Aircrack not checking all password in list

[christ044]

Iv been using aircrack-ng with crunch and just feeding the crunch output straight into aircrack, only problem is this is very slow and takes one hell of alot of time. So i thought i would run a password list first to see what happens, first without my network password in the list and second time with it in the list.
It didnt find the password first time, but did the second, as you would expect, the really weird thing is though the password list is just over 3000 words long but yet both times of running aircrack says it uses only 540 keys?

Thinking the worlist might be corrupt or faulty (not sure how) i downloaded another one, again just over 3000 words long but this time when i run the same tests it shows as only reading 456 words?

the command im using is
aircrack-ng -w ./wordlist.txt -b (bssid) ./(my essid)*.cap

Any ideas as to why it isnt reading all the passwords in the list?

[18436572]

Did you take into consideration minimum word length for the encryption you are working with? i.e. 8 characters for WPA?

[kill_box001]

ive used aircrack-ng in the past and haven't had any issues try using the following against your password file in this order

cat name_of_password_file.txt | sort | uniq > name_of_new_password_file.txt

cat name_of_sorted_and_uniqed_password_file.txt |pwinspector -m 8 -M 63 > name_of_new_password_file.txt

-- referenced from -=Xploitz=- Linux Password Manipulation Commands.txt

this will remove all duplicate words in your file and all words that are less that 8 characters long and greater than 63 which unless previously optimized for wpa can dramatically reduce the size of a file..

eg : a while ago i built a 17gb password file after wpa optimization it was only 2gb in size

There are also password optimization scripts out there such as wordlist.sh (by M1ck3y & M1r4g3) and wordlist_tools.sh (by Purehate). These can do what i have state above but can also do alot more such as put out 50 permutations of each password or L33tify a list.

if you still believe the issue is with aircrack-ng try using cowpatty or pyrit..from memory cowpatty wont do wpa2 handshakes (please correct me if im wrong) and pyrit works best with CUDA support but both will give you a baseline to check your results against.

hope this is helpful

[christ044]

Thank you for the replies, i never thought about aircrack only passing 8 letter words bet thats were the problem is, ill have a look at the docs and change it.
And it would make sense as my password is 8 letters only!
Feel stupid now LOL

Many thanks Chris

[tonylturner]

I've had this issue when cobbling together password files from a combination of windows and linux environments. Might be an issue with the difference in how Windows and Linux handle carriage returns (CR/LF vs LF). You can use dos2unix and unix2dos to clean up those kinds of issues if you determine that to be the case.

[christ044]

Well i was wrong im my reply, aircrack does check words over 8 letters and under 8 letters.

Tony has a good point, i downloaded the list on my pc running windows vista, then put it on a memory stick and used it in backtrack.
Mind you having said that i get the same thing with the wordlist that comes with john the ripper and that was all done in backtrack (download, unzip etc), ill get a new list just downloaded on backtrack/linux and see what happens from there.

Many thanks for all the help offered

[kill_box001]

I've had this issue when cobbling together password files from a combination of windows and linux environments. Might be an issue with the difference in how Windows and Linux handle carriage returns (CR/LF vs LF). You can use dos2unix and unix2dos to clean up those kinds of issues if you determine that to be the case.

thanks for that i totally forgot that windows and unix handle carriage returns differently

[christ044]

Think it must be my wordlist, it run it through cowpatty (not totally sure i did it right) but it only read 456 words from the list, think a new wordlist is need.

The last two i have downloaded on a machine running windows, from the posts before i think this could well be were the problem lies. Still have to wait and see, many thanks for everyone's help.