Results 1 to 7 of 7

Thread: WPA cracking questions

  1. #1
    Just burned his ISO
    Join Date
    Nov 2009
    Posts
    4

    Default WPA cracking questions

    Hi, i have a couple questions about WPA PSK(not WPA2) cracking, im hoping you guys can help me solve them!

    1. After getting the 4 way handshake, is it okay to disconnect from the network and brute force/dictionary attack the key?

    2. Apparently the key is only HEX, there is no passphrase, the hex of course is 64 char long. is this possible?

    3. What would be the best way to solve this key? pipe JTR or crunch through aircrack, use rainbow tables, or something else?


    Just a backstory on what network im trying to crack:
    Im in grade 12 and im in a networking class, knowing more than the average dolt in my class about computers i am well ahead on all of the assignments, my teacher asks if i want an extra assignment, for a bonus, i say sure. so he sets up a router with a wep password and says 'see if you can get in' so i run through aircrack, and sure enough im in within 10 minutes. Now hes set it to this, WPA. with the only clue that its 64 char long.

  2. #2
    Member
    Join Date
    Feb 2010
    Posts
    75

    Default

    Yes once you capture fourway handshake you ca. Disconnect and brute force the password off line.

    Try cowputty for bruteforcing the password.

    Someone else will be able to give you a better understanding than me.

  3. #3
    Developer
    Join Date
    Mar 2007
    Posts
    6,126

    Default

    The chances of you bruteforcing a 64 character password are slim to none

  4. #4
    Senior Member kidFromBigD's Avatar
    Join Date
    Jan 2010
    Location
    Texas
    Posts
    159

    Default

    Quote Originally Posted by pureh@te View Post
    The chances of you bruteforcing a 64 character password are slim to none
    Yes, exactly. pureh@te should know.

    You may ask for another clue about the passphrase itself. Your instructor may have set the password to 64 of the same character. In that case, you job will be easy. If he offers no clues, you might start there anyways.

    A good way to generate your passphrases would be to use crunch:
    Code:
    crunch 64 64 0 -t (pattern) > all0.txt
    crunch 64 64 1 -t (pattern) > all1.txt
    ...
    crunch 64 64 F -t (pattern) > allF.txt
    Where: (pattern) would be 64 of the @ character.

    Best of luck! Report back how it goes for you.
    You. Are. Doing. It. Wrong.
    -Gitsnik

  5. #5
    Just burned his ISO
    Join Date
    Nov 2009
    Posts
    4

    Default

    Thanks, ill see if i can get some hints tomorrow in class, ill also bring home the .cap file. heh maybe i could use all of the computers in my class for a cluster, and solve it :P

    but if it is indeed a randomized 64 HEX key, i realise the filesize of the wordlist would be huge, and piping from crunch would take a year or longer, there is no shortcut is there? (i guess there would be other ways to crack into the system and scavenge for the keys, but im talking wifi)



    Quote Originally Posted by kidFromBigD View Post
    Yes, exactly. pureh@te should know.

    You may ask for another clue about the passphrase itself. Your instructor may have set the password to 64 of the same character. In that case, you job will be easy. If he offers no clues, you might start there anyways.

    A good way to generate your passphrases would be to use crunch:
    Code:
    crunch 64 64 0 -t (pattern) > all0.txt
    crunch 64 64 1 -t (pattern) > all1.txt
    ...
    crunch 64 64 F -t (pattern) > allF.txt
    Where: (pattern) would be 64 of the @ character.

    Best of luck! Report back how it goes for you.

  6. #6
    Senior Member MikeCa's Avatar
    Join Date
    Jan 2010
    Location
    DC
    Posts
    129

    Default

    There are approximately 1.157e77 different possible passwords.

    If you created all of them and stored them on disk it would take approximately 7.526e66 terabytes of hard drive space. That is almost a 1 Terabyte hard drive for every atom in the observable universe.

    It's true that you could pipe it straight through and that you would not need to store the passwords. Even if you could try 10,000 passwords in a second (much, much faster than typical) it would take 3.671e65 YEARS to try them all. You could harness the power of 1 million computers, in with case it would only take 3.671e59 years. It is not feasible that you will crack this password given all the computing power on Earth.

    Now, of course, you should ask him if there is any trend in the password, like "123123123..." etc. That would help.

    P.S. I am assuming it takes 1 byte to store a character and that each 64 character password is separated by a newline.

  7. #7
    Just burned his ISO
    Join Date
    Nov 2009
    Posts
    4

    Default

    Yep, it was all "0"'s i dunno how i could have cracked it otherwise :/

    thanks guys!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •