Bruteforce on 10 characters length WPA2 password
I'm trying to hack my own WPA2 network for learning purposes.
I have the
*.capfile generated by
aircrack-ngtools after a WPA handshake.
I've tested by including my own password and a bunch of incorrect passwords on a wordlist and
aircrack-ngcrack successfully. My password is 10 characters length, only uppercase letters and numbers, so I tried generating a wordlist with
crunch(10 characters length, uppercase and numbers only):
$ crunch 10 10 -f charset.lst ualpha-numeric -o wordlist.txt
But crunch weight estimation was stunning:
Crunch will now generate the following amount of data: 40217742840692736 bytes 38354628411 MB 37455691 GB 36577 TB 35 PB Crunch will now generate the following number of lines: 3656158440062976
The wordlist is incredibly big. And I generated the wordlist by having clues about the lenght and characters involved. If I didn't know that It'd be even bigger.
I guess I know believe that bruteforce attacks on non trivial passwords is impossible, at least with pre generated wordlists.
Is there a way to let
aircrack-ngincrementally crack the password with a given length and charset?
What other sane options do I have to attack my password?
I'd look at OCLHashcat, as it let's you brute force with specific character sets and doesn't need to generate the list beforehand.
I'm not sure what you mean by "incrementally" however, if you mean stopping and starting OHC will let you do that.
In terms of cracking WPA2, you've got 3 options.
- Dictionary attacks
- Reaver attack against WPS (most successful option in majority of cases)
- Taking a wrench to the person and beating their password out of them
Ok, perhaps two options if you're not really wanting that password.
Brute force, unless you know a lot about the password and it's incredibly stupid (i.e. you know for certain it's an 8 character set of numbers) is going to be a non-starter.
Don't forget, strictly speaking there "shouldn't" be a way to break the password, so if none of these options seem viable, it just means you've got decent security. There may not be an answer as to how you can do it.