how much packet or data do you have to get...... i got 50000 would ineed more to make it ..

Hey! Is it possible to crack my router completely WITHOUT dictionary? WPA and WPA2 I mean. I don't think there is a dictionary in the world that have my password in it. Thx

And yeah I don't want to reset the router I just wanna know...

trick is you realy bruteforcing 3 symbols. acording to web-calculator it takes circa 1 minute. just like you did.

@nickeras yes, youtbe doesn't allow me to send a video during several year.

i just show how to read string from stdin with aircrack, and the idea of web-calculator is to help user in a choice (is it too long to crack a 8 ch key with my computer ?)

@bricowifi that's right. just notice that bruteforsing 8-symbol passphrase realy impossible on single computer. Even for mine PC which can try 8000 k/s it will take more than 870 years :)

The right thing is to use dictionary or giveup

trick is you realy bruteforcing 3 symbols. acording to web-calculator it takes circa 1 minute. just like you did.

woow!!

brute to kick her ass.

i like this video.

wpa is a bitch to crack, its a SHA1 hash salted with the wifi SSID. so the hash for "linksys" and "bobswifi" are different even if they both use the same password, so rainbow tables are out for uniquely named wifi. Brute force would be easy enough if it was just hashed once, but wpa is hashed 4096 times. Brute force is possible with enough powerful grpahics cards, but costly.

no he is not using a dictionary dumbfucks... its a true "bruteforce" if you cant understand the difference then you shouldent be attempting to hack/crack

If I knew 5 chars of the password and only had to brute 3 lowercase characters of the pass i wouldnt be wasting my time with dictionary.

I dont see how this video is practical in any way. Hash tables FTW IMHO!

The attacker will try the default pass hash table and stages of dictionary attacks before resorting to brute.

What distro are you using?

how the hell do u capture a handshake if u cant log on to the network in the first place. I Dont understand.. I use wireshark

@Kingpee03 i dont know how you can when you are already on the network.since you need monitor mode to do it in the first place.nor why would you need it at that point. but to get a handshake i use aircrack-ng with these codes. aireplay-ng -0 1 -a (bssid mac here) -c (here you use one of the mac address under station) mon0. withought the -c command i never could get a hand shake only very few times but much more efective with this -c command

is it possible to generate passwords on air and use airolib-ng with it?

and Thanks!

is it possible to generate passwords on air and use airolib-ng with it?

and Thanks!

This music makes me feel high

your use dictionary my friend

what OS is this ? alien security? where can i get a copy ?

payam1995, is rite , it is really better than makin dictionary files.

thanks to bric0wifi for this tech.

i love this.

if sgrsgrsgrsgrs...... ? has any better option for crackin password then he should upload some video.

cheers

atleast it is better than making a dictionary file of GB's

thanks

ok big help please, What if were not using vmware and booting the disc from pc. i dont have the option to choose a file,, or even look for one, How would i find a passord list,, or even place it in bootable bt4? all the videos i see,, EVERYONE is using vmware, WHY??! make a tutorial on cracking WPA, wpa'2 without vmware, and using the bootable disc to crack wpa,, and how to install a list for it,, and how to find the list for it,,?? Anyone out therE?? can do this? big subs if you can do it .

Think you can crack my 63char length pass with a dict attack?

where i can get a list of wifi cards that support packet injection?

Is crunch already pre-installed on Backtrack 4 ?

@bricowifi

the tutorial seems interesting but I cannot get it to work. I only get 4 keys tested at a speed of 1.45k/s and then I get:

Passphrase not in dictionary

Quitting aircrack-ng...

Could you please help me?

Thank you

what hardware do you have? what kind of keys per second will i see from ati stream hd5850 phenom 955 x4 3.2ghz 4gb ddr3 1600mhz?

dosw any one have a link to download a big word list ??

@WhyEpoz

wwwDOTapasscrackerDOTcom/dicti­onaries/

wwwDOTgovernmentsecurityDOTorg­/forum/indexDOTphp?showtopic=1­7833

just replace "DOT" with "."

the second one is by far much larger, but obviously this would make it slower.

why bruteforce? why not rainbow tables? tables are only about 1gb for each default ssid.

dude, just write a simple perl script that generates paswords from aaaaaaaa to zzzzzzz and pas it to cowpatty as a parameter with STDIN

so

perl generator.pl | ./cowpatty -f - -r capfile.cap -s SSID

and its done

the -f - tells cowpatty to get input from stdin ;) hope it helps

where i can get crunch?

@dextermg07 search at sourceforge "crunch-worlist"

@bricowifi does crunsh work with backtrack?

Crunch is trying every symbol...so...you need a lot of time to crack Wpa. My laptop can check 1115 p/sec....but i still need a very long time to crack the network

it's still considered a dictionary crack

where can i find a good dictionary for free ?

hey there, nice vid,

i was wondering whats the aircrack command to brute force wpa instead of using dictionary attack?

what about cowpatty?

Where Did you get the "Alien Sercuity" Linux from?

pue la merde la musique, gros plagiat style razor1911, spécialistes des sons geek bien beaufs

Sinon ya aucune explication dans la vid alors je vois pas l'interet

where I can download this software

Thanks for the vid.

WPA PSK:

With all due respect, cracking WPA with blind wordlists, precomputed or not, is in my opinion pure waste of electricity.

Unless the target uses a dummy password, it will take a long long time....

M0rbius:

When I read "I manage to get 75%" of the WPA , I raise an eyebrow...

what where the psw cracked? 123456, letmein, password, etc ?

please, just calculate to cost of electricity to bruteforce a 20 ASCII.

Good luck .......

@sgrsgrsgrsgrsgr thats why you just can hack those university servers that works on grids, the Balkan Grid Network has computers connected as ONE with job sharing so you have 20000 computers working as one giant server, in this case we dont need luck ;)

@sgrsgrsgrsgrsgr ive got a program called elcomsoft wireless security auditor that uses my graphics card in tandem with my cpu so a 16 ASCII (biggest .dic i have) takes around 4 hours max to crack, better the graphics card you have the faster

@sgrsgrsgrsgrsgr with a Pentium 3 ridicules, with 4 new nvidia cards using cuda not much :P

@sgrsgrsgrsgrsgr

Agreed. There are so many methods with cracking WPA that universally we have many tools at our disposal :] I still get a kick out of my netbook WPA cracking in BT5, However.... a dictionary attack.... Takes forever (in some cases) .... :[!

@sgrsgrsgrsgrsgr I Totaly Agree with you, Attacking WPA Of most forms would be wasted effort and electricity, Hence why they phased WPA In, You may be in luck with AES WPA as AES Encryption can be broken in half the time now. But id still seriousley doubt it, i have an old laptop and i did a network for a test, it was running for 2 days @ 20Million Keys, Goes to show WPA isnt worth the time.

elcomsoft have a real nice prog out for a while that uses a mutation engine to use the graphics card and process rainbow tables alot faster and is very reliable for a 13 word pass upper lower and numerical key it takes about 3-4hrs which isnt to bad :)

just get a good wordlist and precompute the keys for the ESSID with airolib-ng and i manage to get about 75% of WPA's i have tried to crack for real usually takes about 4-11 hrs

@M0rbi0uS 75% claim using airolb? I've generated several wordlists totalling over 400 million passwords. I have captured around 7-10 WPA/2 handshake caps. You know what? after days of running through all my passwords (usually takes around 5 days!) apart from biscotti and 12345678 not one of the real caps turned up! All airolib does, in essence, is speed up the cracking process but the process of generating the pre-hashed keys in itself takes as long as the 5 day method, so what's the point?

I use a good wordlist and use airolib-ng to do the PMK's and i manage to crack about 75% of all WPA's I have atempted in about 6-11hrs

get a good wordlist use airolib and half the time it takes to crack WPA i have used it in anger many times with about a 50/50 success rate usally takes about 10 hrs a go

la musique est marqué à la fin :/

@bricowifi I think this is worth a go and I'll tell you why. Doing it via bruteforce the chances are improbable. But if you did some footprinting on the organisation this could work, i.e its the computing department you wanted to test. The department is actually called computing you could begin with comp and leave crunch to go through the remaining 4 characters. Worth a try I think. Well done!

@bricowifi Actually I couldn't get it to pipe like you did. You were a bit naughty using a - as your wordlist file in order for the video to look good. You deceived us in that way. Crunch is great at permuating all the possible ening of a password. for instance, a lot of people put numbers after their names/passwords. Crunch could create a tailored wordlist to create all these permutations.

What is this song ? Quelle est le nom de cette musique stp merci :p supr video sinon !

If your really into cracking WPA get cowpatty i think 4.6 is the latest and pipe john the ripper into it because its generally faster even on my netbook

Cool music.

Bollocks, you are using a Dictoionary with the crunch, the fact you piped it though dont mean you dint use a wordlist !! You RETARD !!

read other comment, and understand "bruteforce" "dictionnary". for the video i can't bruteforce 8 caracteres, i bruteforce only the end of the passphrase (3 caracteres)

you are using dictionary why you sea ( no dictionary )

it's not a dictinary attack, it's generate on the fly, with a define charset, it cover all possible pass if you want with a good configuration.

attack by dictionary, is just a text file with some classic words, after you can write the output of crunch in a text file, but it will take so much place in your HD

LOL 19 years