Пропускане към основното съдържание

WPA WPA2 aircrack bruteforce using dictionary

Why should use WPA/WPA2 encryption?!!!

In order to protect your data from snooping or prying eyes, you should encrypt, or scramble, it so that nobody else can read it. Most recent wireless equipment comes with both WEP (wired equivalent privacy) and WPA (wifi protected access) encryption schemes that you can enable. WEP was the encryption scheme included with the first generation of wireless networking equipment. It was found to contain some serious flaws which make it relatively easy to crack, or break into, so it is not the best form of security for your wireless network. WPA was later rolled out to provide significantly stronger wireless data encryption than WEP. But, in order to use WPA, all of the devices communicating on the network need to be configured for WPA. If any of the devices in the chain of communication are configured for WEP, the WPA devices will typically fall back to the lesser encryption so that all of the devices can still communicate. Refer to the owner's manual for your wireless router or access point to determine how to enable and configure encryption for your device. Once you enable encryption on your router or access point, you will need to configure your wireless network devices with the proper information to access the network. If you can use WPA you should because it is much more secure. However, even WEP is better than nothing and will keep casual snoopers and novice hackers out of your wireless network. Using encryption with a longer key length will provide stronger security, but with a slight performance impact.It is an interim solution that is used now until 802.11i comes out. TKIP basically works by generating a sequence of WEP keys based on a master key, and re- keying periodically before enough volume of info. could be captured to allow recovery of the WEP key. TKIP changes the Key every 10,000 packets, which is quick enough to combat statistical methods to analyze the cipher. TKIP also adds into the picture the Message Integrity Code (MIC). The transmission’s CRC, and ICV (Integrity Check Value) is checked. If the packet was tampered with. WPA will stop using the current keys and re-keys.

You need to know!

WPA and WPA2 was more strongly from WEP encryption! Because WPA/WPA2 is on another level of encryption! The breaking of WPA/WPA2 is very very hard and maybe may take long long time. If you have a good "@*dictionary" for the case you may successful to breaking the WPA or WPA2 encryption!!In this video I show you just exaple how can you do this but if you want to seriously do this!! You will do this. But you know!That is risky and very hard..anyway... Of Course there are another way to decrypt WPA/WPA2 but better you do not know anyway...Thanks for watching guys :) Somthing important that you know: When you are write a password "USE LETTERS AND NUMBERS".Make your password with 20 or 30 symbols!!!

@*The dictionary is a list of special words who you type in " .text" file. Wordlist who identify this victim!!! It is very hard to do this wordlist. May you take year or days to do this. You must know this victim. The way this victim thinks and more.. however... You should know something. Maybe you never discover the right words and never find this password!


Popular Posts


REPRODUCE OF THE VULNERABILITY =): Collaboration: silentsignal

DVWA - Brute Force (High Level) - Anti-CSRF Tokens

This is the final "how to" guide which brute focuses Damn Vulnerable Web Application (DVWA), this time on the high security level. It is an expansion from the "low" level (which is a straightforward HTTP GET form attack). The main login screen shares similar issues (brute force-able and with anti-CSRF tokens). The only other posting is the "medium" security level post (which deals with timing issues). For the final time, let's pretend we do not know any credentials for DVWA.... Let's play dumb and brute force DVWA... once and for all! TL;DR: Quick copy/paste 1: CSRF=$(curl -s -c dvwa.cookie "" | awk -F 'value=' '/user_token/ {print $2}' | cut -d "'" -f2) 2: SESSIONID=$(grep PHPSESSID dvwa.cookie | cut -d $'\t' -f7) 3: curl -s -b dvwa.cookie -d "username=admin&password=password&user_token=${CSRF}&Login=Login" "192.168.1


Donate if you are not shame!