I hack wifi passwords with kali linux on airmon-ng and I make always password lists with crunch but the lists are always too long (I'm talking about <100 PT) and I want to know if is there a solution with the same result but with a small size.
Asked
Active
Viewed 173 times
0
-
"Same result" -- same as what? You can narrow your wordlists by making some guesses about what the admin might have chosen. – schroeder Nov 21 '20 at 14:16
-
1thats not how any of this works mate. – yeah_well Nov 21 '20 at 14:59
-
2You could always brute-force the password. That doesn't require any lists at all. The reason you want a wordlist is because `WiFiPassword1` is a more likely password than `Nzh3aX2JP9?8M`. – Nov 21 '20 at 15:29
1 Answers
1
As far as I know, aircrack-ng only supports dictionary attacks when cracking WPA-PSK passwords. This necessarily means that the wordlist used must contain all the values you want to try, and naturally the wordlist will grow excessively long if you want to crack longer passwords.
The solution is to use some other tool like hashcat, which supports multiple cracking modes including brute-force and mask attacks, in which candidate passwords are generated while cracking and no wordlist is required.
This reddit post explains how to crack wifi passwords with hashcat:
Firstly you need to prepare you handshake .cap file and convert it to .hccap:
wpaclean cleaned_handshake.cap handshake.cap
aircrack-ng cleaned_handshake.cap -J final_handshakeYou will get final_handshake.hccap file which can be accepted by hashcat.
About mask attack you can read here: https://hashcat.net/wiki/doku.php?id=mask_attack
For example, if you know that the password is 8-10 characters in length command will looks like:
hashcat -a 3 -m 2500 final_handshake.hccap ?a?a?a?a?a?a?a?a --increment --increment-min 8
nobody
- 11,251
- 1
- 41
- 60