Page 1 of 5 123 ... LastLast
Results 1 to 10 of 47

Thread: WPA Passwordlist - Understanding?

  1. #1
    Junior Member
    Join Date
    Aug 2007
    Posts
    99

    Default WPA Passwordlist - Understanding?

    hi

    I would like to Crack my own WPA2 Password but I'm not really sure, if it is possible. By now I have the handshake.
    My Passphrase looks something like this: ThepS889ALoS

    I have no Password list right now. Yesterday I searched the forum where to get a list and how to do it. But today i entered several search kommands and had no luck. So maybe one of you could give my the link. I'm sorry.

    I also wonder the art of bruteforcinng. My Password looks like it is a simple one, and I believe it far from impossible to find out such a password. But how does this function, because I can't understand how you could crack it, if it is not in a dictionary or wordlist.

    Thanks to all the people explaining me a lot of things.

  2. #2
    Super Moderator Archangel-Amael's Avatar
    Join Date
    Jan 2010
    Location
    Somewhere
    Posts
    8,012

    Default

    Have a search inthe forums here for bruteforcing wpa2.
    Also --=Xploitz=-- did a really nice video tutorial in the tutorials and guides section.

    sorry if this double posted hit the wrong button a minute ago...

  3. #3
    Junior Member
    Join Date
    Aug 2007
    Posts
    99

    Default

    I would like to know if it is possible to crack a WPA-Key if the word is not in the wordlist. I just crack my own wpa2-key a few minutes ago. I added it to the wordlist coming with aircrack and of course it only took 1 sec.

    But now i'd like to crack it without putting the right key in the device. I would like to have a wordlist which is more than 10 GB or so. But I don't really finde how to create those lists. And of course a know the airolip-ng WPA2 cracking tutorial , but my SSID is nowhere in the passphrase.
    Besides, I saw in the video that the passphrase was with small and capital letters and so on. So I guess not everybody has such special passwords in their list. Or the other option must be that some people created hugh list with all these special words with numbers in between. And thats what i dont understand.

    I would like to know how this works.

    tanks

  4. #4
    Senior Member shamanvirtuel's Avatar
    Join Date
    Mar 2010
    Location
    Somewhere in the "Ex" human right country
    Posts
    2,988

    Default

    more than what ?

    i usualy works with wordlist bigger than several gigas and with splits of them

    my wordlists contains MILLIONS of passwords .......

    you have also the cowf wpa cowpatty hash table to dl.......
    Watch your back, your packetz will belong to me soon... xD

    BackTrack :
    Giving Machine Guns to Monkeys since 2006

  5. #5
    Junior Member
    Join Date
    Aug 2007
    Posts
    99

    Default

    Quote Originally Posted by shamanvirtuel View Post
    more than what ?

    i usualy works with wordlist bigger than several gigas and with splits of them

    my wordlists contains MILLIONS of passwords .......

    you have also the cowf wpa cowpatty hash table to dl.......

    Sorry for asking such noob stuff...

    But what is the owf wpa cowpatty hash table for?

    And I would like to have your wordlist, but for sure there would be no chance to get it So I have to crate my own one. But I wonder how simple it is: Do you only have to download these list and copy and past them over to one dictionary. or do you have to use JTR.

    I would like to crack my oncels Wlan in a few weeks. He tells my I couldnt because his password is to difficult. But he has a pet and I know the pets name and Im very sure that this name is within the password. Is there a possibility how to deal with this. Is there a programm which uses for example on word and create several thousends of combinations around this word?

  6. #6
    Developer
    Join Date
    Mar 2007
    Posts
    6,126

    Default

    The wpa rainbow has tables are 40 gigs and they contain the top 1000 essisd computed against a list of passwords. What you have to understand is a wpa pass phrase is "salted" with the eesid of the router so if me and xploitz have the same passphrase on two different routers the hash will be different. Just as a side note linux passwords are done this way and windows are not which makes windows passphrases easier to break. However the rainbow tables come with a good pass list and there are a obscene amount available on the web so youll have to build one as we all do. Just hit the packet storm tab on your tool bar they have quite a few. Any way there is a tool to generate a table using a pass list already in bt called genpmk which can be found in the wireless section of your kde menu. This is used like this. I am hired to do a security audit of company x wireless security. I go to the site see that WPA is in place and the essid is "bugger_off". Now this essid is not in my rainbow table so I'll have to compute one . So I first I down load the whole web site and compute it into a word list. This is done with the wget command and a tool called wyd (thanks shamen),both already in backtrack. Wow those guys thought of everything. Then I use genpmk to enter the essid and my passlist and I wait all night and in the morning I have a freshly computed rainbow table which is specific to my attack essid. Hope this explanation cleared up some questions.

  7. #7
    Junior Member
    Join Date
    Aug 2007
    Posts
    99

    Default

    Quote Originally Posted by purehate View Post
    Just hit the packet storm tab on your tool bar they have quite a few..
    I'm sorry. I absolutly dont know what this means. What toolbar?

  8. #8
    Developer
    Join Date
    Mar 2007
    Posts
    6,126

    Default

    Quote Originally Posted by goon123 View Post
    I'm sorry. I absolutly dont know what this means. What toolbar?
    The toolbar on your firefoxbrowser

  9. #9
    Senior Member streaker69's Avatar
    Join Date
    Jan 2010
    Location
    Virginville, BlueBall, Bird In Hand, Intercourse, Paradise, PA
    Posts
    3,535

    Default

    Quote Originally Posted by purehate View Post
    The toolbar on your firefoxbrowser
    I'm guessing the next question is:

    What is firefoxbrowser?
    A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

  10. #10
    Developer
    Join Date
    Mar 2007
    Posts
    6,126

    Default

    I know. I'm really trying be be more nice and helpful these days, but its very hard to explain anything to someone who lacks basic computer knowledge and thinks that by downloading backtrack that he is immediately awarded 100 u833r l33t h4xor points.

Page 1 of 5 123 ... LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •