Posts: 3
Threads: 1
Joined: Sep 2016
Hi, I am new to this and I want to apologise if I am in the wrong thread. I am just looking a bit of info on how fast a Titan would run a specific dictionary.
The dictionary would basically be a Latin alphabet with 8 characters. Lets presume I would have an intel i7 processor. How long would it take to run that and how big would the dictionary dictionary be?
Thanks everyone.
Posts: 30
Threads: 8
Joined: May 2016
I guess it depends on the hash algo.
best bang for the bucks would be i guess 2x1070 or something
Posts: 248
Threads: 11
Joined: Jun 2016
Posts: 3
Threads: 1
Joined: Sep 2016
(09-11-2016, 12:42 AM)bastibasti Wrote: I guess it depends on the hash algo.
best bang for the bucks would be i guess 2x1070 or something
Forgot to mention
WPA2
Posts: 5,085
Threads: 227
Joined: Apr 2010
You don't BF WPA if you're not able to shortcut because of a known key generating algorithm
Posts: 3
Threads: 1
Joined: Sep 2016
(09-12-2016, 12:15 AM)atom Wrote: You don't BF WPA if you're not able to shortcut because of a known key generating algorithm
Pardon me, but I am not sure exactly what you mean by the algorithm. I understand the smaller the dictionary the better.
Posts: 87
Threads: 4
Joined: Dec 2015
09-12-2016, 03:25 PM
(This post was last modified: 09-12-2016, 03:32 PM by jodler303.)
Many vendors derive their default passwords by algorithm from the device mac address. As you can see the mac address from the WiFi 802.11 beacons, you can calculate the default password by algorithm and try that. That's what atom was referring to. Others might not derive the password from the MAC address (or the algorithm is unknown) but you might learn about the structure of the password. If you know that password structure, e.g. "1RandomInternetCube_XXXX" where XXXX is any 4 hex digits you only have to bruteforce the last 4 digits, which is easy, too. Other vendors use the very same first digits for every password, eg. 117xxxxxxxxx. You need to know such things.
@generic brute forcing:
WPA2 is rather slow, even with good cards. even with multiple cards. some real world numbers, most are from my rig:
titan x @ wpa2 @ +300 = ~360 kH/s
titan x pascal @ wpa2 ... somewhere around 550 kH/s (?)
gtx 980 @ wpa2 @ +250 = ~250 kH/s
gtx 1080 @ wpa2 @ +250 = ~445 kH/s
gtx 1070 should be around 330 kH/s (?)
so as atom said, brute forcing is impossible or at least VERY limited for WPA. Either you're lucky and a custom password from a dictionary/rules is used so it's easier to guess, *OR* you know the structure of the default password (e.g. vendor default password derived from mac address). There are some devices e.g. some huawei mobile routers that only use 8-digit passwords (numbers only), so you can easily brute-force those ... you can also bruteforce 8-digit hex default passwords.
however: don't expect to brute force anything beyond such known limited keyspaces. even if you would have 8 cards. depending on the structure of a the password you are looking for, you can EASILY end up running hashcat for multiple years, even with 8 cards. ^^
Posts: 5,085
Threads: 227
Joined: Apr 2010
Now that's what I call a good description of what I meant, thanks