I'm trying to crack a WPA with .. What is better? Brute Force or a word list .. if so where can i get a word list?
Forum Thread: diconary or brute force
- Hot
- Active
-
Forum Thread: Removing Pay-as-You-Go Meter on Loan Phones. 1 Replies
1 wk ago -
Forum Thread: Install Metasploit Framework in Termux No Root Needed M-Wiz Tool 2 Replies
2 wks ago -
Forum Thread: Hydra Syntax Issue Stops After 16 Attempts 3 Replies
2 wks ago -
Forum Thread: How to Track Who Is Sms Bombing Me . 3 Replies
3 wks ago -
Forum Thread: moab5.Sh Error While Running Metasploit 17 Replies
1 mo ago -
Forum Thread: Execute Reverse PHP Shell with Metasploit 1 Replies
2 mo ago -
Forum Thread: Hack and Track People's Device Constantly Using TRAPE 35 Replies
3 mo ago -
Forum Thread: When My Kali Linux Finishes Installing (It Is Ready to Boot), and When I Try to Boot It All I Get Is a Black Screen. 8 Replies
4 mo ago -
Forum Thread: HACK ANDROID with KALI USING PORT FORWARDING(portmap.io) 12 Replies
5 mo ago -
Forum Thread: Hack Instagram Account Using BruteForce 208 Replies
5 mo ago -
Forum Thread: Metasploit reverse_tcp Handler Problem 47 Replies
7 mo ago -
Forum Thread: How to Train to Be an IT Security Professional (Ethical Hacker) 22 Replies
7 mo ago -
Metasploit Error: Handler Failed to Bind 41 Replies
7 mo ago -
Forum Thread: How to Hack Android Phone Using Same Wifi 21 Replies
8 mo ago -
How to: HACK Android Device with TermuX on Android | Part #1 - Over the Internet [Ultimate Guide] 177 Replies
8 mo ago -
How to: Crack Instagram Passwords Using Instainsane 36 Replies
8 mo ago -
Forum Thread: How to Hack an Android Device Remotely, to Gain Acces to Gmail, Facebook, Twitter and More 5 Replies
8 mo ago -
Forum Thread: How Many Hackers Have Played Watch_Dogs Game Before? 13 Replies
8 mo ago -
Forum Thread: How to Hack an Android Device with Only a Ip Adress 55 Replies
9 mo ago -
How to: Sign the APK File with Embedded Payload (The Ultimate Guide) 10 Replies
9 mo ago
-
How To: Dox Anyone
-
How to Hack Wi-Fi: Cracking WPA2 Passwords Using the New PMKID Hashcat Attack
-
How To: Create & Obfuscate a Virus Inside of a Microsoft Word Document
-
How To: Crack SSH Private Key Passwords with John the Ripper
-
How To: Use SQL Injection to Run OS Commands & Get a Shell
-
How To: Spy on Traffic from a Smartphone with Wireshark
-
How To: Run USB Rubber Ducky Scripts on a Super Inexpensive Digispark Board
-
How To: Find Identifying Information from a Phone Number Using OSINT Tools
-
How To: Exploit EternalBlue on Windows Server with Metasploit
-
How To: Scan for Vulnerabilities on Any Website Using Nikto
-
How To: Use Burp & FoxyProxy to Easily Switch Between Proxy Settings
-
How To: Make Your Own Bad USB
-
How To: Use Kismet to Watch Wi-Fi User Activity Through Walls
-
How To: Brute-Force FTP Credentials & Get Server Access
-
How To: Write an XSS Cookie Stealer in JavaScript to Steal Passwords
-
How To: Create Rainbow Tables for Hashing Algorithms Like MD5, SHA1 & NTLM
-
How To: Target Bluetooth Devices with Bettercap
-
How To: Use SpiderFoot for OSINT Gathering
-
How to Hack Wi-Fi: Cracking WPA2-PSK Passwords Using Aircrack-Ng
-
How To: Wardrive with the Kali Raspberry Pi to Map Wi-Fi Devices
4 Responses
Try googling "word list" you can even get fancy and prepend adjectives at the front ex. "medical word list" or "pets word list". As for which is better… Try a dictionary attack first, because it is MUCH faster but not nearly as thorough. It just won't work if the original pass is secure at all. A brute force will always work, if you've got the time..
My favorite method to this day remains the rainbow table though, because nothing else is quite that fast or easy. If your just messing around and nothing too serious is on the line, I think it's the best option.
Brute Force is the method of compromising the password and a word list and/or rainbow tables would be the data input. You should look at it as a method of last resort because if you are not doing this through a proxy or VPN it looks messy on the server logs, is slow, and if the password is legit (not using words, over 10 chars and using symbols) you are simply chasing the wind. Rainbow tables are a LOT faster (as pointed out above) but based on what you are trying to do, they might not be the best option. Maybe even find a way without having to brute force anything.
(google FPGA - They build entire swarms of these to force passwords on a hardware level, very speedy)
How far did you get?
edit: clarity
I hadn't even considered that he was trying to crack this live over the network, I was assuming he sniffed packets and was trying to crack it offline or something.. I dunno, I have basically no knowledge of networking. Is what I said ridiculous, or is that also an option?
Not ridiculous at all as you could attempt this many ways. I was only pointing out that if this target has a moderately well thought up password, it might well be outside the logical range of a bruteforce.
That being said if the password turns out to be 'potato' it might be a quick night!
And forcing a password from your computer over the interwebs with no protection is asking to be arrested depending on the network. Think of a proxy/VPN/...etc as a suit of armor. You would not ride off to war without it!
Share Your Thoughts