Page 1 of 3 123 LastLast
Results 1 to 10 of 29

Thread: bruteforce 8 character (uppercase) password

  1. #1
    Just burned his ISO
    Join Date
    Feb 2008
    Posts
    19

    Default bruteforce 8 character (uppercase) password

    Hi all

    I have grabbed the handshake form my WPA encripted network and now want to try and bruteforce it. Whats the best method to crack the 8 uppercase letter password?

    If i was to create a wordlist with all the possible combinations this would be a massive file and would take a long time to generate so is there another way? Crunch??

    If there is could you please explain how to do it/code as im fairly new to linux but keen to learn.

    Thanks for any advice.

  2. #2
    Good friend of the forums
    Join Date
    Jan 2010
    Location
    outside chicago, il
    Posts
    442

    Default Re: bruteforce 8 character (uppercase) password

    crunch can generate all possible combinations of your 8 character password. If you were to try to save crunch's output to a file the file size will be: 1750GB.
    (x^y) * (y+1) = size in bytes
    x is the length of the string 8
    y is the length of the character set 26
    (8^26) * (8+1) = 1750GB

    You probably want to pipe crunch's output to aircrack like the following untested command:
    /pentest/passwords/crunch/crunch 8 8 -f /pentest/passwords/crunch/charset.lst ualpha -u | aircrack-ng -e test -w - /pentest/wireless/aircrack-ng/test/wpa.cap

    Good Luck
    Last edited by bofh28; 05-16-2011 at 12:52 PM. Reason: fix spelling mistake, add -u
    I like the bleeding edge, but I don't like blood loss

  3. #3
    Senior Member
    Join Date
    Jan 2010
    Posts
    107

    Default Re: bruteforce 8 character (uppercase) password

    You probably want to find another way of cracking that WPA passphrase. There are 302231454903657293676544 possible combinations.


    Regards
    Great minds have purposes, others have wishes

  4. #4
    Good friend of the forums comaX's Avatar
    Join Date
    Feb 2010
    Location
    Paris, France
    Posts
    338

    Default Re: bruteforce 8 character (uppercase) password

    Quote Originally Posted by erhardm View Post
    You probably want to find another way of cracking that WPA passphrase. There are 302231454903657293676544 possible combinations.


    Regards
    Uh, uh... What other way do you know for cracking WPA but bruteforce ?
    Running both KDE and GNOME BT5 flawlessly. Thank you !

  5. #5
    Senior Member
    Join Date
    May 2010
    Posts
    198

    Default Re: bruteforce 8 character (uppercase) password

    Yep - only one way to crack WPA. On my box running 2x Nvidia 465 cards and 295 million passwords in the DB I can punch through the precomputed PMKs in under 5 minute. If the pass-phrase is in the DB then its trivial otherwise your stuck brute forcing with character sets which I haven't been able to get above 50000 PMKs.
    "Never do anything against conscience -- even if the state demands it."
    -- Albert Einstein

  6. #6
    Senior Member
    Join Date
    Jan 2011
    Location
    over the under
    Posts
    197

    Default Re: bruteforce 8 character (uppercase) password

    Uh, uh... What other way do you know for cracking WPA but bruteforce ?
    how bout the traditional way... Dictionary attack

    To pipe crunch through aircrack would be a ridiculous waste of life. Even if you piped crunch through pyrit to take advantage of gpu technology it really still wouldn't be a rational option, unless you were brute forcing something like a combination of 8 numbers. My rig performs at right below 150,000 PMKs and even trying to brute force an 8 character password would still be unbelievably time consuming.

    I recommend creating a really strong wordlist. If you can, make the list relevant to the target. look into a tool called cupp

    precomputed data is good too, but from what I understand each password is salted by the essid of the access point so each password needs to be precomputed for each essid.

  7. #7
    Senior Member
    Join Date
    May 2010
    Posts
    198

    Default Re: bruteforce 8 character (uppercase) password

    What are you running that gives you 150000 pmks? I have 2 465s and get 50k but dont do any overclocking. Are you running 6 of these things or do I need to reconfigure my setup. I know the 500 nvidia card series is pretty bad ass and was thinking of getting a couple of those.

    I am such a pyrit fanboy now.

    by the way there are some good crunch commands that can get you good results.
    crunch gets me about 25% of my successful cracks and pyrit DB get the rest.

    Quote Originally Posted by 2901119 View Post
    how bout the traditional way... Dictionary attack

    To pipe crunch through aircrack would be a ridiculous waste of life. Even if you piped crunch through pyrit to take advantage of gpu technology it really still wouldn't be a rational option, unless you were brute forcing something like a combination of 8 numbers. My rig performs at right below 150,000 PMKs and even trying to brute force an 8 character password would still be unbelievably time consuming.

    I recommend creating a really strong wordlist. If you can, make the list relevant to the target. look into a tool called cupp

    precomputed data is good too, but from what I understand each password is salted by the essid of the access point so each password needs to be precomputed for each essid.
    "Never do anything against conscience -- even if the state demands it."
    -- Albert Einstein

  8. #8
    Senior Member
    Join Date
    Jan 2011
    Location
    over the under
    Posts
    197

    Default Re: bruteforce 8 character (uppercase) password

    im running 2 stock hd 6970s with calpp. They're nice but I wish i would have waited and gotten the 6990s. I originally picked up a gtx 580 but was only getting like 38,000 PMKs so I returned it. Care to share those crunch commands?
    Last edited by 2901119; 05-16-2011 at 07:41 AM.

  9. #9
    Just burned his ISO
    Join Date
    Feb 2008
    Posts
    19

    Default Re: bruteforce 8 character (uppercase) password

    Ok so my setup is not capable of running speeds anywhere near mentioned in some of the posts so it would take a loooong time to crack the password!!!

    Not sure if this is against forum rules, but could i send my handshake to someone on here who is able to run pyrit and see if they can crack it?

    Thanks again

  10. #10
    Senior Member
    Join Date
    Jan 2010
    Posts
    107

    Default Re: bruteforce 8 character (uppercase) password

    Quote Originally Posted by woody565 View Post

    ...I have grabbed the handshake form my WPA encrypted network and now want to try and bruteforce it. ...
    If it's your network why don't you just append the passphrase in a dictionary file and I'm sure your cracking would be successful

    If you want to test your WPA against a superior dictionary attack, use Purehate's cracker: http://tools.question-defense.com/

    Regards
    Last edited by erhardm; 05-16-2011 at 10:04 AM.
    Great minds have purposes, others have wishes

Page 1 of 3 123 LastLast

Similar Threads

  1. Word list MaNiPuLaTeR, lowercase to uppercase.
    By MotherRuss1a in forum Beginners Forum
    Replies: 4
    Last Post: 09-01-2010, 05:38 AM
  2. *.cap file character
    By _mitsos_ in forum Beginners Forum
    Replies: 5
    Last Post: 02-26-2010, 08:31 PM
  3. 8 character (A-Z) uppercase wordlist?
    By woody565 in forum OLD Newbie Area
    Replies: 2
    Last Post: 02-10-2009, 04:15 PM
  4. Help with making uppercase words (C++)
    By devilsson2010 in forum OLD Programming
    Replies: 5
    Last Post: 09-15-2008, 04:05 AM
  5. How to display CKJ character
    By marlin_cn in forum OLD BT3beta General
    Replies: 11
    Last Post: 05-28-2008, 04:16 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •