If the Dictionary is way too small for the WPA WPA2 keys and not found normally, how can i add a very good Dictionary like that 33GB into Backtrack 4 as my wordlist after capturing a Handshake. â
â
â
IMPORTANT READ DESCRIPTION! â
â
â
Download big wordlists / dictionary + 180GB. Aircrack ng is an 802 11 WEP and WPA PSK keys cracking program that can recover keys once enough data. The free Aircrack download for PC works on most current.
Crack WPA/WPA2 Wi-Fi Routers with Airodump-ng and Aircrack-ng/Hashcat.
This is a brief walk-through tutorial that illustrates how to crack Wi-Fi networks that are secured using weak passwords. It is not exhaustive, but it should be enough information for you to test your own network's security or break into one nearby. The attack outlined below is entirely passive (listening only, nothing is broadcast from your computer) and it is impossible to detect provided that you don't actually use the password that you crack. An optional active deauthentication attack can be used to speed up the reconnaissance process and is described at the end of this document.
If you are familiar with this process, you can skip the descriptions and jump to a list of the commands used at the bottom. For a variety of suggestions and alternative methods, see the appendix. neal1991 and tiiime have also graciously provided translations to this document and the appendix in Chinese if you prefer those versions.
DISCLAIMER: This software/tutorial is for educational purposes only. It should not be used for illegal activity. The author is not responsible for its use. Don't be a dick.
Getting Started
This tutorial assumes that you:
Cracking a Wi-Fi NetworkMonitor Mode
Begin by listing wireless interfaces that support monitor mode with:
Free download hp deskjet d1360 printer driver for win7. If you do not see an interface listed then your wireless card does not support monitor mode ?
We will assume your wireless interface name is
wlan0 but be sure to use the correct name if it differs from this. Next, we will place the interface into monitor mode:
Run
iwconfig . You should now see a new monitor mode interface listed (likely mon0 or wlan0mon ).
Find Your Target
Start listening to 802.11 Beacon frames broadcast by nearby wireless routers using your monitor interface:
You should see output similar to what is below.
![]()
For the purposes of this demo, we will choose to crack the password of my network, 'hackme'. Remember the BSSID MAC address and channel (
CH ) number as displayed by airodump-ng , as we will need them both for the next step.
Capture a 4-way Handshake
WPA/WPA2 uses a 4-way handshake to authenticate devices to the network. You don't have to know anything about what that means, but you do have to capture one of these handshakes in order to crack the network password. These handshakes occur whenever a device connects to the network, for instance, when your neighbor returns home from work. We capture this handshake by directing
airmon-ng to monitor traffic on the target network using the channel and bssid values discovered from the previous command.
Now we wait.. Once you've captured a handshake, you should see something like
[ WPA handshake: bc:d3:c9:ef:d2:67 at the top right of the screen, just right of the current time.
If you are feeling impatient, and are comfortable using an active attack, you can force devices connected to the target network to reconnect, be sending malicious deauthentication packets at them. This often results in the capture of a 4-way handshake. See the deauth attack section below for info on this.
Once you've captured a handshake, press
ctrl-c to quit airodump-ng . You should see a .cap file wherever you told airodump-ng to save the capture (likely called -01.cap ). We will use this capture file to crack the network password. I like to rename this file to reflect the network name we are trying to crack:
Crack the Network Password
Ricoh sp111 drivers download. The final step is to crack the password using the captured handshake. If you have access to a GPU, I highly recommend using
hashcat for password cracking. I've created a simple tool that makes hashcat super easy to use called naive-hashcat . If you don't have access to a GPU, there are various online GPU cracking services that you can use, like GPUHASH.me or OnlineHashCrack. You can also try your hand at CPU cracking with Aircrack-ng.
Note that both attack methods below assume a relatively weak user generated password. Most WPA/WPA2 routers come with strong 12 character random passwords that many users (rightly) leave unchanged. If you are attempting to crack one of these passwords, I recommend using the Probable-Wordlists WPA-length dictionary files.
Cracking With
|
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |