Secure enough ??
Last week I decided to check if my network was secure "enough". I got my WPA Handshake within seconds (which is quite acceptable). I then got down to trying to crack it.
I used all the dictionaries i could get my hands on to try and brute-force my way in but found nothing. So far so good. But I still wasn't convinced.
Through some social engineering, and after a few pints of lager, i tricked myself into telling me that the password was made of a 10 digit mixture of letters and numbers. I therefore tried a different way:
/pentest/password/crunch 10 10 "abcdefghijkl.......1234567890" | aircrack-ng ..... wpa-01.cap
After something like 4 days of scanning 385 keys/second it had barely just started the 3rd digit. This made me feel a lot safer.
Question: Are there "faster" ways other than crunch to get to a 10 digit password by checking every possible permutation, or may I assume that no one is going to have the time to crack my password (at least for the next few hundreds of years) ???
yes there is a much faster way:
take yourself to the side, give yourself a bloody good talking to, then spike your own drink!
hopefully you should by then have obtained the key from yourself!
crunch is really fast to generate, but you pipe to aircrack-ng (and the limitation is not crunch here, but aircrack-ng), perhaps if you have CUDA ready you can try with aircrack-ng CUDA, or try another software such as pyrit (you create a database using cuda, and you pipe to cowpatty).
After for 8 character it's very large, you probably need a smal cluster, for 10 ch i think you can leave, the problem is if the ssid is not general you can't use precomputed database allready made for crack the password (it's same as a salted sha1 or other) you need to generate an another database (or table).
For WPA you can also leave TKIP if you use it, it's not broken but attack is possible (suck as a speed AP crash, or replaying small packets)