Hacking WIFI

whitestar_999

Super Moderator
Staff member
@devx,i think you are misunderstanding here.no one is denying the efficiency of dictionary attack but we are talking about RANDOM pass phrases not crackable using dictionary attack.simple permutation combination will tell you a 10 character password with upper & lower case alphabets+numbers has 62^10 possible ways of arrangement which is much much larger than 135 million.
 

devx

Back on TDF :)
Apology for being offensive :-D

@ whitestar_999 >> I admit i lil. bit stuck on the crackable part but 8 randomized alphanumeric keys are crackable only by the pro. cloud services by using LT/NTLM dict. and for more long characters crypt (SHA-512) dict. and Now, to my knowledge, even a simple 10-character alphanumeric passphrase would be quite secure for only everyday use.

crypt (SHA-512) Dictionaries
These dictionaries are available for the modern SHA-512 variation of the salted crypt() format, used in Unix-based password storage. This is a salted format with a high iteration count and a relatively expensive compression function, resulting in computational overhead that demands cloud-scale resources and critically accurate dictionaries.

These hashes are formatted the following way, note the identifying "$6$" sequence to start:
$6$<salt (up to 16 characters)>$<hash (86 characters)>
 
Last edited:

whitestar_999

Super Moderator
Staff member
WPA2 uses AES encryption which is far more stronger than LM/NTLM(used by windows) & SHA512(used in linux/unix & is a hash function not encryption).cracking a truly random 10 character alphanumeic AES encrypted password is still not possible within reasonable time even using cloud resources.
How secure is AES against brute force attacks?
 

ico

Super Moderator
Staff member
@whitestar99

AMD GPU clusters to the rescue. :p

Haven't tried out Pyrit and CoWPAtty, but in basic MD5 brute-forcing, my i5-2500k got owned by an E-350's HD 6310.
 

whitestar_999

Super Moderator
Staff member
gpu is always better than cpu for such tasks but still i don't think anyone providing a 400gpu(top end) cluster to break passwords anytime soon & even then i doubt a 14-15 character random password containing entire keyboard character types breaking within reasonable time.
 

ico

Super Moderator
Staff member
^ true.

I'll run WPA cracking benchmarks some day.

Check this out meanwhile - *www.thinkdigit.com/forum/1526859-post1.html
 

whitestar_999

Super Moderator
Staff member
^^i don't think AES based dictionaries are available to download or if there is even a point in creating one.AES has not been broken till now(brute force is not counted in definition of "breaking" an encryption) & very little chance of it in near future too.
 

Sujeet

Undead!!!
^^
But iam talking about Bruteforcing a Password protected RAR.Not breaking the encryption used to pass-protect it.
 

whitestar_999

Super Moderator
Staff member
^^same thing.RAR by default uses AES encryption unless you change it.bruteforcing an encrypted winrar file is same as bruteforcing AES algorithm.
 

samiryadav

Broken In
hi,
out of curiosity,
i want to know if it is possible to hack a 13 character alphanumeric WPA2-PSK with AES encryption ?
if yes....what is the average time to do so.

and is it possible to WPA2-ENTERPRISE ?

and also what is the effect of WPS on WPA2-PSK.

suppose...WPA2-PSK is rated 5 in security...

what will be drop in rating when using WPS with WPA2-PSk?
 

patkim

Cyborg Agent
This query is out of curiousity, have no much knowledge here..
does this as well break the MAC id authentication if set over and above password.
 

criztle

Advocate | Lawyer
help
i have downloaded bt5r2 kde 32 for vmware....so i wanted to install on it...but after extracting there no iso file ....but a over 2 gb .squashfs file....plz tell me how to install this in vmware

my config
P4 2.60 GHz 32 bit
1.5 gb ram

(sorry for this stupid question but i am just a beginner)
 
OP
evilmage93

evilmage93

Manage Me, I'm a Mess!
Squashfs, a read-only file system software for Linux; stores the file system data in a highly compressed read-only format; supports files, inodes, and directories; optimized for archiving and read-only file system use.

SQUASHFS files are sometimes found within Linux installation packages.

You can use the 7-zip software to open the .squashfs file then see if u can locate the .iso file within it.
 
Top Bottom