Jump to content

hocky

Members
  • Posts

    3
  • Joined

  • Last visited

Everything posted by hocky

  1. Hi mux, thx for the link. I know the minimum length for wpa is 10 but for a specific brand of routers in my area I noticed that the company uses a fixed size of 10 which is arrangements of "ABCDEF1234567890".And I know that it most possibly has the default phrase(wpa-psk) so that is why I use no dictionary. I am not sure how fast cowpatty is. I ran it in vmware on a 3.4 GHz CPU and noticed something like 1000 keys per 3 seconds. I also did some math and if they are correct then it's not worth it. I have 6 letters (ABCDEF) and 10 digits (1234567890). That makes a sum of 16. The size of each key is 10. So: 16^10 = 1099511627776 combinations(keys) Cowpatty checks about 1000 combianations every 3 seconds 3 secs checks 1000 keys x secs checks 1099511627776 keys x = 0.003 x 1099511627776 = 3298534883,328 secs = 916259,68981333333333333333333333 hours = 38177,487075555555555555555555556 days = 1272,5829025185185185185185185185 months = 104,59585500152207001522070015221 years Am I missing something? Is there a better way?
  2. Thanx for the reply MR Protocol, I forgot to mention that i do have the 4-way handshake (succesfully using airodump-ng in BT4) so i have my sniff.cap file to test. I also downloaded the 33GB Rainbow table from the Church of WiFi. I am not sure whether it's a good idea to check my sniff.cap file against that rainbow table since it does not have my ESSID in it.(Not too sure but i believe they made it using the top 1000 ESSID's and mine is not included) So I thought i might make my own rainbow table using my already known ESSID and then check the cap file against it. Not sure what the file size would be... Also if the file is too big i believe that i don't need all 26 letters, just ABCDEF1234567890 but maybe that is a very big file (?) Browsing the internet i run into the following command using "crunch" with "cowpatty" and testing it now. I do it in vmware so taking even more time to complete. so i am just waiting to see if it works. Have a look and tell me what you think, when i have the results i will post them in any case. /pentest/passwords/crunch/./crunch 10 10 0123456789ABCDEF | /pentest/wireless/cowpatty/./cowpatty -f - -r ~/capfile.cap -s essid
  3. Hello, here is the scenario: I know the ESSID and the length of the wpa-psk key(containing only alpha-numeric values and only capitals).Is it not better to just create a custom rainbow table based on the above information before brutforce attack? I thought of the following but i don't know how to implement it: 1) Firstly i make a custom wordlist of words that - have a length of 10 characters and these characters are alphanumeric only (only capitals) i.e. all combinations of (ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789) 2) Combine the known ESSID with that wordlist to generate the rainbow table. If the above seem valid how do I do it (what software and what commands do i use)? thanks PS: In aircrack-ng I notice the possible use of the essid and bssid (-s "ESSID" -b "BSSID"). Do these commands when incorporated make the cracking process faster than using a precomputaded rainbow table? i.e. is it equivalent to the above steps 1) & 2). If so which is faster?
×
×
  • Create New...