Learn How TO Hack Wifi
let us start with the Wi-FI cracking. But before starting the tutorial let me give you a small introduction to what Wi-Fi hacking is and what are the security protocols associated with it.
In a secured wireless connected the data on internet is sent via encrypted packets. These packets are secured with network keys.
There are basically 2 types of security keys :
There are basically 2 types of security keys :
WEP( Wireless Encryption Protocol) : This is the most basic form of encryption. This has become an unsafe option as it is vulnerable and can be cracked with relative ease. Although this is the case many people still use this encryption.
WPA( Wi-FI Protected Access) : This is the most secure wireless encryption. Cracking of such network requires use of a wordlist with common passwords. This is sort of brute force attack. This is virtually uncrackable if the network is secured with a strong password
So lets begin the actual Wifi Hacking tutorial!
In order to crack wi-fi password, you require the following things :
In order to crack wi-fi password, you require the following things :
1) A Desktop or Laptop having a Wireless Adapter
2) Backtrack
3) Brain! ( The most important part)
These are the things you require now let us proceed with the steps to crack wifi passwords easily.
1) Open Backtrack & Open Terminal In It.
2) Type airmon-ng and hit Enter. You will have a screen like this, note down the name of interface, in our case the the name is wlan0.
3) Now type ifconfig wlan0 down and hit enter.
This command will disable your wireless adapter, we are doing this in order to change yourMAC address.
This command will disable your wireless adapter, we are doing this in order to change yourMAC address.
3) Now type ifconfig wlan0 hw ether 00:11:22:33:44:55 and hit enter.
This command will change your MAC address to 00:11:22:33:44:55 in order to hide your identity.
This command will change your MAC address to 00:11:22:33:44:55 in order to hide your identity.
4) Now type airmon-ng start wlan0 and hit enter.
This will start the network adapter in monitor mode. Note down the new interface name, it could be eth0 or mon0 or something like that.
This will start the network adapter in monitor mode. Note down the new interface name, it could be eth0 or mon0 or something like that.
The above command has started our network adapter in monitor mode as mon0, note down this name.
5) After this type airmon-ng mon0 and hit enter
Replace the mon0 with interface name you discovered in step 4. This command will show you the list of available networks. Press Ctrl+C to stop the airmon to search for more networds. Copy the BSSID of the wireless network which you want to hack.
Replace the mon0 with interface name you discovered in step 4. This command will show you the list of available networks. Press Ctrl+C to stop the airmon to search for more networds. Copy the BSSID of the wireless network which you want to hack.
In the above screenshot there is a list of available networks, Choose 1 network and note the BSSID andchannel of it.
6) Type airodump-ng -c channelno –bssid BSSIDN1 mon0 -w filename and hit enter.
Replace channelno and BSSIDN1 with the data from step 5. Replace the mon0 with network interface name from step 4. In place of filename write anyname and do remember that. Better use filename itself.
This command will begin capturing the packets from the network. You need to capture more and more packets in order to crack the wifi password. This packet capturing is a slow process.
Replace channelno and BSSIDN1 with the data from step 5. Replace the mon0 with network interface name from step 4. In place of filename write anyname and do remember that. Better use filename itself.
This command will begin capturing the packets from the network. You need to capture more and more packets in order to crack the wifi password. This packet capturing is a slow process.
7) To make the packet capturing faster, we will use another command. Open a new shell, don’t close the previous shell. In new shell type aireplay-ng -1 0 -a BSSIDN1 -h 00:11:22:33:44:55 mon0 and hit enter.
Replace the BSSIDN1 with the data from step 5 and mon0 from step 4. This command will boost the data capturing process.
The -1 tells the program the specific attack we wish to use which in this case is fake authentication with the access point. The 0 cites the delay between attacks, -a is the MAC address of the target access point, -h is your wireless adapters MAC address and the command ends with the your wireless adapters device name.
Replace the BSSIDN1 with the data from step 5 and mon0 from step 4. This command will boost the data capturing process.
The -1 tells the program the specific attack we wish to use which in this case is fake authentication with the access point. The 0 cites the delay between attacks, -a is the MAC address of the target access point, -h is your wireless adapters MAC address and the command ends with the your wireless adapters device name.
8) Now wait for few mins, let the DATA in the other console reach a count of 5000.
The data in above screenshot is 1, wait for that to reach 5000.
9) After it reaches 5000, open another console and type aircrack-ng filename-01.cap and hit enter.
Replace the filename with the name you used in step 6. Add -01.cap to it. .cap is the extension of file having captured data packets.
After typing this command, aircrack will start trying to crack the Wi-FI password. If the encryption used is WEP, it will surely crack the password within few minutes.
Replace the filename with the name you used in step 6. Add -01.cap to it. .cap is the extension of file having captured data packets.
After typing this command, aircrack will start trying to crack the Wi-FI password. If the encryption used is WEP, it will surely crack the password within few minutes.
In case of WPA use the following command instead of the above aircrack-ng -w /pentest/wireless/aircrack-ng/test/password.lst -b BSSIDN1 filename-01.cap
Replace BSSIDN1 and filename with data you used. /pentest/wireless/aircrack-ng/test/password.lst is the address of a file having wordlist of popular passwords. In case of WPA aircrack will try to brute force the password. As I explained above that to crack WPA you need a file having passwords to crack the encryption. If you are lucky enough and the networkowner is not smart enough, you will get the password.
wow thanks
ReplyDelete