+- hashcat Forum (https://hashcat.net/forum)
+-- Forum: Deprecated; Previous versions (https://hashcat.net/forum/forum-29.html)
+--- Forum: Old oclHashcat Support (https://hashcat.net/forum/forum-38.html)
+--- Thread: 12 character WPA2 password (/thread-4332.html)
12 character WPA2 password - tech1000 - 04-30-2015
What's the best way to attack a 12 character WPA2 password. Everything I tried about takes too long. Estimated time from 14 days to 10 years. I tried hybrid, rules. Also when I create a wordlist from
the Maskprocessor its huge. If you don't know the password you have to try all kinds of passwords for hybrid and I made my own wordlist with 9 characters and with 6 characters with a rule to append. Can someone tell me what's the best way hashcat or oclhashcat. IM only getting approx. 2500 H/s on GPU. Thanks.
RE: 12 character WPA2 password - bitguard - 04-30-2015
My opinion is that you must increase your computing power
RE: 12 character WPA2 password - atom - 04-30-2015
2500H is extreme slow. Make sure to read this:
https://hashcat.net/wiki/doku.php?id=frequently_asked_questions#why_is_my_attack_so_slow
RE: 12 character WPA2 password - tech1000 - 04-30-2015
(04-30-2015, 09:53 AM)atom Wrote: 2500H is extreme slow. Make sure to read this:
https://hashcat.net/wiki/doku.php?id=frequently_asked_questions#why_is_my_attack_so_slow
I have a laptop with on-board video. Since my speed is slow should I use hashcat and what would be the best approach with WPA2.
RE: 12 character WPA2 password - Shady_Wushu - 05-04-2015
Practically speaking, a 12 character WPA2 key is going to be difficult to crack. The WPA2 hash cracks relatively slowly, at least compared with other hashes. 12 characters presents a pretty large keyspace as well. Even if you optimize, its still going to take a while to crack. Lets say you manage to double your speed - that's still 5 to 7 days. With on-board laptop GPU, I don't think you're going to get too much beter than that, although it depends on the card.
When I've attempted to crack WPA2 passwords on pen tests, even with the computing power at my disposal, I have to be very judicious about what I give hashcat so I'm making the best guesses that I can, because I know its going to take a while. Most passwords I've seen are phrases or combinations of words that mean something to the company. I like creating a custom wordlist around the company itself. Use Cewl, or make it yourself, based on company names and words that mean something to their industry and business. Expand that list out using best64. Then use a combinator attack using that wordlist twice, or combine it with an english dictionary. I'm not saying that will crack it - I'm usually unsuccessful during engagements cracking the WPA2 (which is why you need to rely on other methods). But it at least gives you a decent chance.
RE: 12 character WPA2 password - undeath - 05-04-2015
you can't bf 12 characters. no matter what algo.