Hacking WPA, WPA2 or WiFi with Kali Linux

Author: Frank Hunt
Date Of Creation: 20 March 2021
Update Date: 27 June 2024
Anonim
Cracking WiFi WPA2 Handshake
Video: Cracking WiFi WPA2 Handshake

Content

Kali Linux can be used for many things, but is probably best known for its ability to penetrate or "hack" networks such as WPA and WPA2. There are hundreds of Windows applications claiming to hack WPA; don't use it! They are just a scam, used by professional hackers to hack newbie or would-be hackers. There is only one way hackers can get into your network and that is with a Linux OS, a wireless card with monitor mode, and aircrack-ng or similar. Also note that even with these utilities, Wi-Fi cracking is not for beginners. Basic knowledge of how WPA authentication works and some familiarity with Kali Linux and its tools are required, so a hacker accessing your network is unlikely to be a beginner!

To step

  1. Start Kali Linux and login, preferably as root.
  2. Connect your injection-compatible wireless adapter (unless your card in your computer supports it).
  3. Shut down all wireless networks. Open a terminal and type airmon-ng. This will list all wireless cards that support monitor (and non-injection) mode.
    • If no cards are shown, disconnect and reconnect the card, and check if it supports monitor mode. You can check if the card supports monitor mode by typing ifconfig in another terminal - if the card is listed in ifconfig but not in airmon-ng then the card does not support it.
  4. Type "airmon-ng start" followed by the interface of your wireless card. For example, if your card is called wlan0, you would type: airmon-ng start wlan0.
    • The message "(monitor mode enabled)" means that the card has been successfully put into monitor mode. Write down the name of the new monitor interface, mon0.
  5. Type airodump-ng followed by the name of the new monitor interface. The monitor interface is likely mon0.
  6. View the Airodump results. It will now show a list of all the wireless networks in your area, along with a lot of useful information about them. Find your own network or the network for which you are authorized to conduct a penetration test. Once you discover your network on the constantly-populated list, press Ctrl+C. to stop the process. Write down the channel of your target network.
  7. Copy the BSSID of the target network. Now type this command: airodump-ng -c [channel] --bssid [bssid] -w / root / Desktop / [monitor interface]
    • Replace [channel] with the channel of your target network. Paste the network BSSID where [bssid] is, and replace [monitor interface] with the name of your monitor interface, (mon0).
    • A complete command should look like this: airodump-ng -c 10 --bssid 00: 14: BF: E0: E8: D5 -w / root / Desktop / mon0.
  8. Wait. Airodump now only needs to check the target network so we can find out more specific information about it. What we're really doing is waiting for a device to (re) connect to the network, forcing the router to send the four-way handshake needed to crack the password.
    • Four files will also appear on your desktop; This is where the handshake is stored once captured, so don't delete them! But we're not really going to wait for a device to connect. No, that's not what impatient hackers do.
    • We are actually going to use another cool tool that comes with the aircrack suite called aireplay-ng to speed up the process. Rather than waiting for a device to connect, hackers use this tool to force a device to reconnect by sending deauthentication (deauth) packets to the device, making it think it is a new connection to the router. must make. Of course, for this tool to work, someone else has to be connected to the network first, so watch the airodump-ng and wait for a client to arrive. This can take a long time, or just a moment, before the first presents itself. If none shows up after a long wait, then the network may be down now, or you are too far from the network.
  9. Run airodump-ng and open a second terminal. In this terminal, type the following command: aireplay-ng –0 2 –a [router bssid] –c [client bssid] mon0.
    • The –0 is a shortcut for death mode and the 2 is the number of death packets to be sent.
    • -a indicates the bssid of the access point (router); replace [router bssid] with the target network BSSID, for example 00: 14: BF: E0: E8: D5.
    • -c indicates the BSSID clients. Replace [client bssid] with the BSSID of the connected client; this is stated under "STATION".
    • And mon0 of course only means the interface of this display; change it if yours is different.
    • A complete assignment looks like this: aireplay-ng –0 2 –a 00: 14: BF: E0: E8: D5 –c 4C: EB: 42: 59: DE: 31 mon0.
  10. Press ↵ Enter. You see how aireplay-ng ships the packages, and in a few moments you should see this message on the airodump-ng window! This means that the handshake has been logged and the password is in the hacker's hands, in one form or another.
    • You can close the aireplay-ng window and click Ctrl+C. in the terminal of airodump-ng, to stop monitoring the network, but don't do this yet, in case you need some of the info later.
    • From this point on, the process is completely between your computer and those four files on the desktop. Of these, .cap is especially important.
  11. Open a new terminal. Type the command: aircrack-ng -a2 -b [router bssid] -w [path to wordlist] /root/Desktop/*.cap
    • -a is used by the aircrack method for cracking the handshake, the method 2 = WPA.
    • -b stands for BSSID; replace [router bssid] with the target router's BSSID, such as 00: 14: BF: E0: E8: D5.
    • -w stands for glossary; replace [path to wordlist] with the path to a word list you downloaded. For example, you have "wpa.txt" in the root folder. Thus "/ root / Desktop / *".
    • .cap is the path to the .cap file with the password; the asterisk ( *) is a wildcard in Linux, and assuming there are no other .cap files on your desktop, this should work fine as is.
    • A complete assignment looks like this: aircrack-ng –a2 –b 00: 14: BF: E0: E8: D5 –w /root/wpa.txt /root/Desktop/*.cap.
  12. Wait for aircrack-ng to start the password cracking process. However, it will only crack the password if the password is in the dictionary you selected. Sometimes this is not the case. If so, then you can congratulate the owner on his network being "impenetrable", of course only after trying every word list a hacker might use or create!

Warnings

  • Breaking into someone's Wi-Fi without permission is considered an illegal act or crime in most countries. This tutorial is for performing a penetration test (hacking to make a network more secure), and using your own test network and router.

Necessities

  • A successful installation of Kali Linux (which you have probably already done).
  • A wireless adapter suitable for injection / monitor mode
  • A glossary to try to "crack" the handshake password once it is committed

For You

How to Get Rid of Ringworm: Can Natural Remedies Help?
How to Get Rid of Ringworm: Can Natural Remedies Help?
How to be a role model
How to be a role model
How to jump long
How to jump long
How to make a Wonder Woman costume
How to make a Wonder Woman costume