This is with respect to WPA2 (non-WPS).
I am pretty experienced with WPA2 cracking methods and tools, but I tend to use mostly pyrit, aircrack, and crunch in various combinations. But I'm working on something wherein I have partial knowledge of the passphrase, but also limited resources...
I'm wondering if there is a way to use crunch or hashcat (or another tool) to augment an existing dictionary (like adding a mask to a dictionary), and then pipe that to pyrit/cowpatty/aircrack in an attack passthrough.
I'm sure most of you are aware of the Netgear router (models WNDR and possibly others) for which the default WPA passphrase is relatively easy to find as it consists of an adjective + noun + /d{3}.
I have a list with adjective + noun. I would like to take each and append 000-999 to it. This is simple to do obviously in bash or python, and I have created the requisite script using python, but unfortunately, my hard drive space restrictions do not allow me to generate and store the full list.
So it seems as if I will need to pipe a live generation of each passphrase into a cracking tool to generate the pmk and then check against my handshake.
Does anyone know of a tool that will allow me to do this? Or, maybe even simpler, does anyone familiar with python know how I might pipe the output of my python script to say aircrack or pyrit? In other words, could I use my script instead of crunch to passthrough the generated passphrases to pyrit/aircrack/cowpatty? Currently my script writes to a file, so maybe it just needs to go to stdout(?).
If anyone has any thoughts, please comment... You have my appreciation in advance!
Thank you
crypts3c