Page 1 of 2 12 LastLast
Results 1 to 10 of 19

Thread: The story so far... Can anyone help?

  1. #1
    Just burned his ISO
    Join Date
    Nov 2008
    Posts
    10

    Default The story so far... Can anyone help?

    Hey Guys,

    Ok so before you shoot me down with the add the word to the dictionary reply - it kinda defeats my object as a proof of concept.

    What I am trying to achieve is crack the WPA key without any deauth attack, use a dic file which holds the possible keys a-z A-Z 0-9 but only pipe these keys into specific areas of a possible string (which is based on the SSID & serial of my access point).

    Am I correct in thinking using dictmake.exe I can specify a 3 character base and then (dont ask me how but that will be my next obsticale) script or use john the ripper to create the possabilities of the keys. Or am I barking up the wrong tree here?

    Thanks loads

    Shabba!

  2. #2
    My life is this forum thorin's Avatar
    Join Date
    Jan 2010
    Posts
    2,629

    Default

    If you're at the point where you have something to brute-force with a dictionary then it's irrelevant how you arrived there. It's simple FACT given sufficient time/interest/resources the key will fall.

    Implement industry best practice for choosing and maintaining your key(s)/passphrase(s) and stop wasting time trying to prove something that's known FACT.

    Now the math. Assume you're only using a 15 character key that's:
    (26+26+10)^15
    62^15=666,922,858 exabytes

    If you can store that much data you can afford to find better ways to protect your network or get access to "other" Internet connections.
    I'm a compulsive post editor, you might wanna wait until my post has been online for 5-10 mins before quoting it as it will likely change.

    I know I seem harsh in some of my replies. SORRY! But if you're doing something illegal or posting something that seems to be obvious BS I'm going to call you on it.

  3. #3
    Just burned his ISO
    Join Date
    Nov 2008
    Posts
    10

    Default

    Surely no reply is more productive than a sarcastic one?

    Regarding my post (and yes I am still on the hunt for a solution) arent I correct in saying I am only looking for 3 characters from a possible 12 so its 62x62x62 possible combinations...

  4. #4
    Senior Member streaker69's Avatar
    Join Date
    Jan 2010
    Location
    Virginville, BlueBall, Bird In Hand, Intercourse, Paradise, PA
    Posts
    3,535

    Default

    but only pipe these keys into specific areas of a possible string
    Why does this sound like you're attempting to brute force it ala the movie War Games when WOPR is attempting to find the key and is running through key combination's on the big screen?
    A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

  5. #5
    Member imported_vvpalin's Avatar
    Join Date
    Apr 2009
    Posts
    442

    Default

    WPA is 8 characters minimum ...

    mile away .. etc ..

    and could war games 2 suck any harder ?
    Using backtrack for the first time is like being 10 years old again with the keys to a Ferrari.

  6. #6
    Developer
    Join Date
    Mar 2007
    Posts
    6,124

    Default

    Quote Originally Posted by shabbaranks View Post
    Surely no reply is more productive than a sarcastic one?

    Regarding my post (and yes I am still on the hunt for a solution) arent I correct in saying I am only looking for 3 characters from a possible 12 so its 62x62x62 possible combinations...
    What you want can be done with almost any dictionary program. Crunch is a good one and is available here on the forum. Thorins reply was far from sarcastic. It was in fact a FACT. The fact that you don't realize that leads me to believe you have loads of reading to do on cryptography.

  7. #7
    Just burned his ISO
    Join Date
    Nov 2008
    Posts
    10

    Default

    I understand the fact of which thorin was saying, but I cant help feeling it was aimed sarcasticly (and judging by the quote at in his replies aka I know I seem harsh in some of....) I feel I'm probably not far wrong - anyway moving on...

    @Streaker69 Confused - I havent asked for any movie review or refernce, but if required I know where to come :OP

    @vv palin yes I know about WPA and what I already know is potentially 9 of the char's leaving me with 3 hence the mention on "3 characters from a possible 12 so its 62x62x62 possible "

    @pureh@te - again thank you, positive input is gratefully appreciated.

    I know I dont know half as much as you guys probably do - but we all start somewhere.

    Thanks again..

  8. #8
    My life is this forum thorin's Avatar
    Join Date
    Jan 2010
    Posts
    2,629

    Default

    Quote Originally Posted by shabbaranks View Post
    Surely no reply is more productive than a sarcastic one?
    It wasn't sarcastic, I was being completely serious.

    Regarding my post (and yes I am still on the hunt for a solution) arent I correct in saying I am only looking for 3 characters from a possible 12 so its 62x62x62 possible combinations...
    Actually you said 3 character base, and no max length (so my original post assumed 15):
    Quote Originally Posted by shabbaranks View Post
    Am I correct in thinking using dictmake.exe I can specify a 3 character base and then ...
    Now you seem to be suggesting a 3 char base as part of a 12 character string. (So 3 known/static and 9 unknown/fluid).

    So it's 62^9 = 1.35370865 × 10^16 strings (keys) which would take 12,311.9 terabytes to store. Plus another 3 bytes for each possible string (key).
    I'm a compulsive post editor, you might wanna wait until my post has been online for 5-10 mins before quoting it as it will likely change.

    I know I seem harsh in some of my replies. SORRY! But if you're doing something illegal or posting something that seems to be obvious BS I'm going to call you on it.

  9. #9
    Just burned his ISO
    Join Date
    Nov 2008
    Posts
    10

    Default

    Anyone got a NAS box spare :OP

  10. #10
    Senior Member streaker69's Avatar
    Join Date
    Jan 2010
    Location
    Virginville, BlueBall, Bird In Hand, Intercourse, Paradise, PA
    Posts
    3,535

    Default

    Quote Originally Posted by shabbaranks View Post
    Anyone got a NAS box spare :OP
    Ya only need 3 of them.

    http://www.geeks.com/details.asp?inv...-R5-DT&cpc=SCH
    A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •