I tried using this command in Kali Linux crunch 8 8 abcdefghijklmnopqrstuvwxyz0123456789 | aircrack-ng --bssid 00:11:22:33:44:55 -w- testing-01.cap But it takes too long, i wonder is there a way to bruteforce 4 characters (mixed-lower) and 4 digits without bruteforce all the characters and numbers.
What is the essid?your best bet would be wordlists.If it's a default router password you might be able to find a wordlist for it's default passwords.give me essid and I will look for possible router default passes if it still has default essid if not darkcode and rockyou might be good wordlists to start with. --- Double Post Merged, 14 May 2017, Original Post Date: 14 May 2017 --- Crunch 8 8 abcd1234 -t @@@@@@@@| Will test all possibilities with letters and numbers added
Thanks for your help --- Double Post Merged, 14 May 2017, Original Post Date: 14 May 2017 --- I will help you to find the password too just post your handshake here and I will try and find for you
THAWS,OOI LAI POH,CMH for some reason are coming back invalid file type --- Double Post Merged, 16 May 2017 --- Ok got it to work with editcap tool
US,NY .I'm asking to find a correct wordlist, do they use phone numbers as router passwords there?Have you ever heard of a evil twin?
Yes, some of them use phone numbers as router passwords. Yes, I heard of a evil twin. --- Double Post Merged, 19 Nov 2017, Original Post Date: 3 Oct 2017 --- I mean 4 characters at the front and 4 digits at the back Not all characters and numbers mixed Meaning I only want to bruteforce the 4 letters and 4 numbers not all : chow7875 = @@@@!!!! @ = lower characters (letters) ! = numbers
Have you got GPU cracking abilities? if you have, the command line would be - hashcat -a 3 -m 2500 -w 4 (hccapx file) ?l?l?l?l?d?d?d?d --- Double Post Merged, 23 Jan 2018, Original Post Date: 23 Jan 2018 --- if you post a good handshake, with just one handshake. i'll sort it for you. --- Double Post Merged, 23 Jan 2018 --- test the handshake with - pyrit -r (cap.file) analyze
yes, analyze it using pyrit --- Double Post Merged, 23 Jan 2018, Original Post Date: 23 Jan 2018 --- only the malaysia.cap was not too bad, heaps of crap in it tho' the other two handshakes were not valid handshakes --- Double Post Merged, 23 Jan 2018 --- I can crack it, but i want a clean one. otherwise it slows down my rig. i don't want to spend 12 hours trying to crack it --- Double Post Merged, 23 Jan 2018 --- after you test it with pyrit - it should say - 1 handshake GOOD
for phone number wordlist use crunch 10 10 1234567890 -t 555@@@@@@@ the 555 represents the area code.. so instead of brute forcing all 10 numbers all you do is 7..which means you crack the password faster.. Its obvious if you live in a 555 area code and you want to hack the neighbor then it means his password starts with the same area code. In USA many internet/cable providers still use phone number as default passphrase/key/password...Spectrum, Charter,Cox use the home owners last name as ESSID or they'll use the router model name as ESSID..easy to spot and hack..
Thanks for the feedback but , if it doesnt apply to you it can help others..and others can benefit from this..its a pleasure answering questions..
Post up a decent handshake man p.s nobody uses aircrack-ng anymore, so old school --- Double Post Merged, 2 Feb 2018, Original Post Date: 2 Feb 2018 --- This is your malaysia.cap root@owner:~# pyrit -r '/root/Downloads/tm malaysia-01.cap' analyze Pyrit 0.5.1 (C) 2008-2011 Lukas Lueg - 2015 John Mora https://github.com/JPaulMora/Pyrit This code is distributed under the GNU General Public License v3+ Parsing file '/root/Downloads/tm malaysia-01.cap' (1/1)... Parsed 559 packets (559 802.11-packets), got 1 AP(s) #1: AccessPoint 18:a6:f7:7e:d1:1d ('TMHAWS'): #1: Station 80:57:19:cb:ac:9b, 17 handshake(s): #1: HMAC_SHA1_AES, good, spread 1 #2: HMAC_SHA1_AES, bad, spread 18 #3: HMAC_SHA1_AES, bad, spread 41 #4: HMAC_SHA1_AES, bad, spread 55 #5: HMAC_SHA1_AES, bad, spread 86 #6: HMAC_SHA1_AES, bad, spread 86 #7: HMAC_SHA1_AES, bad, spread 99 #8: HMAC_SHA1_AES, bad, spread 105 #9: HMAC_SHA1_AES, bad, spread 121 #10: HMAC_SHA1_AES, bad, spread 135 #11: HMAC_SHA1_AES, bad, spread 143 #12: HMAC_SHA1_AES, bad, spread 149 #13: HMAC_SHA1_AES, bad, spread 160 #14: HMAC_SHA1_AES, bad, spread 166 #15: HMAC_SHA1_AES, bad, spread 170 #16: HMAC_SHA1_AES, bad, spread 175 #17: HMAC_SHA1_AES, bad, spread 192 --- Double Post Merged, 2 Feb 2018 --- and the other two are not valid handshakes --- Double Post Merged, 2 Feb 2018 --- i want one to show this #1: AccessPoint 18:a6:f7:7e:d1:1d ('TMHAWS'): #1: Station 80:57:19:cb:ac:9b, 17 handshake(s): #1: HMAC_SHA1_AES, good, spread 1
i'll give it a crack --- Double Post Merged, 4 Feb 2018, Original Post Date: 4 Feb 2018 --- so i'm assuming it's 4 lowercase letters and 4 digits? is that correct? --- Double Post Merged, 4 Feb 2018 --- this is the results from pyrit -r analyze root@owner:~# pyrit -r '/root/Desktop/Law_unifi-01.cap' analyze Pyrit 0.5.1 (C) 2008-2011 Lukas Lueg - 2015 John Mora https://github.com/JPaulMora/Pyrit This code is distributed under the GNU General Public License v3+ Parsing file '/root/Desktop/Law_unifi-01.cap' (1/1)... Parsed 287 packets (287 802.11-packets), got 1 AP(s) #1: AccessPoint 7c:8b:ca:9d:32:8b ('Law_unifi_2.4@unifi'): #1: Station 48:bf:6b:62:b2:e3, 3 handshake(s): #1: HMAC_SHA1_AES, good*, spread 34 #2: HMAC_SHA1_AES, bad, spread 1 #3: HMAC_SHA1_AES, bad, spread 149 but that's ok, i can work with that just give me time brother
