1
00:00:00,900 --> 00:00:07,320
And the previous lecture we covered how to store our progress when going through a large wordlist.

2
00:00:07,340 --> 00:00:14,150
This allows us to pause and Richoux so that we can stop our cracking session and then come back at a

3
00:00:14,150 --> 00:00:19,790
different time and then start the session from where we left which is very handy when we have a large

4
00:00:19,790 --> 00:00:21,900
wordlist.

5
00:00:21,890 --> 00:00:27,290
Another issue that we might face when you use an a large wordlist is the disk space.

6
00:00:27,320 --> 00:00:32,960
So a large word list would basically just take a lot of space from our desk.

7
00:00:33,740 --> 00:00:42,700
The solution to this is to generate the wordlist use and crunch and pass it on the fly to aircraft N-G.

8
00:00:42,740 --> 00:00:47,900
So basically we're going to be use in crunch to create the wordlist like we've seen before but instead

9
00:00:47,900 --> 00:00:54,550
of saving the wordlist on disk we're going to make it produce the wordlist on screen.

10
00:00:54,680 --> 00:01:01,400
So the result is going to be very similar to what we got when we opened our wordlist with John the Ripper

11
00:01:01,430 --> 00:01:08,990
and the previous lecture and then we're going to pipe that output to aircraft energy which will read

12
00:01:08,990 --> 00:01:16,390
that as input and process the wordlist on the fly as it's being generated on crunch.

13
00:01:16,910 --> 00:01:23,280
This way the wordlist will not be stored in a specific file and it won't take a lot of disk space.

14
00:01:24,290 --> 00:01:27,470
Now let me show you how to do that and it's going to become more clear.

15
00:01:29,610 --> 00:01:34,650
So first of all before I do the whole command I'm just going to show you the command that we usually

16
00:01:34,650 --> 00:01:43,150
use with crunch so easily do crunch and then we do the minimum number of characters followed by the

17
00:01:43,150 --> 00:01:44,930
maximum number of characters.

18
00:01:46,570 --> 00:01:51,610
And I'm going to set both to eight because this is the minimum number of characters that you can use

19
00:01:51,800 --> 00:01:54,780
and with WPA a password.

20
00:01:54,790 --> 00:01:59,230
Then we usually specify the characters to use to generate the wordlist.

21
00:01:59,230 --> 00:02:04,930
Now I'm not going to specify any characters right now because I want to use all the characters so if

22
00:02:04,930 --> 00:02:13,220
I don't specify any characters Cranch will use A B C D F G all the way up to Z by default.

23
00:02:13,330 --> 00:02:20,310
So all I have to do now is just do minus 0 to specify the file to save the wordlist too.

24
00:02:20,380 --> 00:02:30,180
And let's just say to all takes the now I'm going to hit enter and as you can see this file is going

25
00:02:30,180 --> 00:02:35,350
to be huge is going to be one terabyte one thousand seven hundred fifty gigabytes.

26
00:02:35,520 --> 00:02:37,500
And this much megabytes.

27
00:02:37,500 --> 00:02:39,540
So it's going to be a huge file.

28
00:02:39,600 --> 00:02:47,130
And I actually don't have enough space on my desk to store that file so I'm going to do Control-C And

29
00:02:47,130 --> 00:02:52,460
what I'm going to do right now is I'm going to run the same command and I'm just going to omit the minus

30
00:02:52,830 --> 00:02:54,050
argument.

31
00:02:54,660 --> 00:02:56,810
So what I'm doing right now is crunch.

32
00:02:57,090 --> 00:03:00,820
I'm telling it that I want you to generate passwords of length 8.

33
00:03:01,140 --> 00:03:06,690
And I didn't specify any characters because I wanted to use all characters A to Z.

34
00:03:06,690 --> 00:03:12,380
Now if you want to use specific characters you can just type them in here A B C D F G 1 two three.

35
00:03:12,540 --> 00:03:13,940
As I showed you before.

36
00:03:15,870 --> 00:03:20,280
So I'm going to hit enter with this and you'll see that it's still telling me that this is going to

37
00:03:20,280 --> 00:03:26,450
take one terabyte 1750 gigabytes but it's displaying the results on screen.

38
00:03:26,460 --> 00:03:28,500
It's not storing it in a file.

39
00:03:28,800 --> 00:03:36,150
And if we let this run for a long period of time it'll actually display all possible combinations of

40
00:03:36,150 --> 00:03:42,850
characters that have a length of eight characters and contain the characters A to Z.

41
00:03:43,410 --> 00:03:47,150
Now I'm going to do Control-C to this because this is not useful for me.

42
00:03:47,220 --> 00:03:48,750
I'm just doing this to show you.

43
00:03:48,990 --> 00:03:55,260
But if you notice the output right now is very similar to the output that I got in the previous lecture

44
00:03:55,290 --> 00:04:00,870
when I opened my wordlist use and John the Ripper when we were doing the pause and resume process.

45
00:04:02,100 --> 00:04:07,340
So you can see that the result is being displayed on screen for Amena which is very cool.

46
00:04:07,350 --> 00:04:11,160
So what I want to do right now is I want to pipe this result.

47
00:04:11,430 --> 00:04:14,910
So we usually pipe using this character like we've seen before.

48
00:04:15,980 --> 00:04:21,490
So what I want to do right now is I want to pipe the result of this command to aircraft engine.

49
00:04:21,940 --> 00:04:28,430
And like I said earlier this command is producing a result very similar to the result that we got from

50
00:04:28,430 --> 00:04:36,050
John in the previous lecture which means the output right now is exactly the same output that we got

51
00:04:36,320 --> 00:04:38,790
from John in the previous lecture.

52
00:04:39,230 --> 00:04:44,900
So the command that we're going to be passing this to can be exactly the same command that we used in

53
00:04:44,900 --> 00:04:46,010
the previous lecture.

54
00:04:46,190 --> 00:04:47,350
And it should work.

55
00:04:48,230 --> 00:04:56,070
Therefore all I'm going to do is I'm going to do aircraft and G and I'm going to give it the OBSS idea

56
00:04:56,320 --> 00:05:03,340
of my target network then I'm going to give it minus W.T. give it the wordlist.

57
00:05:03,340 --> 00:05:09,640
And just like I did in my previous lecture I'm going to do a dash to tell it that use the output of

58
00:05:09,640 --> 00:05:14,730
the previous command as the input for the wordlist.

59
00:05:14,890 --> 00:05:21,780
Then I'm going to give it the handshake file which is called handshake 0 1 cup and that's it.

60
00:05:21,780 --> 00:05:23,600
I'm good to go.

61
00:05:23,640 --> 00:05:25,600
So we're doing a crunch.

62
00:05:25,620 --> 00:05:26,220
Eight eight.

63
00:05:26,220 --> 00:05:29,090
To generate passwords of length 8 from 8 izzi.

64
00:05:29,280 --> 00:05:35,610
And again you can use any crunch command right here you can use any combination any characters any pattern

65
00:05:35,790 --> 00:05:42,060
exactly the same way that I showed you and the crunch lecture then we're not using the minus option

66
00:05:42,060 --> 00:05:44,960
because we don't want to save anything on disk.

67
00:05:45,030 --> 00:05:52,860
We want the result to be displayed on screen and then we're piping that result to aircraft N-G.

68
00:05:53,040 --> 00:05:59,190
Now two aircraft ngi were given that actually should not have a space here.

69
00:05:59,280 --> 00:06:06,720
So we're giving it the best idea of the target network we're given at the dictionary and we're not actually

70
00:06:06,720 --> 00:06:10,180
given a name for the dictionary we're only giving it a dash.

71
00:06:10,290 --> 00:06:16,560
And this is because we're telling it that I want you to use the output of the previous command as the

72
00:06:16,560 --> 00:06:17,550
input.

73
00:06:17,610 --> 00:06:23,460
So this is exactly like we did in the previous lecture and then we're given a file that contains the

74
00:06:23,460 --> 00:06:24,710
handshake.

75
00:06:25,350 --> 00:06:30,700
Now if I enter I misspelled aircraft.

76
00:06:30,980 --> 00:06:33,610
So it's like this.

77
00:06:33,800 --> 00:06:34,760
Now if I hit enter

78
00:06:38,390 --> 00:06:46,010
and as you can see now aircraft engine is working it's taken the passwords generated by crunch on the

79
00:06:46,010 --> 00:06:49,280
fly and using them as the dictionary.

80
00:06:49,430 --> 00:06:54,530
So the wordlist is not being stored on my desk my desk will not get full.

81
00:06:54,650 --> 00:06:59,360
And this way we'll be able to use huge word lists for cracking.

82
00:06:59,390 --> 00:07:05,480
The only problem right now is this word this is really really big and there is no way we can go through

83
00:07:05,480 --> 00:07:07,010
it within one session.

84
00:07:07,160 --> 00:07:15,050
So it would be great if we can save our progress and be able to stop and continue whenever we have the

85
00:07:15,050 --> 00:07:16,510
time.

86
00:07:16,520 --> 00:07:21,680
So in the next lecture I'm going to show you how to combine what we learned in this lecture and in the

87
00:07:21,680 --> 00:07:28,700
previous lecture so that we can use a huge wordlist and use it directly with our crack energy without

88
00:07:28,700 --> 00:07:33,970
saving it on disk and also be able to stop and rescue our progress.