Is there a way to crack WPA2-PSK if the password isn't a dictionary term?

[Jbees]

I've already gone through all the motions and captured a handshake, and while using aircrack-ng I was told to specify a dictionary.

I already know my passkey is a combination of my initials and my birth date, about 9 characters in length. So can I assume my network is secure, or is there another way to break in?

I've been searching google, and I've read WPA could be cracked in fifteen minutes, however I can't find a place that tells me how they did that. Is it just due to a poor password?

[pureh@te]

Wpa can only be cracked if the password is in the dictionary so choose a long password of all ascii chars and you should be fine. If you would like me to run the .cap file through my cracker program PM me.

[Gitsnik]

Quote:

Originally Posted by pureh@te

Wpa can only be cracked if the password is in the dictionary

Not strictly true! Theoretically it is possible to obtain fR3D!&29$zzd via the classic brute force method. It's just computationally infeasible at the moment (sort of like 3 years ago when 9,000kps was computationally infeasible). There is no reason to think this is likely to change in the near future, but then again no one had any reason to believe that DES would ever be broken.

In answer to the OP question: A tool like CUPP might be able to profile up the correct password combination to the system. If you use CUPP and fill in as much information about yourself as possible you might find that the resulting dictionary will crack your WPA.

Cracking WPA in 15 minutes is plausible, you just have to hit the correct word in your dictionary (or have a beast set up like pureh@te).

[mno@8]

Quote:

Originally Posted by Gitsnik

In answer to the OP question: A tool like CUPP might be able to profile up the correct password combination to the system. If you use CUPP and fill in as much information about yourself as possible you might find that the resulting dictionary will crack your WPA.

According to me that is really the basic when using a dictionary attack: first build your dictionary according to your target: name, firstname, surname, known account on forum, birth date, pets name , favourite music, company your work for...target language... You can find this info on social network, forum (I remember seeing another thread about music on this forum)...
With this info, you can build your a fine tune dictionary and winning dramatically on time and efficiency.

[Barry]

Which is why you should never create passwords with names, dates, or any other personal information in them.

[prowl3r]

mno@8

I agree with you re collecting as much info as possible about the victim and then use it. Same approach works for online bruteforcing using hydra.

There is an interesting post about it, just a bit naif but it shows the picture at:

How I Stole Someone's Identity: Scientific American


however

Quote:

(I remember seeing another thread about music on this forum)...

aren't you being just a little paranoid taking into account members profile here ?

[shammon]

Quote:

Originally Posted by pureh@te

Wpa can only be cracked if the password is in the dictionary so choose a long password of all ascii chars and you should be fine. If you would like me to run the .cap file through my cracker program PM me.

What cracker program are you using? is it a seperate one not on backtrack.
If not any one suggest another cracker to use for the .cap file that i can test and try out. Thanks.

[pureh@te]

Quote:

Originally Posted by shammon

What cracker program are you using? is it a seperate one not on backtrack.
If not any one suggest another cracker to use for the .cap file that i can test and try out. Thanks.

I have my own cracker server which is gpu powered. Its not public so no I cant let you use it. I take .cap files that people want to donate and try to crack them is all.

[MrUntraceable]

Quote:

Originally Posted by pureh@te

I have my own cracker server which is gpu powered. Its not public so no I cant let you use it. I take .cap files that people want to donate and try to crack them is all.

Can you please crack mine?
rapidshare.com/files/259785079/wpa-01.cap.html

[portal]

Hello, I have stated this question aleady, but I'll do that here again because this seems to be the right subforum for me..

My question is: what if the right word (password) is an alpha-num-cap combination and is not to be found in the list.. would that mean that the bruteforce attack is useless - regardless of how big the dictionary list is?
That would mean that the bruteforce attack is a matter of coincidence rather than matter of time.. am I right?

Or are there tools that combine different letters in alpha-num-cap combinations until the right password has been combined?