No, that comes to 209 billion *passphrases* each 8 characters long plus the UNIX/LINUX linefeed character.
Originally Posted by joke18
if this is true then why is it when I create a 4 character list using all digits I end up with a 50,000 byte file because 10^4 is 10,000
is my math wrong or is there something im missing?
Thank you for the help
Once again, pureh@te is exactly correct. Even with speedy nVidia/ATI GPU cards running the crack, there's still plenty of number crunching just to test a single passphrase.
Originally Posted by pureh@te
Let me make a suggestion germane to the OP's observation. Do not worry about creating and then storing 26^8 passphrases. Yes, that will take lots of disk space. Why not instead use crunch to create on-the-fly ?
Watch as this runs. If your eyes were fast, you noticed it started at:
/pentest/passwords/crunch/crunch 8 8 abcdefghijklmnopqrstuvwxyz -t a@@@@@@@
...and finished at:
If you intend to brute-force your way thru 26^8 passphrases, use crunch to passthrough output to pyrit and then to cowpatty. But do this in short increments. Start with all possible passhrases beginning with letter a:
Note: the above command assumes your PATH variable includes /pentest/passwords/crunch and /pentest/wireless/cowpatty
crunch 8 8 abcdefghijklmnopqrstuvwxyz -t a@@@@@@@ | pyrit -e NETGEAR -f - passthrough | cowpatty -d - -r wpa-01.cap -s NETGEAR
If you do not find the passphrase there, start with the letter b:
And so on and so on until you're old and decrepit.
crunch 8 8 abcdefghijklmnopqrstuvwxyz -t b@@@@@@@ | pyrit -e NETGEAR -f - passthrough | cowpatty -d - -r wpa-01.cap -s NETGEAR
Bonus: In my testing, I've found that crunch saves your system from having to read the password file from disk, saving you precious CPU cycles. It's actually faster!
Be warned: Brute-forcing your way thru 26^8 passphrases takes a long, long time. You will need to document what you've attempted to keep from doing it again, so keep a log.
Conclusion: If you care to save disk space, use crunch.
Comments? Questions? I hope that was clear.