Do WPA Dictionary Attacks Use Salts?
When I first started using linux about half a year ago all I wanted to do was crack wifi passwords until I realised that there were much better things to do. However, recently I've been reading about rainbow tables and have seen the way they work etc and how they are much faster. I wanted to generate a table from a dictionary I had made a long time ago, and read that when using genpmk you need the essid of the router as a salt for the hashes. That made me wonder, when doing an ordinary dictionary attack on a handshake with aircrack, are salts used somehow? Same with brute force attacks. I have never seen any options to use a salt, and have never needed to with wifi before. Is the essid already in the cap file? Or does it simply not use one?
4 Responses
An advice: you can find lots of useful information about password cracking in the hashcat forum.
That is correct. The ESSID is the salt, so unless someone is using a standard ESSID such as Netgear, the rainbow tables will not work. There are, however, already built rainbow tables of the top 1000 ESSID's.
So dictionary attacks use an ESSID from the cap file??
Yes
Share Your Thoughts