How I hacked/cracked my 1st WiFi network (Part-1)
Any actions and or activities related to the material contained within this Website are solely your responsibility. The misuse of the information on this website can result in criminal charges brought against the persons in question. The authors will not be held responsible in the event any criminal charges be brought against any individuals misusing the information in this website to break the law.
Do good. Be Ethical. Happy Hacking
Why to hack WIFI?
For normal people it’s for free unlimited data I think so but reality of WIFI hacking is different from it . As in this world maximum devises are connected over internet and many of them are connected WiFi network . So if you somehow get an unauthorized of that network and you have potential then you can infect whole network and if you are are hacker then it’s a party hub for experiment your knowledge.
Why to hack WIFI?
The straight answer is “YES” it a crime and it’s illegal . But if you are a Pentesterthen while doing Wireless Penetration Testing you need to analysis that provides detailed information on any and all vulnerabilities related to your wifi networks. So If the owner of the network has allowed it then you can do it.
When we talk about cracking or hacking wireless networks, we’re basically talking about cracking WEP/WPA keys. If you forgot your Wi-Fi password, you could either reset your router or crack your wireless network.
Speaking of cracking/hacking, you’ll need software and hardware resources, and of course, patience. Backtrack, a Linux-based security operating system, can be used to collect information, assess Wi-Fi vulnerabilities, and perform exploits, among other things.
Backtrack includes the following tools:
These are the tools that one may use to get the wifi password of neighbors. This may be because they lost their WiFi password and are wondering about ways to access their neighbor’s WiFi network.
Cracking wireless network keys isn’t a piece of cake, and it takes time and patience. You’ll need the following tools to begin with:
Method 1 (Aircrack-ng)
Requirement
Step 1: Aircrack-ng: Download and Install
Open your terminal and install aircrack-ng
sudo apt-get install aircrack-ng
Step 2: Airmon-ng: Monitor Mode
Now it is required to start the wireless interface in monitor mode.
Monitor mode allows a computer with a wireless network interface to monitor all traffic received from the wireless network.
What is especially important for us — monitor mode allows packets to be captured without having to associate with an access point.
Find and stop all the processes that use the wireless interface and may cause troubles:
sudo airmon-ng check kill
Start the wireless interface in monitor mode:
sudo airmon-ng start wlan0 Interface Chipset Driver wlan0 Intel 6235 iwlwifi - [phy0] (monitor mode enabled on mon0)
In the example above the airmon-ng
has created a new wireless interface called mon0
and enabled on it monitor mode.
So the correct interface name to use in the next parts of this tutorial is the mon0
.
Step 3: Airodump-ng: Authentication Handshake
Now, when our wireless adapter is in monitor mode, we have a capability to see all the wireless traffic that passes by in the air.
This can be done with the airodump-ng
command:
sudo airodump-ng wlan0mon
All of the visible APs are listed in the upper part of the screen and the clients are listed in the lower part of the screen: (As in image below )
Now Start the airodump-ng
on AP channel with the filter for BSSID to collect the authentication handshake for the access point we are interested in:
sudo airodump-ng -c 1 --bssid BSSID -w Test wlan0mon --ignore-negative-one
Now wait until airodump-ng
captures a handshake.
If you want to speed up this process — go to the step #4 and try to force wireless client reauthentication.
After some time you should see the WPA handshake: xx:xx:xx:xx:xx
in the top right-hand corner of the screen.
This means that the airodump-ng
has successfully captured the handshake:
Step 4: Aireplay-ng: Deauthenticate Client (if you are in hurry)
If you can’t wait till airodump-ng
captures a handshake, you can send a message to the wireless client saying that it is no longer associated with the AP.
The wireless client will then hopefully reauthenticate with the AP and we’ll capture the authentication handshake.
Send deauth to broadcast:
sudo aireplay-ng --deauth 100 -a BSSID wlan0mon --ignore-negative-one
Send directed deauth (attack is more effective when it is targeted):
sudo aireplay-ng --deauth 100 -a BSSID -c BSSID mon0 --ignore-negative-one
Step 5: Aircrack-ng: Hack WiFi Password
Unfortunately there is no way except brute force to break WPA/WPA2-PSK encryption.
To hack WiFi password, you need a password dictionary.
And remember that this type of attack is only as good as your password dictionary.
You can download some dictionaries from here.
Crack the WPA/WPA2-PSK with the following command:
aircrack-ng -w wordlist.dic -b BSSID WPAcrack.cap
Summery
So that’s how WIFI are hacked or cracked. But most important you need a Wi-Fi adapter with monitor mode and packet injection but what if you don’t have it .
Method 2
It’s true story of mine 😁
When I started learning hacking (5 to 6 months early ) . I didn’t had any WIFI adapter (I don’t have it till now ) and my system is just a i3 7th gen 4Gb ram laptop (Till now ) plus i didn’t had any WIFI in of my hostel . As you know we need to download vm for practice and the ISO and zip files are huge (1 GB to 20 GB) and my daily data limit was just 2 GB. So the last option was just hack someone’s WIFI . But i didn’t had WIFI adapter for hacking with method 1 . But I was pretty good at scripting in python . So I just made a script that auto put password through terminal and brute force it till it got the right password and I hacked my 1st WIFI in this way it took around 19 min to get the password because the WIFI password was week …….
How i script that and how it’s work………….
Do good. Be Ethical. Happy Hacking
@adarshkrdubay
Originally published at https://adarshkrdubay.github.io.