Page 1 of 2 12 LastLast
Results 1 to 10 of 20

Thread: 10 Character pass

  1. #1
    Just burned his ISO
    Join Date
    Dec 2009
    Posts
    3

    Default 10 Character pass

    Hi, I'm trying to find a 10 character password list with all the possible number and letter (no special characters) combinations to bruteforce a wpa handshake.

    Does anyone know where i can get one or maybe help me constructing it

    one more stupid question. How many possible combinations would there be?

    thanks

  2. #2
    Super Moderator Archangel-Amael's Avatar
    Join Date
    Jan 2010
    Location
    Somewhere
    Posts
    8,012

    Default

    The search feature covers this very topic.
    To be successful here you should read all of the following.
    ForumRules
    ForumFAQ
    If you are new to Back|Track
    Back|Track Wiki
    Failure to do so will probably get your threads deleted or worse.

  3. #3
    Super Moderator lupin's Avatar
    Join Date
    Jan 2010
    Posts
    2,943

    Default

    Do you only want 10 character passwords or do you want all passwords up to and including 10 characters? (e.g. 1 letter passwords, 2 letter passwords ... 9 letter passwords, 10 letter passwords). Doesn't really matter actually, because creating either list is infeasible.

    Assuming the smaller of the two lists containing only 10 character passwords using a-z, A-Z, 0-9, we have 62 to the power of 10 entries (839299365868340224). Assuming an ASCII character set, at 11 bytes for each password (ten bytes for the password and one for the end of line character) you would need 9,232,293,024,551,742,464 bytes or 8,598,242,909.23 gigabytes of storage to store the list.

    Hopefully the math convinces you that trying to create a complete 10 character password list is a bad idea.
    Capitalisation is important. It's the difference between "Helping your brother Jack off a horse" and "Helping your brother jack off a horse".

    The Forum Rules, Forum FAQ and the BackTrack Wiki... learn them, love them, live them.

  4. #4
    Super Moderator Archangel-Amael's Avatar
    Join Date
    Jan 2010
    Location
    Somewhere
    Posts
    8,012

    Default

    Quote Originally Posted by lupin View Post
    Hopefully the math convinces you that trying to create a complete 10 character password list is a bad idea.
    Not to mention it would be easier to just put the password in the dictionary.
    To be successful here you should read all of the following.
    ForumRules
    ForumFAQ
    If you are new to Back|Track
    Back|Track Wiki
    Failure to do so will probably get your threads deleted or worse.

  5. #5
    Senior Member Thorn's Avatar
    Join Date
    Jan 2010
    Location
    The Green Dome
    Posts
    1,509

    Default

    Quote Originally Posted by lupin View Post
    Do you only want 10 character passwords or do you want all passwords up to and including 10 characters? (e.g. 1 letter passwords, 2 letter passwords ... 9 letter passwords, 10 letter passwords). Doesn't really matter actually, because creating either list is infeasible.

    Assuming the smaller of the two lists containing only 10 character passwords using a-z, A-Z, 0-9, we have 62 to the power of 10 entries (839299365868340224). Assuming an ASCII character set, at 11 bytes for each password (ten bytes for the password and one for the end of line character) you would need 9,232,293,024,551,742,464 bytes or 8,598,242,909.23 gigabytes of storage to store the list.

    Hopefully the math convinces you that trying to create a complete 10 character password list is a bad idea.
    It always amazes me that people can't work out the math for themselves. This isn't rocket science.
    Thorn
    Stop the TSA now! Boycott the airlines.

  6. #6
    Moderator theprez98's Avatar
    Join Date
    Jan 2010
    Location
    Maryland
    Posts
    2,533

    Default

    I calculated this once before (it's been a while), but an 8 character password for ONE single SSID would be something on the order of 5 petabyes.
    "\x74\x68\x65\x70\x72\x65\x7a\x39\x38";

  7. #7
    Senior Member Thorn's Avatar
    Join Date
    Jan 2010
    Location
    The Green Dome
    Posts
    1,509

    Default

    Quote Originally Posted by theprez98 View Post
    I calculated this once before (it's been a while), but an 8 character password for ONE single SSID would be something on the order of 5 petabyes.
    Honk! Honk! Honk!

    That's the sound of the tractor trailer backing up into your driveway to deliver the 5PB worth of drives...
    Thorn
    Stop the TSA now! Boycott the airlines.

  8. #8
    Senior Member streaker69's Avatar
    Join Date
    Jan 2010
    Location
    Virginville, BlueBall, Bird In Hand, Intercourse, Paradise, PA
    Posts
    3,535

    Default

    Quote Originally Posted by Thorn View Post
    Honk! Honk! Honk!

    That's the sound of the tractor trailer backing up into your driveway to deliver the 5PB worth of drives...
    I was thinking about storing it on spanned floppies, so that I can take it offline when need be.
    A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

  9. #9
    Super Moderator lupin's Avatar
    Join Date
    Jan 2010
    Posts
    2,943

    Default

    Quote Originally Posted by Thorn View Post
    It always amazes me that people can't work out the math for themselves. This isn't rocket science.
    I agree, the math isn't that difficult, you just need to know the formula to get the number of possible entries ('number of possible characters' to the power of 'length of password' for anyone that doesn't know). Most people I have talked to about this don't seem to know that though. I included this formula in a recent risk assessment relating to password controls, and no one who read it had seen it before (a lot of non IT people read it however, which may partially explain things). In addition, I can recall someone posting a link here on the forums which featured some 'expert' getting this wrong.

    Quote Originally Posted by streaker69 View Post
    I was thinking about storing it on spanned floppies, so that I can take it offline when need be.
    I'd prefer to just send it as an email attachment.
    Capitalisation is important. It's the difference between "Helping your brother Jack off a horse" and "Helping your brother jack off a horse".

    The Forum Rules, Forum FAQ and the BackTrack Wiki... learn them, love them, live them.

  10. #10
    My life is this forum Barry's Avatar
    Join Date
    Jan 2010
    Posts
    3,817

    Default

    Quote Originally Posted by streaker69 View Post
    I was thinking about storing it on spanned floppies, so that I can take it offline when need be.
    Something that big might need my usb thumb drive raid array.

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •