To FurqanHanif

When you bring pipes and aircrack-ng into the equation there are other more important considerations.

There are two major constraints to brute forcing a WPA key using aircrack-ng or pyrit.

The first is speed. If you use a passthru you dramatically slow the cracking speed down as the computer must precompute the word. So it is better to precompute the dictionary files and divide the files up into smaller blocks.

The second is the time required. Many of these attacks take weeks if not months. You cannot expect to run your computer constantly for that length of time, you will eventually need to stop the attack. The problem then is how to restart where you left off.

If you precompute your dictionaries, you can use John the Ripper in a pipe to save your work.

Begin the crack by adding the following after john

john --session=allrules

The allrules is just the name you give to the file saved by john

john --session=allrules --wordlist=/root/wordlist.txt --rules:modified_single --stdout | aircrack-ng -e "ESSID" -w - /root/NAME.cap

When you want to stop hit Ctrl-C and wait

To restart enter

john --restore=allrules | aircrack-ng -e "ESSID" -w - /root/NAME.cap


The attack proceeds from the shutdown point.


You should only use a passthru if the attack will be short in duration or the wordlist file is so big that you cannot store it. Here crunch is a good solution as it allows the restarting where the attack stopped.

Although this is a linux forum we cannot help but note that the real brute force WPA cracking tool is Elcomsoft/Windows8 and two(2) GPU's but we will leave that for another forum.

MTeams