucky, and b) the wordlist is weighted to put the most common passwords at the top. However, the law of averages will catch up with you fairly quickly, and the odds are stacked against you. You can't beat the math. (This is why the casinos make money in Vegas. )
    Thorn
    Stop the TSA now! Boycott the airlines.

  9. #9
    Junior Member
    Join Date
    Jul 2008
    Posts
    63

    Default

    For instance, what do you think of this quotation ?
    Moi j'ai testé airolib-ng avec un gros dico de 135 MO à peu près.
    Cela fait un sacré paquet de mots! Eh ben si j'avais du le faire avec la méthode classique, j'aurai mis des jours et des jours! Alors qu'avec airolib-ng j'ai mis quelques heures à peine pour faire le dico en entier et tester tous les mots donc.
    from crack-wpa.fr

    Translation :
    I've tried airolib-ng with a big wordlist of almost 135 Mo.
    This make a large number of passphrases. If I had to use the classic method, it would take days, where only some hours was required using airolib-ng

  10. #10
    Senior Member
    Join Date
    Apr 2008
    Posts
    2,008

    Default

    Quote Originally Posted by alan-smithee View Post
    For instance, what do you think of this quotation
    I would think that the person who posted that in the first place is missing the fact that it will take roughly as long to compile the hash table to be used with airolib-ng from the dictionary, as it will to simply run the dictionary against the handshake in the first place.
    -Monkeys are like nature's humans.

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •