Crafting the “Perfect” WordList

I want to start post by pointing out that the word perfect is in quotes for a reason. This is because there is never a truly perfect wordlist for hacking passwords. There can never be a guarantee on whether a word list will be successful in matching a password hash, but brute forcing and password cracking essentially rely on the quality of the word list being used. The goal is to focus on what we already know.

Hacking WPA / WPA2 Encrypted Networks

Before we begin The methods and tools used in this WPA / WPA2 hacking tutorial can be utilized without any previous knowledge, however it is best for the attacker to have an understanding of what is going on behind the scenes. My job with this tutorial is to break down each step of the attack process and explain it in a simplified manner. Assuming that the reader of this guide has no previous knowledge with hacking, Linux, or Network Security, I will take it slow (one step at a time).

Droidsheep

Method of Attack: ARP Poisoning/Spoofing Tools Required: Android device with ROOT access. DroidSheep APK A Wireless Network Time to Complete: Less than 10 Minutes The app can be downloaded at: http://www.box.com/s/ipsluzrbotp6is01aj2b I am going to give a simple but effective demonstration on how to hijack an internet session over a wireless network using an android smartphone. This is just one of many ways to perform an ARP spoofing attack but I wanted to show just how trivial this technique has become, and how to better protect yourself from malicious attacks.