Results 1 to 5 of 5

Thread: permutations for hash rainbow table, how to

  1. #1
    Just burned his ISO
    Join Date
    Nov 2009
    Posts
    6

    Default permutations for hash rainbow table, how to

    Hello, my first post here and i would just like to say, its a pleasure to be here.

    I am relatively new when it comes to wifi cracking, and i have one question.
    Couple of days ago i managed to get my nvidia cuda with i7 working in synch, so i've been able to run tables at more than 200,000 pmk/s with pyrit and 9 cores (with GPU still doing most of the work ofc ). I was messing with some quite large dictionaries but its mostly out of success since (partly) the reason is there is no dictionaries covering my language.
    I want to try simple brute force method with dictionary consisting of simple permutations of say, only lower case letters [a-z] and numbers [0-9].

    Do i have to generate my own dictionary first, and then make hash table, or, there is a shortcut and i can create those tables on the fly and feed it like that, similarly to what i'm doing with cowpatty and ordinary dictionary.
    In any case, how do i go about doing that. help is appreciated.

  2. #2
    Just burned his ISO
    Join Date
    Nov 2009
    Posts
    6

    Default

    Ok, i did some more research (hard with little spare time i have), and i found about rainbowcrack which will let me make my own SHA1 hash table i need for wpa? On the official site i don't see nvidia cuda version for linux, only windows.
    The hash must include SSID as well, correct? Those rainbow tables on the official site don't inlcude ssid for computation, making them useless for wpa?

    Would anyone be kind to explain how to make the hash table defining only alphanumerical characters (with or without rainbowcrack program, but with cuda support). Am i on the right track for this? I'd like to do some company testing. Thx

  3. #3
    Just burned his ISO
    Join Date
    Dec 2009
    Posts
    21

    Default

    Well I hate to be pretty vague about this but isohunt.com had a torrent that not only had the "how to" , but also had a bunch of great brute force dictionaries to go with it. I haven't needed it in a long time so go there and see if you can find it through their simple search option. If not , then message me and perhaps I dig them up off my desktop and the zip to you. I have to warn though , it will be in windows and you will have to migrate it to your linux box.
    A computer lets you make more mistakes faster than any invention in human history -- with the possible exceptions of hand guns and tequila.
    --Mitch Ratliffe

  4. #4
    Junior Member Zermelo's Avatar
    Join Date
    Feb 2010
    Posts
    54

    Default

    You need to get more clarification. First you do realize that any hash tables for wpa are salted with the essid, so they're useless if you're trying to crack a wpa handshake where the essid isn't in the hash table.

    Second, pre-computing hash tables for wpa is pretty much useless unless you're going to pre-compute them for common essids like "netgear" "linksys", etc. This is because if the essid you're trying to crack is unique or semi-unique then the time you're wasting pre-computing the hash table, you can be directly trying to crack the wpa-handshake.

    You need to be clearer on what you want to do. Pyrit has the ability to do a direct brute-force attack on a handshake, and you can passthrough alpha-numeric combinations to pyrit if you dare to.

  5. #5
    Just burned his ISO
    Join Date
    Nov 2009
    Posts
    6

    Default

    While waiting for some response i educated myself more on the subject. It's pretty much clear now.
    The rainbow table must be made for specific essid.
    Also it seems the best thing would be to make table from alphanumeric permutations rather than dictionaries. But going simple bruteforce and making table out of say string of only 8 alphanumerics would be 36^8 which would still take 6 years on machine like mine that can go over 15000 passwords/second with pyrit on my gtx 280.

    Thx for reply nonetheless

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •