4

I've been thinking if I create numeric 8chars wordlist and then compress it, can I directly input compressed wordlist into aircrack-ng or is there a way to make a smaller size wordlist, because if I want to create wordlist with Crunch and Mixedalpha, it's size would be around 35PB, which I don't have.

Is there anyway to make a smaller-size wordlist?

Vilican
  • 2,703
  • 8
  • 21
  • 35
ZeroByte
  • 153
  • 1
  • 4
  • 2
    While I see reasons for learning how tools work, the only reason I see for creating such a large wordlist is to actually hack into someone's WiFI. – Neil Smithline Oct 01 '15 at 13:54

2 Answers2

4

Well, technically if you put fewer words in your word list it will get smaller but the chances of it being of any use are reduced. If storage is your main concern you could use the following approach:

  1. Split the whole word list into smaller lists
  2. Compress each of this list individually
  3. Send/get them each to the machine aircrack is running on
  4. Decompress the current word list and create a session for aircrack
  5. If a valid entry is found stop. If not continue retrieving compressed word lists

To split a large file you can use split:

split --bytes=10M /path/to/large_wordlist /path/to/small_wordlits/word_list_prefix

--bytes indicates the size of the new wordlists. and world_lists_prefix a prefix with which all smaller wordlists will start. The output of the above command will be similar to:

small_wordlits/word_list_prefix**aa**
small_wordlits/word_list_prefix**ab**
small_wordlits/word_list_prefix**ac**

... 

small_wordlits/word_list_prefix**zz**

Alphabetical suffixes are added until there are enough files to reconstruct the original file that has been split. To compress them you can use tar:

cd /path/to/small_wordlists/
for i in *; do tar -czf $i.tar.gz $i; done

Next in order to send them to the machine running aircrack you can use scp and to launch aircrack you can use ssh:

for i in *.tar.gz
    > do scp $i user@server:/path/to/wordlist/directory;
    > ssh user@server "tar zxvf /path/to/wordlist/directory/$i"
    > ssh user@server "nohup  aircrack-ng <parameter list> $i &" 
    > sleep 10m
    > ssh user@server "rm  /path/to/wordlist/directory/*"
 done

The first and second line copy the first archived split file to the host where aircrack is running in a specified directory and extract it.

The second line launches aircrack through ssh and uses nohup so that aircrack doesn't stop if the connection to the server is lost; this is specially the case when the server is accessible only through a wireless interface and running aircrack(setting it to run in promiscuous mode) blocks any inbound and outbound connections.

The third line gives enough time for aircrack to finish.

The fourth line reconnects to the server and removes the file to make room for the next.

Note that aircrack does not work by its own and needs airmon. The configuration of aircrack needs to be set-up prior to making the above calls. You could write a bash script and alias it as aircrack so that it also handles the adjacent steps.

Sebi
  • 1,391
  • 9
  • 16
3

I dont think aircrack-ng is compatible with this but even it where and you got a compression that shrinks the file down to onle 5PB you could impossibly store it on a usual hdd.

A possible solution is to let crunch or john the ripper generate the passwords and pipe them directly into aircrack-ng. You can find more information about this here and here.

// Additionally I may mention that cracking a WPA key with such a count of passwords will take forever even if you use many GPU's. I prefer creating wordlists that are tailored for the target and then mangel them.

davidb
  • 4,285
  • 3
  • 19
  • 31