Page 1 of 3 123 LastLast
Results 1 to 10 of 29

Thread: bruteforce 8 character (uppercase) password

Hybrid View

  1. #1
    Just burned his ISO
    Join Date
    Feb 2008
    Posts
    19

    Default bruteforce 8 character (uppercase) password

    Hi all

    I have grabbed the handshake form my WPA encripted network and now want to try and bruteforce it. Whats the best method to crack the 8 uppercase letter password?

    If i was to create a wordlist with all the possible combinations this would be a massive file and would take a long time to generate so is there another way? Crunch??

    If there is could you please explain how to do it/code as im fairly new to linux but keen to learn.

    Thanks for any advice.

  2. #2
    Good friend of the forums
    Join Date
    Jan 2010
    Location
    outside chicago, il
    Posts
    442

    Default Re: bruteforce 8 character (uppercase) password

    crunch can generate all possible combinations of your 8 character password. If you were to try to save crunch's output to a file the file size will be: 1750GB.
    (x^y) * (y+1) = size in bytes
    x is the length of the string 8
    y is the length of the character set 26
    (8^26) * (8+1) = 1750GB

    You probably want to pipe crunch's output to aircrack like the following untested command:
    /pentest/passwords/crunch/crunch 8 8 -f /pentest/passwords/crunch/charset.lst ualpha -u | aircrack-ng -e test -w - /pentest/wireless/aircrack-ng/test/wpa.cap

    Good Luck
    Last edited by bofh28; 05-16-2011 at 12:52 PM. Reason: fix spelling mistake, add -u
    I like the bleeding edge, but I don't like blood loss

  3. #3
    Senior Member
    Join Date
    Jan 2010
    Posts
    107

    Default Re: bruteforce 8 character (uppercase) password

    You probably want to find another way of cracking that WPA passphrase. There are 302231454903657293676544 possible combinations.


    Regards
    Great minds have purposes, others have wishes

  4. #4
    Good friend of the forums comaX's Avatar
    Join Date
    Feb 2010
    Location
    Paris, France
    Posts
    338

    Default Re: bruteforce 8 character (uppercase) password

    Quote Originally Posted by erhardm View Post
    You probably want to find another way of cracking that WPA passphrase. There are 302231454903657293676544 possible combinations.


    Regards
    Uh, uh... What other way do you know for cracking WPA but bruteforce ?
    Running both KDE and GNOME BT5 flawlessly. Thank you !

  5. #5
    My life is this forum Barry's Avatar
    Join Date
    Jan 2010
    Posts
    3,817

    Default Re: bruteforce 8 character (uppercase) password

    Quote Originally Posted by erhardm View Post
    You probably want to find another way of cracking that WPA passphrase. There are 302231454903657293676544 possible combinations.


    Regards
    Not if you know it's an 8 character all uppercase password. Then it's only 208872064576 combinations.
    Of course, if you really wanted to have some fun, go to Wal-Mart late at night and ask the greeter if they could help you find trashbags, roll of carpet, rope, quicklime, clorox and a shovel. See if they give you any strange looks. --Streaker69

  6. #6
    Good friend of the forums comaX's Avatar
    Join Date
    Feb 2010
    Location
    Paris, France
    Posts
    338

    Default Re: bruteforce 8 character (uppercase) password

    Quote Originally Posted by Barry View Post
    Then it's only 208872064576 combinations.
    Oh, much better then
    (which it is in fact, given the previous figure... but hell, that's an awful lot too !)
    Running both KDE and GNOME BT5 flawlessly. Thank you !

  7. #7
    My life is this forum Barry's Avatar
    Join Date
    Jan 2010
    Posts
    3,817

    Default Re: bruteforce 8 character (uppercase) password

    Quote Originally Posted by comaX View Post
    Oh, much better then
    (which it is in fact, given the previous figure... but hell, that's an awful lot too !)
    True, just shows you why wpa2 is such a bitch to crack. It would probably be easier to just watch someone enter the password on their laptop from a spy satellite.....
    Of course, if you really wanted to have some fun, go to Wal-Mart late at night and ask the greeter if they could help you find trashbags, roll of carpet, rope, quicklime, clorox and a shovel. See if they give you any strange looks. --Streaker69

  8. #8
    Good friend of the forums comaX's Avatar
    Join Date
    Feb 2010
    Location
    Paris, France
    Posts
    338

    Default Re: bruteforce 8 character (uppercase) password

    Quote Originally Posted by Barry View Post
    True, just shows you why wpa2 is such a bitch to crack. It would probably be easier to just watch someone enter the password on their laptop from a spy satellite.....
    Or just ask politely ? But if you have a satellite, I'll take that too :P
    Running both KDE and GNOME BT5 flawlessly. Thank you !

  9. #9
    Member
    Join Date
    May 2011
    Location
    Israel
    Posts
    74

    Default Re: bruteforce 8 character (uppercase) password

    brute force and dictionary attacks are two very different things. A dictionary attack has nothing to do with enumerating every possible combination of characters, unless you generate a list of every possible combination. Even in that case that's still just a brute force list
    Dictionary attack is more clever derivative of brute force attack.

  10. #10
    Senior Member
    Join Date
    Jan 2010
    Posts
    107

    Default Re: bruteforce 8 character (uppercase) password

    Quote Originally Posted by Barry View Post
    Not if you know it's an 8 character all uppercase password. Then it's only 208872064576 combinations.
    AFAIK this is how it's computed: (length of password)^(no. of characters) -> 8^26 = 302231454903657293676544 for uppercase/lowercase. It would be 91343852333181432387730302044767688728495783936 for uppercase+lowercase.

    However I didn't computed that by hand(LOL) so I can't check if the number is actually correct, also I might used the wrong formula

    Quote Originally Posted by iliyapolak View Post
    Dictionary attack is more clever derivative of brute force attack.
    I see the dictionary attack a way of bruteforce the human behind the keyboard. You actually try every possible combination that the human would logically type.

    The success of the bruteforce attack is computed by transversing all the search space and finding how much compute power is needed.

    The success of the dictionary attack depends on the knowledge of the human that created that password. The better you know the human, the more chance of success.


    Regards
    Last edited by erhardm; 05-20-2011 at 04:30 PM.
    Great minds have purposes, others have wishes

Page 1 of 3 123 LastLast

Similar Threads

  1. Word list MaNiPuLaTeR, lowercase to uppercase.
    By MotherRuss1a in forum Beginners Forum
    Replies: 4
    Last Post: 09-01-2010, 05:38 AM
  2. *.cap file character
    By _mitsos_ in forum Beginners Forum
    Replies: 5
    Last Post: 02-26-2010, 08:31 PM
  3. 8 character (A-Z) uppercase wordlist?
    By woody565 in forum OLD Newbie Area
    Replies: 2
    Last Post: 02-10-2009, 04:15 PM
  4. Help with making uppercase words (C++)
    By devilsson2010 in forum OLD Programming
    Replies: 5
    Last Post: 09-15-2008, 04:05 AM
  5. How to display CKJ character
    By marlin_cn in forum OLD BT3beta General
    Replies: 11
    Last Post: 05-28-2008, 04:16 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •