How to Brute Force WPA / WPA2 (Hypothetically)

Discussion in 'Resources' started by Mr. Penguin, 24 Mar 2013.

  1. Mr. Penguin

    Mr. Penguin Administrator
    Staff Member Admin Moderator VIP

    Joined:
    18 May 2012
    Messages:
    3,085
    Likes Received:
    1,186
    Trophy Points:
    351
    After following up on these threads:

    L517-Simple Wordlist Generator
    10 digit numerical dictionary!
    Dummies Guide to Create a Phone Number List for WPA Attack

    I have been tinkering with L517 and to hypothesize if someone wanted to really wanted to get into a network and have failed all previous attempts, how can you do it. The truth is if you attempt to brute force it is possibly going to take some years on a standard computer, by that time the network will unlikely still be in existence replaced with flying gawd knows.

    Here are some screenshots of 8 digit combinations:

    mix alfa and numeric.jpg
    1.93 exabytes for a mixed alpha numeric 8 character all possible combination list :facepalm:
    Do I want to generate this list? hell no​
    mix alfa numeric selected symbols.jpg
    9.88 exabytes for a mix alpha numeric and selected symbols 8 character all possible combination list​

    mix alfa numeric symbols.jpg
    54.14 exabytes for a mix alpha numeric and symbol 8 character all possible combination list​
    10 digit.jpg
    560.60 zettabytes for a mix alpha numeric and symbol 10 character all possible combination list​
    1 exabyte = 1 073 741 824 gigabytes
    560.60 zettabytes = 6.16386219 × 10 power of 14 gigabytes

    It is interesting how secure some networks can be providing you are able to have a strong password.

    How to Avoid Getting Hacked for the Paranoid
    Use WPA2 AES Only
    10 characters + preferably 256bit, 63 + 1
    Disable WPS
    MAC Address filtering
    Hide SSID
    Enable firewall in your router
    Disable DHCP
    Upgrade firmware of your router
    Change router password and username
    Change the default SSID

    and most importantly, mix up your password. Always have some symbols, numbers and letters in there :)

    And if you think that dictionary isn't big enough and you still can't find the password remember there are even more characters other than the standard (in bold)

    Lower Case: a b c d e f g h i j k l m n o p q r s t u v w x y z
    Upper Case: A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
    Numbers: 0 1 2 3 4 5 6 7 8 9
    Standard Punctuation: - . _
    Enhanced Punctuation: ! " # & ' , : ; ? @
    Basic Math: + - * / =
    Standard Math: % \ | ^ ~ ( ) < > [ ] { }
    Enhanced Math: ¹ ² ³ ¼ ½ ¾ ± × ÷ µ °
    Currency: $ ¢ £ ¤ ¥
    Exclude Similar Characters: 0 O o l 1 I ¡ i ! î ï Î Ï í Í
    French Lower Case: à â ä è é ê ë î ï ô œ ù û ü ÿ
    French Upper Case: À Â Ä È É Ê Ë Î Ï Ô Œ Ù Û Ü Ÿ
    French Miscellaneous: Ç ç « »
    German Lower Case: ä ö ü
    German Upper Case: Ä Ö Ü ß
    Spanish Lower Case: á é í ó ú ñ ü
    Spanish Upper Case: À É Í Ó Ú Ñ Ü
    Spanish Miscellaneous: ¿ ¡ « »
     
    • Like Like x 1
  2. Shareef

    Shareef Member

    Joined:
    22 Jun 2013
    Messages:
    6
    Likes Received:
    1
    Trophy Points:
    8
    OMG!. exabytes and zetabytes . May take up years to generate huhu!!
     
Loading...
  • About Us

    We are a community mixed with professionals and beginners with an interest in wireless security, auditing and pentesting. Feel free to check out and upload resources.


    You can also find us on: Twitter and Facebook

  • Donate to Us

    Did you find our forums useful? Feel free to donate Bitcoin to us using the form below. Those who donate the equivlent of $10 USD or more will be upgraded to VIP membership. Don't have Bitcoin? Use your credit card to GO VIP here. Don't want to fork out some coin? There are other ways to GO VIP. Bitcoin: 1LMTGSoTyJWXuy2mQkHfgMzD7ez74x1Z8K