We were unable to load Disqus. If you are a moderator please see our troubleshooting guide.

ben • 3 years ago

Getting the handshake and .cap file is easy enough for me I can do this now very smoothly, using manual aircrack and wifite methods in Kali, I can also convert the .cap files into hccapx or oclcapx (might have mis-spelled that second one) for other software like Hashcat that is very GPU based but my current system dosen't have a nvidia or amd, or ANY GPU for these methods, I am using an old laptop with Kali flashed to USB so I am stuck with the old brute force or dictionary methods....(other than paying some site to do decrypt it for me but I would rather not go down that road....I want to learn myself)

I wrote my own set of python programs (and did a youtube tutorial on them with the code on GitHub) to generate a dictionary or list and save it to a .txt file - I have revisited these scripts I wrote to use as a brute force type or dictionary attack against my wifi router and generate wordlists.

Anyway...I set the paramaters to 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' and to create a list of 10 character long possible combinations...can you imagine my problem....

Left the python script run overnight, woke up, program had crashed out because the text output file was 35GB long! and I ran out of disk space - I don't even know how far it got through the alphabet but this isn't a practical method for me.

I know this router type uses uppercase A-Z, 10 char long strings, so I am working on amending my script to only do results beginning with A for example then manually work my way through the alphabet, resulting with a lot of smaller and alphabetically ordered dictionaries to try one at a time.

Is there a better approach to this? because this all seems very laborious and long winded....long story short I am self-studying pen-testing alongside my Uni degree in Computing and IT (like an online side course) but want to learn the basics of all areas.

I know my router's password but it just isn't the same if I put it into a text file and watch it crack in less than a minute...in the real world of pentesting, if I was asked/contracted to try and attack a companies infrastructure I need to be able to do this on the fly, on a laptop or Raspberry Pi with not a great deal of computing power or battery time. Any ideas would be much appreciated, because at this rate it will take me at least a week to crack my own 10 digit long router password.....

and that's just straight uppercase alphabet combos, without any upper/lower case differences, numbers or symbols thrown into the mix!

Viren Hirpara • 1 year ago

Learn to use season.
For example buy tool u can gernerate password and pass through to direct cracking or u can pass through john the ripper and then in cracking tools. So, that u don't have to build dictionary or need space for that.
By john the ripper, u can pause and resume the cracking process.

Kim • 5 years ago

What happens if there are multiple handshakes in one cap file?

OHC_admin • 3 years ago

No worries, we handle up to 1000 handshakes per file.

ben • 3 years ago

it is a 4-way handhsake. But aside from that, your script, software or more likely the way the command is worded might be saving different handshake captures into the same directory/folder, or even rewriting new handshakes into the exact same .cap filename (in this case you are not editing the filepath accordingly for the output destination so the command is just adding or rewriting to the same file each time)

Bleh • 3 years ago

I don't think that's possible.