|
Dictionary words are rejected before rules are applied for WPA2 - Printable Version +- hashcat Forum (https://hashcat.net/forum) +-- Forum: Support (https://hashcat.net/forum/forum-3.html) +--- Forum: hashcat (https://hashcat.net/forum/forum-45.html) +--- Thread: Dictionary words are rejected before rules are applied for WPA2 (/thread-13491.html) |
Dictionary words are rejected before rules are applied for WPA2 - Merv - 02-20-2026 I'm looking into developing an attack for WPA2 hashes, and would love to get some pointers or suggestions for things I may have missed. My thinking is this so far, to use a small wordlist (hashmob-small) ~20MB, combined with a local to my country dictionary ~3MB with the "one rule to rule them all" rule set. However in testing I noticed a slight issue. Lets say the password we are trying to recover is "timmy666", and I have "timmy" in my wordlist, the ruleset will generate "timmy666", but the dictionary attack will skip over "timmy" as it is shorter than 8 characters, the minimum for WPA2. With this example we can see a word list with one word (timmy) in that generates 51995 guesses with the ruleset, but 100% rejected: Quote:today (master) λ cat wordlist.txt I believe this is due to the word being less than 8 characters long and the mode being WPA2, as when I do the same thing with an MD5 hash I get 0% rejected. I did think of two work arounds. One would be to generate the dictionary file prior to running, but I don't know how large it would be, and storage is expensive and large dictionaries are a pain to deal with. The other would be to generate them and process in a pipe like so: Quote:hashcat --stdout -r OneRule.rule combined.txt | grep -E '^.{8,}$' | uniq | hashcat -a 1 -m 22000 -w 4 hash.txt But that seems slow and doesn't scale well. I'm hoping there is a better solution. Also if this is the wrong way to go about attacking WPA2 please do let me know! Thanks! RE: Dictionary words are rejected before rules are applied for WPA2 - Chick3nman - 02-20-2026 This is a well known limitation and intentional design choice: https://github.com/hashcat/hashcat/issues/4621 |