Brute Force on WPA/WPA2. Without Dictionary

[reccaflare]

guys.. wanted to ask you guys for some help

i wanted to brute force on handshake file..

but i doesn't want to create wordlist and brute force it with the settings like 10 characters numeric..

can anyone guide me on the right path.

cause creating wordlist for 10 characters needed a lot of storage..

[dwjs1974]

yes it does take up a lot of space
Have you read the Tut on http://www.backtrack-linux.org/forum...light=password

Its very informative...

Dave

[reccaflare]

the link couldn't be download ^^

[bolexxx]

The link is working

[lightmoon]

the link may help you

http://lastbit.com/pswcalc.asp

[azboy]

You can use crunch to create the password list and then pipe that to pyrit. something like the below should work. I haven't tried it myself yet tho.

[CODE]./crunch 10 10 0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMN OPQRSTUVWXYZ | pyrit -r wpa.cap -e "AP Name" -i - attack_passthrough[/CODE

I would be interested in your setup if you don't mind posting? Even that four ATI 5970 machine on youtube can only do 280,000 PMK/s which works out to about 94,987 years to process 10 char of 0-9,a-z and A-Z.

reference: hxxp://hacking-library.com/forum/viewtopic.php?f=36&t=275

[boxter]

My BT machine is an old 1Ghz laptop, so I do any cracking on my main desktop, which runs XP.

Cain on XP will bruteforce WPA without a dictionary. You can set parameters such as between 8-12 characters, only alphanumeric, etc. Be prepared, it'll take some time though!