Welcome
Login / Register

Cracking WPA/WPA2 – PSK Encryption

  • Disclaimer –  (Basically guys, be careful where you use this and please don’t do anything stupid.)
  • In this tutorial, I’m going to hack into a Wi-Fi hotspot that I just set up, named – Anonymus.
    Now, given that we have Kail Linux, open up a terminal window, type in “ifconfig “. This is going to list all the networking interfaces connected to your device.

Here, we only need (wlan0) which is our Wi-Fi card, so we can disable the others by doing “ifconfig down”.
(“lo” does no matter)…

Now, we type “airmon-ng start wlan0

(airmon-ng is just a tool for monitoring air traffic, “start” basically starts the tool, and “wlan0” specifies the interface we are using for monitoring)
It’ll probably show “some processes that could cause trouble”, we’ll simply kill those processes by entering “kill ”.

Now if we do “ifconfig”, it should show us the newly made monitoring interface “mon0”.

Then, put in, “airodump-ng mon0”.
In the screenshot below, the highlighted bssid is our target (and it is my own), named “Anonymus”, the channel is 13 as we can see under the “CH” column.

For our next step we type in, “airodump-ng –c -w –bssid mon0”.

Let me explain a few things here, “airodump-ng” is a tool for capturing Wi-Fi packets, “” means the channel your target is running on, “-w” basically writes a file by the name that succeeds it in “”, (I did “handshake” just for the convenience of it) bssid is a string of numbers specific to a hotspot.

Now, open up a new terminal and type in “aireply-ng -0 0 –a mon0”, this command send a deauthentication signal (usually called a deauth packet) to all the devices connected to that hotspot. Then after a few seconds we stop it by “Ctrl+C”. Now, as we can see, the other terminal shows that the WPA Handshake was successfully captured.

We can close both windows at this point, and open a new one. Type “ls”; that should list the files in the current directory. We can clearly see that the files from the above operation are present. But we only need the file ending with “-01.cap”.

Then we do, “aircrack-ng –w ”.

You may be asking what wordlist? What is that sh*t?

A Wordlist is a file containing thousands of known and possible passwords, which you can download from the internet (“specifying from the internet” ). The one I used can be found here

It will then start searching for matching keys in the word list. Now the time that this will take is solely dependent on the strength of the password. The stronger the password the more time will it take.

Now that we know the password, lets test it…

Annnnd… Voila! it works!

 

 



Post your comment

Comments

Be the first to comment

Related Articles


RSS