Jump to content

Easiest way to Crack WPA TKIP?


Recommended Posts

Ok, I am using a general wordlist for my router, My step-dad wont give me the wpa (I believe he is just too lazy to find the paper he printed it on or lost it...) key and my cat chewed through the ethernet cord I use on my laptop.

I use these commands in BT4.

airmon-ng start wlan0

airodump-ng mon0

airodump-ng -c 11 --bssid (BSSID) -w wpa mon0

and lastly

aircrack-ng -w /pentest/wireless/aircrack-ng/test/general.lst -b (BSSID) *.cap

Then it goes through the 1.7 or 1.8 million words it has saved on the lst file.. It seems (idk all the way yet) that they are all not right, is there a way to get lower and uppercase alpha tables in there without taking a crapload of space? And even if I have the HUGE files, is there a way to use them in aircrack or something?

I will appreciate anyone's answers.

Longcat B)

Link to comment
Share on other sites

Most routers these days use a random key code provided by the ISP, its either in the manual or on a sticker on the base of the unit. Cracking WPA with a word list is kinda pointless, you need to look at using a GPU to crack the code as its faster, and use more random key combinations (ie HanYr3bn28BNAnn2113n3a and so on). But, since you don't know anything about the code length and if it uses any special chars (hint: most brute forcing software is written by yanks and won't look for £ or €), its gonna take a long time. Try this instead.

Link to comment
Share on other sites

Previous posts above are all valid points, and if you have physical access, you could just reset the router like suggested(and use the existing cable between the router and the modem to configure said router).

One thing though, how do you know you even have the required info to crack WPA? I don't see any step in your post where you state you have captured the required handshake. You need to do a deauth on the access point and get someone to reconnect so you capture the 4-way handshake. Without the handshake, you are not brute forcing anything.

Also, there is a new attack developed for WPA hacking, so if I were you, I would google for the newer attack as well as update your version of aircrack to supports the newer attack. The new attack is much quicker, save yoruself some time.

Link to comment
Share on other sites

How to Hack Your WPA TKIP!

A Noobs Guide

What You Need!


Step 1.
This may take some time and some patience, you may mess up a couple times but do not give up!

Step 2.

Congratulations! You hacked your router!! You are now a 31337 h4x0r! Go brag to your friends!
Link to comment
Share on other sites

I did capture a handshake by using another computer and disconnecting-reconnecting

Just wanted to make sure, cause you won't get very far without it. :)

Link to comment
Share on other sites

Do the math before devoting your life to cracking it.

Try running this on the machine you used when grabbing the handshake:


That would be too easy...lol

Makes sense though, if you have physical access to a machine that already has the wpa configuration set up on it, you can just extract the key from the windows registry.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...