Here, we need (wlan0) which is our wifi card.So we will disable others by typing ifconfig("name of interface")down.
now we will type "airmon-ng start wlan0"
(airmon-ng is a tool for monitoring air traffic, “start” basically starts the tool, and “wlan0” specifies the interface we are using for monitoring)
It’ll probably show “some processes that could cause trouble”, we’ll simply kill those processes by typing “kill <process ID>”.
It’ll probably show “some processes that could cause trouble”, we’ll simply kill those processes by typing “kill <process ID>”.
Now if we type "ifconfig" it will only show the monitoring mode "mon0"
Then,type, “airodump-ng mon0”.
In the screenshot below, the highlighted bssid is our target (and it is my own), the channel is 13 as we can see under in “CH” column.
In the screenshot below, the highlighted bssid is our target (and it is my own), the channel is 13 as we can see under in “CH” column.
In next step we will type “airodump-ng –c <channel> -w <name> –bssid <bssid> mon0”.
Let me tell you few things here, “airodump-ng” is a tool for capturing Wi-Fi packets, “<channel>” means the channel your target is running on, “-w” basically writes a file by the name that succeeds it in “<name>”, (I did “handshake” just for the convenience of it) bssid is a string of numbers specific to a hotspot.
Than, open up a new terminal and type “aireply-ng -0 0 –a <bssid> mon0”, this command send a deauthentication signal (usually called a deauth packet) to all the devices connected to that hotspot. Then after few moments stop it by “Ctrl+C”. Now, as we can see, the other terminal shows that the WPA Handshake was successfully captured.
We will close both windows at this point, and open a new one. Type “ls”; that should list the files in the current directory. We can clearly see that the files from the above operation are present. But we only need the file ending with “-01.cap”.
Then open a new terminal type, “aircrack-ng –w <full location of the wordlist> <the file name>”.remember it the file will be ending with .cap.
You may be asking what wordlist? What is that sh*t?
A Wordlist is a file containing thousands of known and possible passwords, which you can download from the internet. The one I used can be found here. The list contains 982,963,904 words exactly all optimized for WPA/WPA2. Would also just like to point out that this is not my work, I got it from forums.hak5.org. It was a guy who compiled a whole load of useful lists, including his own to come up with 2 lists (one is 11gb and one is 2gb) I will be seeding this torrent indefinitely since it is shareware and it's awesome!
A Wordlist is a file containing thousands of known and possible passwords, which you can download from the internet. The one I used can be found here. The list contains 982,963,904 words exactly all optimized for WPA/WPA2. Would also just like to point out that this is not my work, I got it from forums.hak5.org. It was a guy who compiled a whole load of useful lists, including his own to come up with 2 lists (one is 11gb and one is 2gb) I will be seeding this torrent indefinitely since it is shareware and it's awesome!
It will then start matching keys in the word list. Now the time it will take completely depend's on the strength of the password. The stronger the password the more time will it take.
After completion it looks something like the screenshot below. In it, you can see that it tested 45688 keys and my key was the 45689th.
Now you can use this passowrd on that wifi network and enjoy.This tutorial is completely for educational purpose.For further tricks.tips and news from world of technology and hacking stay tuned to hackaklash.blogspot.com
No comments:
Post a Comment