Results 1 to 4 of 4

Thread: Live-Pipe-Cooperation: JTR and Aircrack-ng.

Hybrid View

  1. #1
    imported_-$p!c3-
    Guest

    Thumbs up

    I've been redirected and you are able to see the Thread right here:...[Oh, f***. Totally forgot about the rule].
    What a literally STUPID rule to let users only post links after having reached 15 posts. That being said, let's continue.

    MISSION: Let JTR pipe its live-generated 8-character passwords into Aircrack-ng. It syhould be possible to stop/start since JTR saves states.

    For further information on directly piping output of JTR into Aircrack, please refer to the following documentation entry: [ask me if you need the link].
    Conclusions I've drawn so far: First of all, the documentation of JTR is a total mess. Seriously.
    Secondly, it doesn't make much sense to set bruting mode to the full length from 8 to 63 characters. For the sake of analysis, 8 chars will do.

    * In john.conf, incremental mode has to look somewhat like this:

    Code:
    [Incremental:Alpha]
    File = $JOHN/alpha.chr
    [colour=red]
    MinLen = 8
    MaxLen = 8[/colour]
    CharCount = 26
    The corresponding command to launch the rocket will probably look like this (NOTE: The following command must be run in JTRs path):

    Code:
    john --incremental:alpha --stdout | aircrack-ng -0 00:14:6C:7E:40:80 -w- *psk.cap
    * JTR seems to use its dictionaries in the cracking process.
    (the code needs to be changed so that JTR tries EVERY single combination possible with 8 characters without touching any

    Explanation:

    In the above code JTR uses all lowercase letters as input and pipes them into Aircrack-ng. Option -0 brings some colour into the world. Even if you only have ONE network in your captured file specified (which should be the case since you are working on your own network, right?) Aircrack-ng asks for an ESSID (option -e/--essid) and/or BSSID (option -b/--bssid). With "-w-" (without quotes) Aircrack-ng knows that it gets its input from another program: JTR.

    Further questions to the above:

    * Let's take another look at john.conf: Is the CharCount still correct when changing MinLen to "8"?
    * JTR saves its progress by default, but how exactly is it possible to resume a stopped session in combination of Aircrack-ng?

    If anyone of you knows an answer to the above questions: I'm all ears. Thanks for participating, guys.

    -$p!c3-

    It´s quiet in here. Do you hear the echo?

  2. #2
    Good friend of the forums
    Join Date
    Jun 2008
    Posts
    425

    Default

    Let's take another look at john.conf: Is the CharCount still correct when changing MinLen to "8"?
    * JTR saves its progress by default, but how exactly is it possible to resume a stopped session in combination of Aircrack-ng?
    aircrack should crack what its feed, as long as JTR knows were it stopped at and can restart there.

  3. #3
    imported_-$p!c3-
    Guest

    Default

    Quote Originally Posted by compaq View Post
    aircrack should crack what its feed, as long as JTR knows were it stopped at and can restart there.
    Thanks, but nothing really new. I´d like to know the exact command for doing so.
    Also, in the code below JTR still uses the dictionaries it brings with itself.
    I´d appreciate if someone could give me a hint on the code to let JTR pipe live-generated 8-character passwords into Aircrack-ng.

    -$p!c3-

  4. #4
    Good friend of the forums
    Join Date
    Jun 2008
    Posts
    425

    Default

    ./john --incremental:alpha --stdout > temp | aircrack-ng -e NETGEAR -w temp /root/NETGEAR.cap

    might have to touch or echo 1 > temp , at the start

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •