Documente Academic
Documente Profesional
Documente Cultură
CrackingWPA/WPA2forNonDictionaryPassphraseClubHACKMagazine
CLUBHACK (HTTP://WWW.CLUBHACK.COM/)
ABOUT (HTTP://WWW.CHMAG.IN/ABOUT-US/)
CONTACT US (HTTP://WWW.CHMAG.IN/CONTACT-PAGE/)
SUBSCRIBE (HTTP://WWW.CHMAG.IN/SUBSCRIBE-PAGE/)
WPA/WPA2 password can be cracked simply by capturing WPA handshake and then apply dictionary. And if passphrase is in
dictionary then password will be cracked. But what if password is not in dictionary? Are there other ways to crack the nondictionary passphrases? Lets see them
First we will look the basics of WPA/2 crackingSTEP 1: Start wireless monitor mode.
https://www.chmag.in/crackingwpawpa2fornondictionarypassphrase/
1/16
10/1/2016
CrackingWPA/WPA2forNonDictionaryPassphraseClubHACKMagazine
aireplayngdeauth10a<bssid><interface>
But even a er all the steps followed, if the passphrase in not in dictionary then you will get message as: passphrase not in
dictionary
https://www.chmag.in/crackingwpawpa2fornondictionarypassphrase/
2/16
10/1/2016
CrackingWPA/WPA2forNonDictionaryPassphraseClubHACKMagazine
And the other interesting note while keeping WPA passphrase is:
The basic idea while cracking any passphrase comes is Brute-Force attack. So why not brute force the .cap file?
We can do the same by piping the crunch output with aircrack-ng tool as shown below:-
https://www.chmag.in/crackingwpawpa2fornondictionarypassphrase/
3/16
10/1/2016
CrackingWPA/WPA2forNonDictionaryPassphraseClubHACKMagazine
But you can clearly see that I have provided only 6 small letters as input. What if you provided all alphabets?
With my single lapy I have to wait till 11 years! And again the passphrase may contain numbers, digits and special symbols too
4/16
10/1/2016
CrackingWPA/WPA2forNonDictionaryPassphraseClubHACKMagazine
Reaver brute forces the first half of the pin and then the second half of the pin, meaning that the entire key space for the WPS
pin number can be exhausted in 11,000 attempts.
Here I am giving screenshot of my Dlink DIR-615 router.
Above screenshot is of default setting in the router. Here the pin is: 65020920
So here key concept is that we can brute-force that pin, and can get all the credentials kept for Access Point which can be any
combination of digits, special symbols (simply no matter ) .
STEP1: Scan the air for these WPS systems with wash
So here two access points are available. We will go with first one.
https://www.chmag.in/crackingwpawpa2fornondictionarypassphrase/
5/16
10/1/2016
CrackingWPA/WPA2forNonDictionaryPassphraseClubHACKMagazine
https://www.chmag.in/crackingwpawpa2fornondictionarypassphrase/
6/16
10/1/2016
CrackingWPA/WPA2forNonDictionaryPassphraseClubHACKMagazine
Passphrase: N0nec@nh@ckthis1
At first glance one may think that as I mentioned Dlink DIR-615 router but what about others?
So I scanned the air, and got Belkin!
So, most of the new routers are with this WPS facility. And WPS is enabled by default. So no matter which password you kept
it can be cracked.
Countermeasures
1. Disable WPS
2. Keep non-dictionary passphrase with any combinations!
Ex: R0ck$t@R
References
1. SecuritytubeWlan security Megaprimer
2. Tactical Network Solutions articles
https://www.chmag.in/crackingwpawpa2fornondictionarypassphrase/
7/16
10/1/2016
CrackingWPA/WPA2forNonDictionaryPassphraseClubHACKMagazine
About LatestPosts
Chmag (Https://Www.Chmag.In/Author/Chmag/)
(https://www.chmag.in/author/chmag/)
(https://facebook.com/sharer/sharer.php?u=https://www.chmag.in/cracking-wpawpa2-for-non-dictionary-
passphrase/)
(https://twitter.com/share?url=https://www.chmag.in/cracking-wpawpa2-for-non-dictionary-
url=https://www.chmag.in/cracking-wpawpa2-for-non-dictionary-passphrase/)
(https://plus.google.com/share?
(https://www.linkedin.com/shareArticle?url=https://www.chmag.in/cracking-wpawpa2-for-non-dictionarypassphrase/)
PREVIOUS ARTICLE
(https://www.chmag.in/android-security-apps/)
https://www.chmag.in/crackingwpawpa2fornondictionarypassphrase/
8/16
10/1/2016
CrackingWPA/WPA2forNonDictionaryPassphraseClubHACKMagazine
TOOLGYAN (https://www.chmag.in/category/toolgyan/)
(https://www.chmag.in/truecrypt/)
TOOLGYAN (https://www.chmag.in/category/toolgyan/)
TrueCrypt (https://www.chmag.in/truecrypt/)
By chmag (https://www.chmag.in/author/chmag/)
(https://www.chmag.in/detecting-and-exploiting-xss-with-xenotix-xss-exploit-framework/)
TOOLGYAN (https://www.chmag.in/category/toolgyan/)
Detecting and Exploiting XSS with Xenotix XSS Exploit Framework (https://www.chmag.in/detecting-and-exploitingxss-with-xenotix-xss-exploit-framework/)
By chmag (https://www.chmag.in/author/chmag/)
https://www.chmag.in/crackingwpawpa2fornondictionarypassphrase/
9/16
10/1/2016
CrackingWPA/WPA2forNonDictionaryPassphraseClubHACKMagazine
(https://www.chmag.in/firecat/)
TOOLGYAN (https://www.chmag.in/category/toolgyan/)
FireCAT (https://www.chmag.in/firecat/)
By chmag (https://www.chmag.in/author/chmag/)
(https://www.chmag.in/malwarebytes-to-remove-fake-antivirus/)
TOOLGYAN (https://www.chmag.in/category/toolgyan/)
https://www.chmag.in/crackingwpawpa2fornondictionarypassphrase/
10/16
10/1/2016
CrackingWPA/WPA2forNonDictionaryPassphraseClubHACKMagazine
(https://www.chmag.in/owasp-dirbuster-bruteforcing-the-web/)
TOOLGYAN (https://www.chmag.in/category/toolgyan/)
(https://www.chmag.in/microso -baseline-security-analyzer/)
OWASP DirBuster Bruteforcing the Web (https://www.chmag.in/owasp-dirbuster-bruteforcing-the-web/)
By chmag (https://www.chmag.in/author/chmag/)
TOOLGYAN (https://www.chmag.in/category/toolgyan/)
Microso Baseline Security Analyzer (https://www.chmag.in/microso -baseline-security-analyzer/)
By chmag (https://www.chmag.in/author/chmag/)
(https://www.chmag.in/kautilya/)
Kautilya (https://www.chmag.in/kautilya/)
https://www.chmag.in/crackingwpawpa2fornondictionarypassphrase/
11/16
10/1/2016
CrackingWPA/WPA2forNonDictionaryPassphraseClubHACKMagazine
By chmag (https://www.chmag.in/author/chmag/)
(https://www.chmag.in/scapy-primer/)
TOOLGYAN (https://www.chmag.in/category/toolgyan/)
0Comments
http://www.chmag.in/
Recommend
Share
Login
SortbyBest
Startthediscussion
Bethefirsttocomment.
Subscribe d AddDisqustoyoursiteAddDisqusAdd
Privacy
Latest Comic
https://www.chmag.in/crackingwpawpa2fornondictionarypassphrase/
12/16
10/1/2016
CrackingWPA/WPA2forNonDictionaryPassphraseClubHACKMagazine
(https://www.chmag.in/comic/wanna-use-password-everywhere/)
Newsletter
Join a mailing list to recieve or participate in its discussions via email
First Name*
Last Name*
Email
CHMag Newsletter
ClubHack Comics
ClubHack Updates
SUBMIT
Facebook
https://www.chmag.in/crackingwpawpa2fornondictionarypassphrase/
13/16
10/1/2016
CrackingWPA/WPA2forNonDictionaryPassphraseClubHACKMagazine
ClubHack
9,661likes
LikePage
UseApp
Bethefirstofyourfriendstolikethis
https://www.chmag.in/crackingwpawpa2fornondictionarypassphrase/
14/16
10/1/2016
CrackingWPA/WPA2forNonDictionaryPassphraseClubHACKMagazine
clubhack@clubhack
[Comic]Wannausethesamepasswordeverywhere?chmag.in/comic/wannaus#infosec
10Jul
clubhack@clubhack
Weareproudtobeassociatedwith@_c0c0n_happeningonAug19202016atKeralais
ra.org/c0c0n/#infosec
15/16
10/1/2016
CrackingWPA/WPA2forNonDictionaryPassphraseClubHACKMagazine
(https://itunes.apple.com/us/app/clubhack-
(https://www.microso .com/en-us/store/apps/chmag/9nblggh1mk47)
(https://chrome.google.com/webstore/detail/chmag-news/imgjjcoeegpaejmaacagaofgkkobjjek)
(https://addons.mozilla.org/en-US/firefox/addon/chmag/)
(http://app.chmag.in/download/chmagnews_1.0.0.safariextz)
(http://app.chmag.in/)
https://www.chmag.in/crackingwpawpa2fornondictionarypassphrase/
16/16