Now that's brute-force! Today we're going to blur the lines between possible and impossible. The amount of time it takes to brute-force WPA/WPA2 passwords can be seconds or minutes or hours or days or weeks or years or decades... you get the point.
This is based on two (possibly three) very important factors: The strength of the password and the processing power in which you will be throwing passwords at it with lightening speed. [The 3rd factor would be where or not said password is even in the dictionary file — if you're using a dictionary file and not trying every single combination known to man — because if it's not, then you will never crack the password].
For instance, if the WiFi's password is "password" then that dictionary file is going to crack it in seconds. If the password is "[email protected]" then I'm guess you will never crack it. In fact, a handy website called "How Secure is My Password" estimates that it will take "14 octillion years". That's a 10 with TWENTY-SEVEN zeros behind it motherfuckers! Better grab two cases a beer for that run.
What You Will Need
- Kali Linux (either a bootable LiveCD or bootable USB image)
- Network card capable of monitor mode ("promiscuous mode") and packet injections. My recommendation is: Alfa AWUS036H
- The Aircrack-ng suite (included in Kali Linux or AVAILABLE FOR WINDOWS!)
- A dictionary file (a file containing possible passwords for the WiFi)
- Few minutes to set up; A LOT of patience while it cracks the code.
Brute-forcing WPA/WPA2 Encrypted Passwords
I'm going to show you one of the slowest methods of cracking these passwords. I'm using my standard CPU and running the password against a dictionary list. To increase the speed you can use a GPU (graphics processor) and prehashed tables generated from Genpmk and then run through CowPatty. I may cover that in a future tutorial; this one is meant to give you the basics and theory behind the crack.
Now, let's get to the hack: