So, there's this pentest I want to try with my network. I tried bruteforce but it took days and nothing came up even. I believe Rainbow Tables are a convenient way to try and, as there are tables available on Ophcrack's website, that worked well before when I tried with Windows passwords, I wanted to give it a try to know if it's possible and easy to do. They come in .zip format and there is a folder and inside comes a bunch of files with different extensions. (.bin, .start.. etc.)
Have anyone tried that or do I in fact have to generate my own Rainbow Tables in order to test? If I do, please give me some directions (or a link) of how to do that on BackTrack or Kali. That should do the job.
Thanks.
7 Responses
Those Rainbow tables are unlikely to work as WPA2 hashes are salted with the name of the SSID. There are available rainbow tables of the 1000 most common SSID's, but if yours is not on that list, you will need to generate your own.
I was reading a bunch of stuff here about that just right now... I gotta assume I'm a total noob at this too, and I can't exactly express (or figure out) how does that work yet, but I want to save time before actually putting it in practice. I just picked a look at the 1000 most used SSID's, and I see I'll have to do that manually.. =/
So.. If I did that... How could I and how long would it take? I believe it's not worse than actually brute-forcing it for days and no result.
EDIT: I just read an article in BackTrack forums that helped me to understand better how to do that, but the links are dead. If you could give me another resource... Thank you. =)
Just tell me something too... Cracking a Wireless network password is completely different than SAM hashes (that doesn't need the names of the accounts to crack), right? So there's no way to use Ophcrack's tables to do this job, right?
As far as I could understand, in order to use Rainbow Tables for WiFi cracking, I have to generate a proper table based on a single SSID name in order to do this job? If that's it, things are getting clearer by now.
But, how many gigabytes would a single table weight? And how many hours to generate one? (With which software... Sorry, I'm totally new to this.)
It only makes sense to generate rainbow tables, if you can reuse them.
So, hypothetically if I gather a list of SSID's nearby with an accurate alphanumerical sequence, it would be worth it, right?
You gave me a good idea. But the way you said, it would take too much time to generate one and actually using it (which would take even more time).
Welcome to the age old time for space trade off. (or vise versa.)
I didn't notice you are the owner of many useful posts about Wireless Networking. I gotta thank you for that. Taking a look at everything as possible! ;)
Share Your Thoughts