Thanks for the reply, i've used SpoonWPA quite a few times before however the inbuilt dictionary attack takes ages to complete, getting the WPA-PSK hash is no problem it's the amount of time taken to crack the PSK that takes countless hours.
Maybe the best way of performing the dictionary attack aside the elcomsoft method is to set up a few BT machines running John and launch the attack that way. Else generate a few rainbow tables with something like rtgen. I would like to test the GPU theory out though as i am interested in the kinds of speeds it will pull.
Maybe you could use:
http://www.bindshell.net/tools/johntheripperThis is an updated version of Ryan Lim's patch for john the ripper to support MPI, in addition to a large number of third party patches to support additional ciphers and such.
MPI allows you to use multiple processors on a single system, or a cluster of systems for cracking passwords using john the ripper. Incredibly useful in these days of multi core processors.
Dont know if you have the resources, nor have i played with MPI yet, just a thought b/c i was on Bindshell today =P
Network Pen Testing : Ruby on Rails Vulnerabilities/Attacks in BackTrack 5 r3
