Instead of using a dictionary on a WPA encrypted network, we can perform a bruteforce attack. Since this post I've written a better article on a much better bruteforce attack which will let you do this in 4-10 hours no matter how big the key is, it's here.
For key generation I will use a tool called WordField, which can be found here.
Usage of this tool is very simple:
wordfield [OPTION...] MINLENGTH [MAXLENGTH]
So running "wordfield -a -n 8 8" will output all possible alphanumeric strings which are 8 characters long.
I will be using the output from this tool as the input for aircrack-ng.
I will just assume that you know how to use aircrack-ng.
When a 4 way handshake has been saved with airodump-ng, the wpa network is now ready to crack. This is usually where a dictionary attack will be launched. But using this method, the dictionary will be generated in realtime against cracking the wpa key.
This is the command to do this,
wordfield -a -n 8 10 | aircrack-ng -b
-w - *.cap
This will pipe the output from wordfield into aircrack-ng. Also, please note that this is only really effective on weak keys, unless you have a lot of computational power.