Few things that you should know:

A Wordlist is a file containing a list of passwords to be tested.  Most of the time, the file is a .txt format or simple text format.  For KisMAC, the file MUST be .txt with an empty line at the end.

- The empty line is mandatory -

Wordlist can be extremely large. Pick them wisely!  There is no need to try pseudo random passwords.

KisMAC runs about 150 to 170 passwords per second, it may seems fast, but if you crunch the numbers you’ll discover that you may need more than you can believe, so start with “Smart Wordlist”

- WPA passwords have between 8 and 63 Characters

- The only known  vulnerability (as of Jan 2010) to WPA is a Bruteforce attack.

1. -A Bruteforce Attack is simply to try passwords after passwords after passwords.... either precomputed or listed in a file.
   

A Bruteforce attack is:

a) Time consuming

b) The most "simplest" attack

c) Time consuming

d) Not guaranteed to work

5. e)Time consuming
   

For a Bruteforce attack to be guaranteed to work, you will need to try all possibilities. One by one.

So... let’s try to count the possibilities:

Between 8 To 63 characters, Up to 255 possibilities per character  =  (63^255) - (7^255)

We have the following number of possibilities: 40,929,022,004,465,600,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000

Time is one issues. Energy is one other. Good luck with the electricity bill.

If time and energy are not an issue, size can be:

creating random lists with all permutation possible will take some space ....

If you were to create all permutation lists, the size of the list would be: 

Numbers Only

8 Ch        954 megabytes

10 Ch      114,688  megabytes

15 Ch      16,106,127,360 megabytes or just a bit more than 31,500  500GB hard drive.

As for letters, lower case only

8 Ch       2,097,152 megabytes

10 Ch     2,147,483,648 megabytes

etc etc ...Got space?

So, instead of dummy list, let’s try “smart ones”

Smart Lists

The list is proportionally smarter that the target person is stupid ! 

Example:

In 2005, someone compiled a list of the most 500 used passwords. After a while, you would think that people stopped using those passwords, huh?

Well, the answer is no. Keep on using them... it’s like screaming “hack me please” and publishing your password on the first page of google: Someone will find it without too much difficulties ... 

Then in 2009, somebody hacked Hotmail accounts , 30,000 passwords made public.

Guess what?  they were pretty much the same. the top 100 was almost a carbon copy of the previous one.

Then in 2010, somebody hacked the RockYou website and collected 32,000,000 passwords (32 million!)

Guess what again .... yes! the top list was again almost the same as the 2 previous one .....

So, if you sort by occurrence the password, you end up with list, relatively small, that can crack 5% of the passwords in seconds.

If you run a 32 million password list, it will take you about 20 hours,  the top 500 will take you less than 5 sec. that’s what I call a smart list. Not guaranteed to work but better than trying “pure blind luck”

If you wish to try your luck, play lottery: The chance of winning is greater.

Smart Lists

Character Occurrence in Passwords