I'm trying to crack a WPA with .. What is better? Brute Force or a word list .. if so where can i get a word list?
Forum Thread: diconary or brute force
- Hot
- Active
-
Forum Thread:
How to Track Who Is Sms Bombing Me .
4
Replies
2 mo ago -
Forum Thread:
Removing Pay-as-You-Go Meter on Loan Phones.
1
Replies
2 mo ago -
Forum Thread:
Hydra Syntax Issue Stops After 16 Attempts
3
Replies
2 mo ago -
Forum Thread:
moab5.Sh Error While Running Metasploit
17
Replies
3 mo ago -
Forum Thread:
Execute Reverse PHP Shell with Metasploit
1
Replies
4 mo ago -
Forum Thread:
Install Metasploit Framework in Termux No Root Needed M-Wiz Tool
1
Replies
5 mo ago -
Forum Thread:
Hack and Track People's Device Constantly Using TRAPE
35
Replies
6 mo ago -
Forum Thread:
When My Kali Linux Finishes Installing (It Is Ready to Boot), and When I Try to Boot It All I Get Is a Black Screen.
8
Replies
6 mo ago -
Forum Thread:
HACK ANDROID with KALI USING PORT FORWARDING(portmap.io)
12
Replies
7 mo ago -
Forum Thread:
Hack Instagram Account Using BruteForce
208
Replies
7 mo ago -
Forum Thread:
Metasploit reverse_tcp Handler Problem
47
Replies
9 mo ago -
Forum Thread:
How to Train to Be an IT Security Professional (Ethical Hacker)
22
Replies
9 mo ago -
Metasploit Error:
Handler Failed to Bind
41
Replies
9 mo ago -
Forum Thread:
How to Hack Android Phone Using Same Wifi
21
Replies
10 mo ago -
How to:
HACK Android Device with TermuX on Android | Part #1 - Over the Internet [Ultimate Guide]
177
Replies
10 mo ago -
How to:
Crack Instagram Passwords Using Instainsane
36
Replies
10 mo ago -
Forum Thread:
How to Hack an Android Device Remotely, to Gain Acces to Gmail, Facebook, Twitter and More
5
Replies
10 mo ago -
Forum Thread:
How Many Hackers Have Played Watch_Dogs Game Before?
13
Replies
10 mo ago -
Forum Thread:
How to Hack an Android Device with Only a Ip Adress
55
Replies
11 mo ago -
How to:
Sign the APK File with Embedded Payload (The Ultimate Guide)
10
Replies
11 mo ago
-
How To:
Use Burp & FoxyProxy to Easily Switch Between Proxy Settings
-
Hack Like a Pro:
Cryptography Basics for the Aspiring Hacker
-
How To:
Scrape Target Email Addresses with TheHarvester
-
How To:
Track Wi-Fi Devices & Connect to Them Using Probequest
-
How to Hack Radio Frequencies:
Hijacking FM Radio with a Raspberry Pi & Wire
-
How To:
Scan for Vulnerabilities on Any Website Using Nikto
-
How To:
Crack Password-Protected Microsoft Office Files, Including Word Docs & Excel Spreadsheets
-
How To:
Make Your Own Bad USB
-
Hack Like a Pro:
How to Find Directories in Websites Using DirBuster
-
Steganography:
How to Hide Secret Data Inside an Image or Audio File in Seconds
-
How To:
Use Kismet to Watch Wi-Fi User Activity Through Walls
-
How To:
Gain SSH Access to Servers by Brute-Forcing Credentials
-
How To:
Spy on Traffic from a Smartphone with Wireshark
-
How To:
Set Your Wi-Fi Card's TX Power Higher Than 30 dBm
-
How To:
Use Pupy, a Linux Remote Access Tool
-
How To:
Top 10 Things to Do After Installing Kali Linux
-
How To:
Exploit Shellshock on a Web Server Using Metasploit
-
How To:
Get an Internet Connection in the Middle of Nowhere to Hack Remotely
-
How To:
Find Passwords in Exposed Log Files with Google Dorks
-
How To:
Set Up a Headless Raspberry Pi Hacking Platform Running Kali Linux
4 Responses
Try googling "word list" you can even get fancy and prepend adjectives at the front ex. "medical word list" or "pets word list". As for which is better… Try a dictionary attack first, because it is MUCH faster but not nearly as thorough. It just won't work if the original pass is secure at all. A brute force will always work, if you've got the time..
My favorite method to this day remains the rainbow table though, because nothing else is quite that fast or easy. If your just messing around and nothing too serious is on the line, I think it's the best option.
Brute Force is the method of compromising the password and a word list and/or rainbow tables would be the data input. You should look at it as a method of last resort because if you are not doing this through a proxy or VPN it looks messy on the server logs, is slow, and if the password is legit (not using words, over 10 chars and using symbols) you are simply chasing the wind. Rainbow tables are a LOT faster (as pointed out above) but based on what you are trying to do, they might not be the best option. Maybe even find a way without having to brute force anything.
(google FPGA - They build entire swarms of these to force passwords on a hardware level, very speedy)
How far did you get?
edit: clarity
I hadn't even considered that he was trying to crack this live over the network, I was assuming he sniffed packets and was trying to crack it offline or something.. I dunno, I have basically no knowledge of networking. Is what I said ridiculous, or is that also an option?
Not ridiculous at all as you could attempt this many ways. I was only pointing out that if this target has a moderately well thought up password, it might well be outside the logical range of a bruteforce.
That being said if the password turns out to be 'potato' it might be a quick night!
And forcing a password from your computer over the interwebs with no protection is asking to be arrested depending on the network. Think of a proxy/VPN/...etc as a suit of armor. You would not ride off to war without it!
Share Your Thoughts