Understood. Thank you for the clarification.Originally Posted by =Tron=
No This would naturally not be a method to recommend, or even consider practically feasible as you say, but once again this is not the question the OP asked.
-Monkeys are like nature's humans.
Understood. Thank you for the clarification.
I think a key point is being lost here, and that is the purpose of dictionaries in security validation/scanning. People have a tendency to use common sequences of letters when selecting passwords. So, we have our favorite dictionary of 20k most-commonly-misused words, and, on a regular basis, we check the authentication mechanism to see if folks are being 'random' enough.
A brute force attack is just what good codes/passphrases are supposed to thwart.
Now, I can understand what OP was feeling. Most security professionals guard these dictionaries like the Crown Jewels, and getting this slick tool without a dictionary can feel a bit like getting a fast car with no fuel.
I have a couple of things to say :
1. From a practical purpose brute force cracking is only good up until 7-8 characters (assuming the standard upper/lower case alphabet + digits) with currently available computing power. Over 8 characters and the permutations of letters and numbers becomes too large to crack in a reasonable amount of time.
2. The reason I would like bruteforce added to this tool is that many times people use short words with a number or two added to the end (for example: fred25)...a brute force cracker that tries every possible combinations of letters/digits would be able to suss this out while no dictionary file is going to have that.
If people want a truly secure password it has to contain letters, digits and characters (ex. !) and be 8 characters or more. I just think that aircrack is missing a vital tool for cracking passwords by excluding a brute force method.
From my limited coding back in school this shouldn't be all that difficult to add to this program.
Unfortunately I'm not a code ninja so that's why I'm asking if anyone else had a method to accomplish this.
For this purpose the advice given by m1cha3l would be your best choice. Personally I would pipe john into aircrack-ng as it packs the abilities that you are looking for.
-Monkeys are like nature's humans.
Thanks that works!
minimum passphrase length?
wait a minute? is the minimum length of a WPA passphrase really 8 characters?
If thats the case, that would explain why aircrack-ng is not even trying any of the passwords in my wordlist (generated by a program I made which currently only makes a wordlist of all possible combinations of lowercase letters up to 4 length)
So I'll have to revise my program and make it start with 8 characters right?
and probably end after all the 8 character combinations are done! since even 9 is way too many combinations!
It took my machine about a minute to generate all the possible passwords with length 1-4, with a resulting 2.24MB file...
I wonder how long it will take to generate a word list with all combinations of 8 characters...
NO WAY will I do full ascii... only lowercase letters + uppercase + digits
And I'm agreeing with spyder... USUALLY people make passwords easy for them to remember, so a password with only letters and numbers that is 8 characters or less is common...
So a brute force attack makes sense, an 8 character password can be cracked in a feasible amount of time... If a good password is in place however no matter what dictionary you have, or how deep your bruteforce dictionary goes, You just aren't going to get the password...
Getting the password for WPA depends on the password not being such a great password!
here was my wordlist that my app generated incase anyone wants to confirm that passwords less than 8 characters are in fact not even tried...
rapidshare.com/files/149433070/dict.txt.html
the app is a windows app since I don't know how to code for linux yet, but I did make sure it only separates a new line with a line feed (\n or 0x0A)
instead of a carriage return and line feed (\r\n or 0x0A0D)
since \n is the linux way to seperate lines, and \r\n is the windows way (i think just \r for mac but thats irrelevant)
spyder what did you type exactly to get 'john' to pipe the generated passphrases to aircrack-ng?
john is an app right? well it doesn't seem to be included with backtrack 3 since typing it says command not found! What is john?
Yay I Can Post Now :)
http://www.popeax.com/SlaxRox.jpeg
Yes WPA passphrases are minimum 8 character.
Have you checked out WPA rainbow tables?
You should be able to find them here:
http://www.churchofwifi.org/
John the Ripper is what he is referring to.
http://backtrack.offensive-security....hp?title=Tools
It is listed here but I don't know if it was carried over to BT3final
The password requirements for WPA are actually 8 to 63 characters. However, remember that all these passwords will need to be used against the ssid to create the hash. So you really have tw factors involved: the actual passphrase and the ssid. WPA rainbow tables linked by hhmatt81 is a good start. Here is another link with some history behind WPA rainbow tables:
renderlab.net/projects/WPA-tables/
John the ripper is included in BT3F. You will need to issue the john command from within its installation directory (/usr/local/john if I remember correctly).
-Monkeys are like nature's humans.
Posting Permissions
