Results 1 to 5 of 5

Thread: Making all possible combinations 0123...-...xyz using Crunch

  1. #1
    Join Date
    2014-May
    Posts
    1

    Cool Making all possible combinations 0123...-...xyz using Crunch

    Is there a way to use every single letter and every single number in Crunch?
    It would be similar to "Crunch 4 14 0987654321abcdefghijklmnopqrstuvwxyz /root/Desktop/file.txt
    oorrrrrrr
    If there isn't a specific way...
    can I put it into a zip file and execute it without it taking up so much space?
    I want to use the best cracking algorithm if I can't develop the very best.
    I need help in developing something with Crunch that would almost insure my success in penetrating something (legally).
    Any help?

  2. #2
    This post may help you with figuring out how much space will be required: http://adaywithtape.blogspot.co.uk/2...ist-sizes.html
    There are also various other guides on the same blog on how to use crunch.
    This is a Kali-Linux support forum - not general IT/infosec help.

    Useful Commands: OS, Networking, Hardware, Wi-Fi
    Troubleshooting: Kali-Linux Installation, Repository, Wi-Fi Cards (Official Docs)
    Hardware: Recommended 802.11 Wireless Cards

    Documentation: http://docs.kali.org/ (Offline PDF version)
    Bugs Reporting & Tool Requests: https://bugs.kali.org/
    Kali Tool List, Versions & Man Pages: https://tools.kali.org/

  3. #3
    Join Date
    2013-Jun
    Posts
    125
    HELLO PEETZA FOX

    SOME STATISTICS WILL HELP US HERE
    A SIMPLE??! (AHEM!) EIGHT DIGIT DICTIONARY WITH ALL ALPHANUMERIC CHARACTERS

    TOTAL CHARACTERS IN OUR DICTIONARY=0123456789abcdefghijklmnopqrstuvwxyzABC DEFGHIJKLMNOPQRSTUVWXYZ
    let us say we are creating an 8 digit dictionary ONLY
    Using the Permutation formula at the link

    http://www.mathsisfun.com/combinator...alculator.html
    choosing the option Yes for "Can you repeat a number" when calculating in the link

    values
    n=62 (no. of lower and upper case letters and digits)
    r=8 (an eight string permutation/password with 8 repeatitive characters)

    Results=2.18340105 x 10^14 (218,340,105 trillion passwords/permutations!)

    HOW MUCH SPACE AND HOW LONG FOR A DICTIONARY ATTACK?

    An extract from using crunch (of course i had to kill this process..lol) shows the below information...

    root@localhost:~# crunch 8 8 0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMN OPQRSTUVWXYZ
    Crunch will now generate the following amount of data: 1965060950264064 bytes
    1874028158 MB
    1830105 GB
    1787 TB
    1 PB


    1 PB (1 Petabyte!)..hmm...i need....1,787 hard drive of 1 terabyte each to store this dictionary..Cost for purchase and set-up?...
    I would not like to do the maths..

    Assuming that i am using pyrit with graphics card to speed up cracking (2X HD radeon 6990)...benchmark below shows how much PMK/s
    this card is able to try (that is 215,223 PMK/s)

    http://www.tomshardware.com/reviews/...ck,2981-8.html

    ASSUMING I CAN PURCHASE SO MANY HARDDRIVES HOW LONG WILL THIS TAKE?

    Time Taken= No. of Password in Dictionary/No. of PMKs/Password per Second tried by pyrit (with this graphics card)
    Time Taken=(2.18340105x10^14)/(215,223)=1014483141 seconds (atleast 32 years!)

    IF PYRIT IS USED WITH A PASSTHROUGH ATTACK OPTION INSTEAD OF DICTIONARY IT WILL TAKE THE SAME TIME (ATLEAST 32 YEARS!)
    only difference is you do not need to pay for storage and monitor this process for 32 years is absurd..also i think the access point will not exists so long..based on chances....

    I ask the same question you were asking..we all do....only to find out that doing the maths can give help me solve my question
    Last edited by repzeroworld; 2014-06-01 at 11:36.

  4. #4
    Join Date
    2014-Mar
    Posts
    2

    Lightbulb Pumping Crunch

    Quote Originally Posted by repzeroworld View Post
    HELLO PEETZA FOX

    SOME STATISTICS WILL HELP US HERE
    A SIMPLE??! (AHEM!) EIGHT DIGIT DICTIONARY WITH ALL ALPHANUMERIC CHARACTERS

    TOTAL CHARACTERS IN OUR DICTIONARY=0123456789abcdefghijklmnopqrstuvwxyzABC DEFGHIJKLMNOPQRSTUVWXYZ
    let us say we are creating an 8 digit dictionary ONLY
    Using the Permutation formula at the link

    http://www.mathsisfun.com/combinator...alculator.html
    choosing the option Yes for "Can you repeat a number" when calculating in the link

    values
    n=62 (no. of lower and upper case letters and digits)
    r=8 (an eight string permutation/password with 8 repeatitive characters)

    Results=2.18340105 x 10^14 (218,340,105 trillion passwords/permutations!)

    HOW MUCH SPACE AND HOW LONG FOR A DICTIONARY ATTACK?

    An extract from using crunch (of course i had to kill this process..lol) shows the below information...

    root@localhost:~# crunch 8 8 0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMN OPQRSTUVWXYZ
    Crunch will now generate the following amount of data: 1965060950264064 bytes
    1874028158 MB
    1830105 GB
    1787 TB
    1 PB


    1 PB (1 Petabyte!)..hmm...i need....1,787 hard drive of 1 terabyte each to store this dictionary..Cost for purchase and set-up?...
    I would not like to do the maths..

    Assuming that i am using pyrit with graphics card to speed up cracking (2X HD radeon 6990)...benchmark below shows how much PMK/s
    this card is able to try (that is 215,223 PMK/s)

    http://www.tomshardware.com/reviews/...ck,2981-8.html

    ASSUMING I CAN PURCHASE SO MANY HARDDRIVES HOW LONG WILL THIS TAKE?

    Time Taken= No. of Password in Dictionary/No. of PMKs/Password per Second tried by pyrit (with this graphics card)
    Time Taken=(218,340,105x10^12)/(215,223)=1014483141 seconds (atleast 32 years!)

    IF PYRIT IS USED WITH A PASSTHROUGH ATTACK OPTION INSTEAD OF DICTIONARY IT WILL TAKE THE SAME TIME (ATLEAST 32 YEARS!)
    only difference is you do not need to pay for storage and monitor this process for 32 years is absurd..also i think the access point will not exists so long..based on chances....

    I ask the same question you were asking..we all do....only to find out that doing the maths can give help me solve my question
    I seen a way to pump crunch through to (I was using Aircrack-ng) a programme to miss out the need for over a Terrabyte of space, but it's like the 2 animations crossed into 1 screen it looked glitchy as **** but seemed to be actually trying what crunch was pumping out, not even saving a wordlist.
    Look for it it's something like

    aircrack-ng -a 00:11:22:33:44:55 -c 1 -o WPAcrack*.cap -t | crunch 8 8

    Something along those lines but the 2 clauses were definately separated by "|"
    If I find I will link

  5. #5
    Join Date
    2013-Jul
    Posts
    844
    As repzeroworld clearly shows, using a wide spectrum brute force attack is simply impractical.

    Furthermore, storing such a dictionary would be daunting.

    If you use a program which first produces the word and then tests it like a crunch-aircrack-ng pass thru ,
    your speed it severly reduced as the computer has to spend a portion of its time computing the word to be tested,
    Furthermore you cannot easily save your work in stages. This is an administrative problem. Our Teams suggest you use Elcomsoft which is a windows based program which easily saves your work.

    Successful cracking WPA using bruteforce has a social engineering aspect. With the advent of reaver, long WPA keys not normally susceptible to brute force could be broken. Reaver cuts thru the time constraint problems associated with brute force attacks. It can crack keys that would simply be difficult if not impossible to access using brute force methods. Any statistical analysis of passwords cracked by brute force is really only showing those weak keys that were broken. Thus reaver gave a rare glimpse into just how WPA keys are choosen by users.
    Musket Teams compiled all keys cracked in one operational area to see how users chose their keys. We provide this statistical analysis for use by those desgining their brute force attacks against WPA using a dictionary, crunch-aircrack-ng passthru or a dictionary, mask attack with Elcomsoft.

    Of the 60 keys in one(1) geographic cluster the following incidence was found thru reaver.

    Key Length

    21.67% 08 characters in length
    03.33% 09 characters in length
    63.33% 10 characters in length
    05.00% 11 characters in length
    01.67%. 12 characters in length
    01.67%. 14 characters in length
    01.67%. 15 characters in length
    01.67%. 19 characters in length



    Key Type

    56.67% Numeric Only

    Subclass of numeric

    28.33% of all keys and over half of the numeric only keys, were mobile phone numbers 10 characters in length wherein the first two(2) numbers were fixed and the last eight(8) were floating.

    3.33% were local phone number of various forms ie:

    Fixed Fixed Floating

    Country area number
    area number


    03.33% Lower Case Only
    01.67% Uppercase Only
    06.67% Lowercase and Numeric
    03.33% Uppercase and Numeric
    08.33% Numeric, Uppercase and Lowercase
    06.67% Numeric,Lowercase and Symbol

    Musket Teams
    Last edited by mmusket33; 2014-06-01 at 02:24.

Similar Threads

  1. Arrow keys type letter combinations
    By Infinity.hax in forum General Archive
    Replies: 0
    Last Post: 2018-03-27, 17:31
  2. Making Crunch create random non repeating letters
    By TTG TriCkSh0tZz in forum General Archive
    Replies: 5
    Last Post: 2016-10-08, 05:10

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •