John the Ripper (JTR) is an extraordinary tool that is useful for cracking passwords. First we must understand that using a word list is one of the ways to crack a WPA protected router. Rainbow tables can also be used however for today, we shall focus on using word list to crack the password.
John the Ripper has the following parameters to be configured to allow customization:
File = FILENAME — Set this to your charset file name. See EXAMPLES for an example on how to generate a custom charset file. There’s no default.
MinLen = LENGTH — Minimum password length (the number of characters) to try. The default is 0.
MaxLen = LENGTH — Maximum password length to try. The default is 8 (or CHARSET_LENGTH as defined in src/params.h at compile time).
CharCount = COUNT
If you are using incremental mode and outputing the results to the file, you will be restricted to a maximum length of 8 only. For WPA, we are more interested to crack weak password of length 8 and the minimum length of passwords are 8 characters.
Therefore, we can use the config file to implement min length=8 and max length=8. Another useful knowledge to know that some of the popular routers such as 2WIRE use 8 digits as their default password. We can use this information to create a word list consisting of 8 digits word list to a file through the command:
john –stdout –incremental=num > wordlist.txt (800 MB file will be created)
Let’s say we wanna create an alphabets only word list, we can use this command
john –stdout –incremental=alpha > wordlist.txt (300GB+ file will be created)