Page 14 of 36 FirstFirst ... 4121314151624 ... LastLast
Results 131 to 140 of 358

Thread: -=Xploitz=- VIDEO: Volume #3 "E-Z WPA/WPA2 Cracking Tutorial"

  1. #131
    Senior Member
    Join Date
    Apr 2007
    Posts
    3,385

    Exclamation

    Quote Originally Posted by j3rry View Post
    hi, I'm a new here.

    I have done the crack of WPA/WPA2 under Bt2 & Ubuntu.And also find that Dic is an importent part. I have made about 3G space of dictionaries, but also can not crack some WPAshake's cap.

    Is there some tools can use in Brute force? Many times Brute force crack looks more efficient than dictionary crack . Why we can not do that?
    Dictionary attacks and "brute-force attacks" are almost the exact same thing.

    Brute-fore takes every combo of every letter (Aa-Zz) ((and possibly 0-9)) and start with a, b, c, d,...etc..then it gets to words like "quick" then the next guess is quicl..quicm..quicn...etc


    AND THIS IS NOT AN EFFICIENT way to crack WPA / WPA2 at all!!!!
    IT IS TO BE USED PURELY AS A LAST RESORT!!!



    Where as A DICTIONARY ATTACK ONLY USES THE WORDS OR COMBOS IN YOUR TEXT!! IT WILL NOT TRY EVERY COMBO OF LETTERS AND NUMBERS LIKE A BRUTE-FORCE ATTACK!!


    See the following from wikipedia:.......

    The distinction between guessing, dictionary and brute force attacks is not strict. They are similar in that an attacker goes through a list of candidate passwords one by one; the list may be explicitly enumerated or implicitly defined, may or may not incorporate knowledge about the victim, and may or may not be linguistically derived. Each of the three approaches, particularly 'dictionary attack', is frequently used as an umbrella term to denote all the three attacks and the spectrum of attacks encompassed by them.
    Brute force attack

    A last resort is to try every possible password, known as a brute force attack. In theory, a brute force attack will always be successful since the rules for acceptable passwords must be publicly known, but as the length of the password increases, so does the number of possible passwords. This method is unlikely to be practical unless the password is relatively small.
    Since were dealing with a MINIMUM of 8 characters in a WPA/WPA2 Passphrase...A brute force attack is not a good idea. It would take way..way...way to long to BF every combo of alpha, numeric, & alfa numeric passphrase that was at LEAST 8 Characters in length. Could take days...weeks..even months!!!







    Dictionary attack

    A dictionary attack also exploits the tendency of people to choose weak passwords, and is related to the previous attack. Password cracking programs usually come equipped with "dictionaries", or word lists, with thousands or even millions of entries of several kinds, including:
    • words in various languages
    • names of people
    • places
    • commonly used passwords
    The cracking program encrypts each word in the dictionary, and simple modifications of each word, and checks whether any match an encrypted password. This is feasible because the attack can be automated and, on inexpensive modern computers, several thousand possibilities can be tried per second.
    Guessing, combined with dictionary attacks, have been repeatedly and consistently demonstrated for several decades to be sufficient to crack perhaps as many as 50% of all account passwords on production systems.
    Re-read that last statement from wikipedia I have bolded and underlined.

    Hope this puts an end to the question .....

    "Are Brute-Force methods more efficient than a dictionary attack?"

    Answer : "No"
    "Whats the best WPA / WPA2 Cracking method to use??"
    Answer : "Make your own custom wordlist."


    I personally have only 3 total. And I break them down into smaller separate dictionaries when needed.


    1. Alpha dictionary
    only with first letter of the word Capitalized and the very next word in my list has the same exact word...but UN-Capitalized as in...

    Tuesdays
    tuesdays
    Westerns
    westerns

    Xploitz
    xploitz



    2. Numeric ONLY dictionary.

    from 00000000-99,999,999




    3. Alpha Numeric Dictionary only.

    Same as above 2....but combined. Example....



    Tuesdays0
    tuesdays0
    Westerns0
    westerns0

    Xploitz0
    xploitz0
    Tuesdays01
    tuesdays01
    Westerns01
    westerns01

    Xploitz01
    xploitz01

    etc....up to

    Tuesdays99999
    tuesdays99999
    Westerns99999
    westerns99999

    Xploitz99999
    xploitz99999



    Hint...

    Most common people never use any number over 5 digits in their combination of alpha-numeric password choices.

    Question:

    Why???

    -=Answer=-

    It would be too "Difficult" to remember a number larger than 5 digits for the average person to remember along with their "pass-WORD".
    [CENTER][FONT=Book Antiqua][SIZE=5][B][COLOR=blue][FONT=Courier New][COLOR=red]--=[/COLOR][/FONT]Xploitz[FONT=Courier New][COLOR=red]=--[/COLOR][/FONT][/COLOR][/B][/SIZE][/FONT][FONT=Courier New][COLOR=Black][SIZE=6][B] ®[/B][/SIZE][/COLOR][/FONT][/CENTER]
    [CENTER][SIZE=4][B]Remote-Exploit.orgs Master Tutorialist.[/B][/SIZE][SIZE=6][B]™
    [/B][/SIZE]
    [URL="http://forums.remote-exploit.org/showthread.php?t=9063"][B]VIDEO: Volume #1 "E-Z No Client WEP Cracking Tutorial"[/B]
    [/URL]
    [URL="http://forums.remote-exploit.org/showthread.php?t=7872"][B]VIDEO: Volume #2 "E-Z No Client Korek Chopchop Attack Tutorial"[/B]
    [/URL]
    [URL="http://forums.remote-exploit.org/showthread.php?t=8230"][B]VIDEO: Volume #3 "E-Z WPA/WPA2 Cracking Tutorial"[/B][/URL]

    [URL="http://forums.remote-exploit.org/showthread.php?t=8041"][B]VIDEO: Volume #4 "E-Z Cracking WPA/WPA2 With Airolib-ng Databases"[/B][/URL]
    [/CENTER]

  2. #132
    Just burned his ISO
    Join Date
    Oct 2007
    Posts
    13

    Question Thanks -=Xploitz=-

    Thanks -=Xploitz=-, really, your answer give me a spark, maybe I should change some thoughts.It looks that dicitonaries attack is more efficient than brute force attack in some time .

    Ok,here I have other question:

    I just have made 3G dicitonaries, I sort them like this:

    1.Number ,obtain pureness num, ID num, Birth, Tel/mobile num, post code, schoolkid's card, employee's card....and so on

    2. Alpha ,obtain word in common use, phrase, people name, nicky name, ab.,special meaning word....etc

    3.Combined , obtain 1+2 upwards,like what you show me : today123, guessme777...

    Then I find that the most difficulty is the 3rd part. Actually,It will need very more space than what I have if I combine them. Could you help me to make all dicitionaries more efficient? some tools or some ideas?

    Thanks for the detailed reply

  3. #133
    Senior Member
    Join Date
    Apr 2007
    Posts
    3,385

    Default

    Quote Originally Posted by j3rry View Post
    Could you help me to make all dicitionaries more efficient? some tools or some ideas?

    Thanks for the detailed reply
    Tools...

    Raptor3 (Windows) my personal favorite
    Accessdiver (Windows)
    Jonh the ripper (Linux and Windows)

    And a member made a wordlist manipulator tool here....
    Code:
    http://forums.remote-exploit.org/showthread.php?t=8033
    Hope this helps!!
    [CENTER][FONT=Book Antiqua][SIZE=5][B][COLOR=blue][FONT=Courier New][COLOR=red]--=[/COLOR][/FONT]Xploitz[FONT=Courier New][COLOR=red]=--[/COLOR][/FONT][/COLOR][/B][/SIZE][/FONT][FONT=Courier New][COLOR=Black][SIZE=6][B] ®[/B][/SIZE][/COLOR][/FONT][/CENTER]
    [CENTER][SIZE=4][B]Remote-Exploit.orgs Master Tutorialist.[/B][/SIZE][SIZE=6][B]™
    [/B][/SIZE]
    [URL="http://forums.remote-exploit.org/showthread.php?t=9063"][B]VIDEO: Volume #1 "E-Z No Client WEP Cracking Tutorial"[/B]
    [/URL]
    [URL="http://forums.remote-exploit.org/showthread.php?t=7872"][B]VIDEO: Volume #2 "E-Z No Client Korek Chopchop Attack Tutorial"[/B]
    [/URL]
    [URL="http://forums.remote-exploit.org/showthread.php?t=8230"][B]VIDEO: Volume #3 "E-Z WPA/WPA2 Cracking Tutorial"[/B][/URL]

    [URL="http://forums.remote-exploit.org/showthread.php?t=8041"][B]VIDEO: Volume #4 "E-Z Cracking WPA/WPA2 With Airolib-ng Databases"[/B][/URL]
    [/CENTER]

  4. #134
    Just burned his ISO
    Join Date
    Oct 2007
    Posts
    13

    Unhappy thanks , but.....

    I will try your advice. en...... which one I can use to combine my dicitionaries?

    but john the ripper? faint.....

    I don't believe it can be used in WPA crack.

    ...........hope I haven't make you feel tired. I just want to do better and deeper.

  5. #135
    Just burned his ISO
    Join Date
    Oct 2007
    Posts
    9

    Default

    Quick question, with your numeric list, why do you do 00000000-99999999? The passphrase has to be at least 8 chars long, so i guess you are just assuming no one would try to remember 9 characters. Also how big is that wordlist cause that's a LOT of numbers?

  6. #136
    Just burned his ISO
    Join Date
    Oct 2007
    Posts
    13

    Exclamation so simple password

    no everyone use these

  7. #137
    Senior Member
    Join Date
    Apr 2007
    Posts
    3,385

    Default

    Quote Originally Posted by j3rry View Post
    I will try your advice. en...... which one I can use to combine my dicitionaries?

    but john the ripper? faint.....

    I don't believe it can be used in WPA crack.

    ...........hope I haven't make you feel tired. I just want to do better and deeper.
    To combine dictionaries use DGather 1.5 - Dictionary Gathering Tool
    by Magic....located here....No..I don't believe you can use John to crack WPA or WPA2...but the last time I ever used John was like 5 years ago. Back then you could use it to build and modify wordlist. Don't know if you still can with it now..its changed some.

    If you want to customize your wordlist...combine/ modify/ edit. Raptor 3 is OK...Normally I just use a blank .txt file and just add the words I want to have in it.



    Quote Originally Posted by castlecrazy View Post
    Quick question, with your numeric list, why do you do 00000000-99999999? The passphrase has to be at least 8 chars long, so i guess you are just assuming no one would try to remember 9 characters. Also how big is that wordlist cause that's a LOT of numbers?

    Sorry...that was a "type O"
    ...I meant to say I use 00000000-9999999999. (10 characters. And that numeric wordlist is 9.30 gigs.


    If you guys want a nice little start on wordlist tools...go here.....and look at my very last post. I just added that post.

    BTW..the name of the program I use for my numeric wordlist is called Numero.
    .
    .
    .
    .
    [CENTER][FONT=Book Antiqua][SIZE=5][B][COLOR=blue][FONT=Courier New][COLOR=red]--=[/COLOR][/FONT]Xploitz[FONT=Courier New][COLOR=red]=--[/COLOR][/FONT][/COLOR][/B][/SIZE][/FONT][FONT=Courier New][COLOR=Black][SIZE=6][B] ®[/B][/SIZE][/COLOR][/FONT][/CENTER]
    [CENTER][SIZE=4][B]Remote-Exploit.orgs Master Tutorialist.[/B][/SIZE][SIZE=6][B]™
    [/B][/SIZE]
    [URL="http://forums.remote-exploit.org/showthread.php?t=9063"][B]VIDEO: Volume #1 "E-Z No Client WEP Cracking Tutorial"[/B]
    [/URL]
    [URL="http://forums.remote-exploit.org/showthread.php?t=7872"][B]VIDEO: Volume #2 "E-Z No Client Korek Chopchop Attack Tutorial"[/B]
    [/URL]
    [URL="http://forums.remote-exploit.org/showthread.php?t=8230"][B]VIDEO: Volume #3 "E-Z WPA/WPA2 Cracking Tutorial"[/B][/URL]

    [URL="http://forums.remote-exploit.org/showthread.php?t=8041"][B]VIDEO: Volume #4 "E-Z Cracking WPA/WPA2 With Airolib-ng Databases"[/B][/URL]
    [/CENTER]

  8. #138
    Just burned his ISO
    Join Date
    Aug 2007
    Posts
    7

    Default Saving the dictionary?

    If im running Backtrack 2 in a Cd..how can i save the dictionary in the root directory? Do i have to install backtrack 2 in usb driver? or is there any other way to save the dictionaries in the computer when running backtrack2 cd version?

  9. #139
    Senior Member
    Join Date
    Apr 2007
    Posts
    3,385

    Default

    Quote Originally Posted by soulflyfgm View Post
    If im running Backtrack 2 in a Cd..how can i save the dictionary in the root directory? Do i have to install backtrack 2 in usb driver? or is there any other way to save the dictionaries in the computer when running backtrack2 cd version?
    Theres TONS of ways.

    If your doing a live CD...you can't save shit. Well...you can save it temporarily...untill you reboot..then its all gone...Or do a live cd with saved changes. (see balding_parrots thread....or shamanvirtuel).

    I suggest doing a HD install..... Dual booted. If you already have XP...check out muts video here...

    and all your saves will stay.



    Theres another way...save your dictionary(ies) ....wordlist(s), onto a CD or on a Flash jump drive...then load it on BT@ when you need it, and place it in your home folder.

    But I seriously cant stress enough how having BT2 on HD is sOOooo much faster..more stable..reliable and so much more convent than just using BT2 as a live CD.
    [CENTER][FONT=Book Antiqua][SIZE=5][B][COLOR=blue][FONT=Courier New][COLOR=red]--=[/COLOR][/FONT]Xploitz[FONT=Courier New][COLOR=red]=--[/COLOR][/FONT][/COLOR][/B][/SIZE][/FONT][FONT=Courier New][COLOR=Black][SIZE=6][B] ®[/B][/SIZE][/COLOR][/FONT][/CENTER]
    [CENTER][SIZE=4][B]Remote-Exploit.orgs Master Tutorialist.[/B][/SIZE][SIZE=6][B]™
    [/B][/SIZE]
    [URL="http://forums.remote-exploit.org/showthread.php?t=9063"][B]VIDEO: Volume #1 "E-Z No Client WEP Cracking Tutorial"[/B]
    [/URL]
    [URL="http://forums.remote-exploit.org/showthread.php?t=7872"][B]VIDEO: Volume #2 "E-Z No Client Korek Chopchop Attack Tutorial"[/B]
    [/URL]
    [URL="http://forums.remote-exploit.org/showthread.php?t=8230"][B]VIDEO: Volume #3 "E-Z WPA/WPA2 Cracking Tutorial"[/B][/URL]

    [URL="http://forums.remote-exploit.org/showthread.php?t=8041"][B]VIDEO: Volume #4 "E-Z Cracking WPA/WPA2 With Airolib-ng Databases"[/B][/URL]
    [/CENTER]

  10. #140
    Sengir
    Guest

    Default

    Quote Originally Posted by -=Xploitz=- View Post
    If you want to hash the password and salt it with your ESSID...look up my

    -=Xploitz=- VIDEO: Vol. #4 "E-Z Cracking WPA/WPA2 With Airolib-ng Databases"
    sorry but i didn't find in that tutorial how to hash the password..it is testdb?
    thank you in advance..

Page 14 of 36 FirstFirst ... 4121314151624 ... LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •