Learn Ethical Hacking Episode #29: Aircrack-ng and Crunch Setup


If you find yourself needing assistance at any point throughout the tutorial series, feel free to enroll in The Complete Ethical Hacking Course Bundle for 1 on 1 help!


Below is a list of the courses included in the bundle:

The Complete Ethical Hacking Course for 2018!
Certified Ethical Hacker Boot Camp for 2018!
The Complete Ethical Hacker Course: Beginner to Advanced!
Build an Advanced Keylogger for Ethical Hacking!

Hello everybody and welcome to this tutorial. Today, I will show you how you can install aircrack on a Windows system.

First off, you will need to go to the aircrack’s official website, www.aircrack-ng.org, and download the necessary file. After it is finished downloading, you will need to unzip the package, and then you will be able to run the program. So, let’s go ahead and right click on the package, and I’m going to use 7-zip to extract the files. Feel free to use WinRAR, or any other extraction program available to you. I’m going to select aircrack-ng, extract it, and select the folder to extract the files to. I’m going to extract to desktop. As you can see, I’ve already extracted it twice. Yes to all, it will copy over it, it will not prompt you with this question. It has successfully extracted to the desktop. As I said previously, there is no installation procedure. Go ahead and open the folder, select bin, and there is, it says aircrack-ngGUI.exe. That is the one that you need, excellent!

We have three programs here, you actually have four of them, but we’re not going to be using these two for the time being. You have airdump-ng and aircrack-ng. Airdump is used for collecting information, and you use aircrack-ng in order to brute force the password, or brute force the encryption key. As I said, I do not recommend that you use Windows. This is the procedure to run aircrack-ng on Windows, but I don’t recommend it. Now we’re going to switch back to our Linux partition and continue with the exercise.

One of the primary problems that we will encounter is the fact that we are unable to generate vast amounts of passwords manually. Have you ever tried typing a million words? That wouldn’t be too much fun. So, one of the first tools that we will need here is crunch, which we will use in order to generate password lists. It’s very flexible and easy to use. We can pass it the number of characters we are looking for, the password length, or a minimum/maximum length of the password. If we know fractions of the password, we can even pass those fractions to crunch. First, we first need to download crunch. Crunch is available on sourceforge.net. Just type in crunch password generator, and we should receive a link to SourceForge. Go ahead and select to download this, your download will start in a few seconds, and the whole download process will last just a few seconds. We will need to extract the file once again. Feel free to use the default extractor. Choose a destination folder, I’m going to go ahead and pick desktop because I’m going to delete it later, as I already have it installed and configured. There we go, it should finish quickly. You don’t even have the time to see what’s going on. So, let’s just go ahead and close these things, excellent! Crunch is here. If I open the folder, there are some things in here which we will use later on in the course, but I will explain them once we actually start using them.

For the time being, I would like to show you how to install Crunch. Let’s go ahead and open up our terminal, navigate over to the folder where it is located, so cd /home/Chronic/Desktop/crunch, excellent, and type ls. Now, you don’t have an instruction file here on how install the program, but you see that here we have a makefile. Whenever there is a makefile, all you need to do is type in make. You will need to be logged in as root or have a sudo password. So, just type in make, excellent, there we go. make install, press enter again, and there we go. The installation process is done and we can now use the program. Crunch is now installed, you can see that the the man pages for it are functional, and this is the syntax. You will type in one number here, and another number here, the minimal and maximal length. Character set here, you could type them in manually or use predefined ones, and then you can pass a bunch of other options if you wish. You don’t need to actually read through all of this, but skim through it. Just scroll through it and see if anything catches your eye.

Let me clear the screen, type in crunch, and then I will tell it to generate a certain password length, let’s say from 3 to 9. I’ve seen people type in from 0 to 9. You can, of course, exclude 0 immediately. I’ll type in from 3 to 5. Now I can pass in abcd123, and I can pipe this to aircrack-ng, and all of the passwords that are generated here will be passed to aircrack-ng to be used immediately. I need to add a few more commands here, of course, and we will do that in the next tutorial. I just wanted to explain the significance of this, because let’s say I do this, 3 to 5, press Enter, and I’m going to cancel it before it manages to finish. It says crunch will now generate the following amount of data, so 7680 bytes. That’s hardly any data. It says this is the amount of passwords it’s going to generate, 1,344, not very many. Okay, let’s try another input. Let’s try abcdefghijklmnopqrstuvwxyz, press Enter, now look at what happens. The number, the file size, has grown exponentially. The amount of possible combinations has grown exponentially, and it says 73 megabytes. Still, this is a relatively small number of potential passwords. This will get cracked in a couple of seconds. What if I specify a length of 9? Look at what happens. It says that it will produce 51 terabytes of data, and this is the number of possible combinations there will be. OK, this is a very large number, and with my CPU it would take me a very long amount of time to do that. Okay, let’s go ahead and type in 1234567890. See what happens? It says almost 1,000 terabytes just by adding the numbers from 0 to 9. You get where I’m going with this, but let’s try expanding this once more for fun. Let’s try a password length of 29. Okay, this is going to be ridiculous. Basically, it tells me that it will generate 6,998 petabytes of data. Yeah, you simply will not have enough room on your hard-drive. A petabyte of storage is one thousand terabytes.

What you would do with aircrack, generally, is aircrack-ng -w, and then you would pass a passwordlist.txt file to it in order to crack a certain file with it. However, these password lists, as long as they are, as good as they are, they do not guarantee that the password will be cracked. You simply cannot generate this amount of information, with this many combinations, and put them in a file on your local computer. Even if you were to store it in the cloud somewhere, it would cost you a ridiculous amount of money. What you can do, however, is pass an argument, -w -. Now, crunch will not save an output file, the passwords will simply go to standard output, and then aircrack will pick up the passwords from standard output and utilize them, in order to break the encryption of a captured.

So, this was a simple example of why we needed to install Crunch. There’s also a way to install Crunch on Windows, however I could not find a safe source to download it on the internet. Again, using Windows is not recommended for this course. In any case, I bid you farewell. In the next tutorial I will demonstrate the cracking process, and you will see how we can crack a WiFi network.

The remainder of the tutorial videos can be found in this YouTube playlist:


You can also enroll in the course and download the videos for offline viewing:


Subscribe on YouTube – https://www.youtube.com/c/JosephDelgadillo?sub_confirmation=1

Follow on Steemit – https://steemit.com/@jo3potato