07-27-2018, 04:44 PM
Hello there,
My friend just got his router changed and while talking with him I strongly suggested to change its default password to something both ok to remember and hard to crack/guess. As he thought the default password was good enough, I made a try and get some handshake exported in hccapx (with his approval of course)
In short, the format is 13 characters that are lower-alpha + num. Under a mask attack, hashcat gives me an Overflow that I understand, it is non doable in term of time.
Therefore :
- As passwords weaknesses often lie in users' choice and predictability, should we assume that routers default passwords are way better than anything we could choose, and let's say, not crackable ?
- Regarding such format, is there any other way to improve an attack than :
hashcat -O -m 2500 -a 3 try.hccapx -1 ?l?d ?1?1?1?1?1?1?1?1?1?1?1?1
Thank for your opinions,
My friend just got his router changed and while talking with him I strongly suggested to change its default password to something both ok to remember and hard to crack/guess. As he thought the default password was good enough, I made a try and get some handshake exported in hccapx (with his approval of course)
In short, the format is 13 characters that are lower-alpha + num. Under a mask attack, hashcat gives me an Overflow that I understand, it is non doable in term of time.
Therefore :
- As passwords weaknesses often lie in users' choice and predictability, should we assume that routers default passwords are way better than anything we could choose, and let's say, not crackable ?
- Regarding such format, is there any other way to improve an attack than :
hashcat -O -m 2500 -a 3 try.hccapx -1 ?l?d ?1?1?1?1?1?1?1?1?1?1?1?1
Thank for your opinions,