- Как взламывать Wi-Fi сети с помощью Kali Linux
- How to HACK WiFi password [100% Working]
- Pre-requisites
- Step-1: Understanding 2.4 GHz and 5 GHz WIFI Networks
- Step-2: Understanding Managed Mode and Monitor Mode
- Enable Monitor Mode
- Step-3: Packet Sniffing with Airodump-ng
- Step-4: Targeted Packet Sniffing
- Step-5: Deauthentication Attack
- Step-6: How to hack WiFi — Using a Wordlist Attack
- Conclusion
- 1 thought on “How to HACK WiFi password [100% Working]”
- Leave a Comment Cancel reply
- Ethical Hacking Tutorial
Как взламывать Wi-Fi сети с помощью Kali Linux
Раз вы тут то вы серьёзно захотели узнать пароль от соседского Wi-Fi или пришли за знаниями, рассмотрим теорию взлома:
Большинство роутеров используют технологию «WPA 2» который пришел на замену устаревших «WPA» и «WEP» , устранив их проблемы с безопасностью
но по одной старой фразе: для каждой болезни (защиты) найдется лекарство (способ взлома)
и у «WPA 2» есть уязвимость в виде «Hanshake» ( хендшейк, на русском рукопожатие) — процесс знакомства клиента и модема, во время которого устройства идентифицируют друг друга и обмениваются секретными ключами. Handshake происходит каждый раз, когда мы подключаемся к модему, роутеру серверу и тд.
Суть взлома: Перехватить ‘Handshake’ , и расшифровать его секретные ключи
Четырехстороннее рукопожатие (англ. four-way handshake) – механизм создания парного переходного ключа PTK для защиты трафика.
самое важное в этом рукопожатии это 2 рукопожатие и в добавок к нему необходим первый или третий
минимальный вариант 2 и 3 рукопожатия
Надеюсь у вас уже есть компьютер с Kali Linux установить ее не сложнее чем Windows
попробуем взломать ТЕСТОВУЮ сеть
Для этого нам понадобится aircrack-ng (в Kali предустановлен) и BetterCap (Устанавливать придется самому)
sudo apt update sudo apt install golang git build-essential libpcap-dev libusb-1.0-0-dev libnetfilter-queue-dev sudo go install github.com/bettercap/bettercap
Bettercap – программа для мониторинга и спуфинга. Установим bettercap из исходников. Введем в терминале следующие команды:
Еще вам надо проверить вашу сетевую карту
если она не имеет функции мониторинга то она не подойдет
How to HACK WiFi password [100% Working]
If you aspire to become an ethical hacker or a penetration tester, one of the areas you will cover is Network Hacking. That involves spoofing MAC addresses, Deauthentication attacks, Bypassing MAC filtered networks, Hacking WEP/WPA/WPA2 wifi passwords, WPS exploitation, and much more.
This post will give a step-by-step guide on How to hack WiFi passwords (WPA / WPA2) using Kali Linux.
Hacking, or attempting to gain unauthorized access to computer systems, networks or data, is illegal and strictly prohibited. It can result in severe legal consequences and should not be attempted. As an AI language model, I strongly advise against engaging in any form of hacking activity. This article is written for educational purpose only and should only be carried out in a virtual penetration testing lab. with proper consents from all required stake holders.
Pre-requisites
You must have an installed setup of Kali Linux. You can easily install Kali Linux (if you don’t have one) in a couple of minutes using Oracle VirtualBox or any other similar software. All the tools we will use are open-source and already pre-installed on Kali Linux.
Step-1: Understanding 2.4 GHz and 5 GHz WIFI Networks
The 802.11 standard provides several distinct radio frequency ranges (WIFI bands) for use in Wi-Fi communications. Some of the most common bands are 2.4 GHz and 5 GHz. These WIFI bands:
- Determine the frequency range that is used to support communication
- Determine the channels that are used to support communication
- Client devices need to support the band used by the router to communicate with it. Therefore, if the router uses the 5 GHz frequency, your device needs to support this band to connect to the router.
- Data could be sniffed from a certain band if the wireless adapter used supports the band.
Currently, most routers support both bands, and you can enable any of them or both at once.
From the router image above, the WIFI band 2.4 GHz is referred to as Wireless while the 5 GHz band is referred to as Wireless 5G. When cracking WIFI passwords, your network card needs to support the frequency band used by the WIFI network you want to crack. Therefore, if you want to crack a 5 GHz network, and your network card only supports 2.4 GHz, this WIFI network will not even be visible to your PC.
Step-2: Understanding Managed Mode and Monitor Mode
Since we will be capturing data packets sent by the router, we need to understand the difference between Managed mode and Monitor mode. Any device that supports a wireless connection uses a Network Interface Card (NIC). Most of them are inbuilt, but nowadays, you can purchase a USB network card and connect to a WIFI network much easier. A Network Interface Card, by default, is set to Managed mode. That means it can only capture packets sent directly to it by the router. Packets that contain our MAC address as the destination address.
To capture as many packets as possible that will aid us in the WIFI password cracking process, we need to put our card in Monitor mode. That way, we can capture packets sent to us and any other device around us.
Enable Monitor Mode
Execute any of the commands below to see the name of the wireless card n your device.
By default, wireless cards on Kali start with the name wlan . My device supports two wireless cards. From the image below, you can see I have wlan0 and wlan1.
To enable mode on our device, we will use a tool called airmon-ng . Execute the command below and replace the name wlan1 with the name of your card.
To confirm whether your card was successfully put in monitor mode, execute the command below:
Sometimes, Kali might add a suffix mon to the card after putting your device on monitor mode. For example, if your card was wlan1, it will be renamed to wlan1mon .
At times, you might need to stop troublesome processes before putting your card in monitor mode. They will interfere by changing channels and sometimes putting the interface back in managed mode. Execute the command below:
Step-3: Packet Sniffing with Airodump-ng
With our card successfully put on monitor mode, we can start the packet sniffing process. Execute the command below, replacing wlan1 with the name of your card.
A window similar to the one below will open.
The top section shows information about the routers/access points within the proximity of our wireless card in monitor mode. The bottom section shows us the client devices and which networks they are connected to. To hack WIFI passwords, much of the information we need is in the top section. Let’s look understand what the different columns represent in detail.
- BSSID: This represents the MAC address of our router or Access point.
- PWR: This column shows how close or far the router is to our device. From the image above, the one with -1 is very close, while -81 shows it’s very far.
- Beacons: These are the packets sent by the Access Point to announce its presence.
- # Data: This column represents the captured data packets
- #/s: The number of packets captured in the last 10 seconds
- CH: The channel which the Access Point is communicating on
- MB: The maximum speed supported by the Access Point
- ENC: The Encryption algorithm used by the Access Point
- CIPHER: The Cipher detected on the network
- AUTH: The mode of authentication supported by the Access Point
- ESSID; The name of the WIFI network
In this step, we sniffed packets, but we did not store them. It was just a random sniffing attack. Now, let’s do a targeted packet sniffing and use the captured packets to hack WIFI password.
Step-4: Targeted Packet Sniffing
In this tutorial, we will hack the password of the Safaricom Home-2 WIFI network. However, there is a catch! The image above shows that the network uses the WPA2 encryption algorithm—one of the most secure algorithms used in WIFI security.
To crack this type of encryption, we will need to capture as many Handshake packets as possible. These are the packets transmitted between the Access Point (Router) and the Client device when establishing a connection. We will use the syntax below.
airodump-ng --bssid --channel --write E.g # airodump-ng --bssid E4:AB:89:AA:74:1B --channel 12 --write SafaricomCapture wlan1
SafaricomCapture is the name of the file where we will store the captured packets.
Now, we have one problem. Handshake packets are only transmitted only when a client connects to a router. Once the connection is established, we cannot capture any more handshake packets. However, what if there was a way we could disconnect clients from our network, and when they reconnect, we capture as many handshake packets as possible. Luckily there is.
Step-5: Deauthentication Attack
While the Targeted Packet Sniffing is still running, we can open a new Terminal window and perform a deauthentication attack. This kind of attack removes users from the WIFI network, and when they reconnect, you can capture as many handshake packets as possible.
We will use the syntax below using a tool called. aireplay-ng .
aireplay-ng --deauth -a E.g #aireplay-ng --deauth 50 -a E4:AB:89:AA:74:1B wlan1
If you wanted to disconnect a particular device, you would use the syntax below:
Step-6: How to hack WiFi — Using a Wordlist Attack
Once we have captured enough packets, we can start the password cracking process. Execute the ls command on your working directory. You will see several files with the name of the file containing the captured packets. We will use the file with the .cap extension. The tool we will use for cracking is aircrack-ng .
We can actually start cracking the WIFI password as the packet sniffing is going on — we track packets as we continue collecting more. We will use the syntax below:
aircrack-ng -w E.g # aircrack-ng SafaricomCapture-01.cap -w /usr/share/wordlists/mywordlist.txt
From the image above, you can see we successfully cracked the password of the WPA2 WIFI network.
Conclusion
With a wordlist large enough, you can hack WIFi passwords easily. However, if the password is very complex, it will take some time — from 10 minutes, 2 hours to more than a day. You can speed up the cracking process by using a powerful GPU instead of a CPU or use Rainbow tables. If all that fails, you will need to use social engineering and dupe a user into revealing the WIFI password.
Didn’t find what you were looking for? Perform a quick search across GoLinuxCloud
If my articles on GoLinuxCloud has helped you, kindly consider buying me a coffee as a token of appreciation.
For any other feedbacks or questions you can either use the comments section or contact me form.
Thank You for your support!!
1 thought on “How to HACK WiFi password [100% Working]”
getting interested in using the kali linux os for security purposes and with such guidelines and targeted practise i hope we might get along just fine Reply
Leave a Comment Cancel reply
Ethical Hacking Tutorial
- Install Kali Linux
- Create Kali Linux bootable USB
- Dual boot Ubuntu with Kali Linux
- Install Kali Linux on VirtualBox
- Install Kali Linux on Raspberry Pi
- Install Kali Linux on Android
- Install Kali Linux on Apple M1 with UTM
- Setup Virtual PenTesting Lab
- Setup Android Pentesting Lab
- Setup Hacking Lab
- Manage Pentest Projects with Cervantes
- Nettacker — Automated Pentesting Framework
- MobSF: Android App Pentesting
- APKHunt: Android App Pentesting
- Hack Social Media Accounts — ZPhisher
- Analyze phishing email — Thephish
- Install Gophish phishing framework
- Gophish Phishing Campaign
- FiercePhish Phishing Campaign
- Snapchat Phishing using Grayfish
- Using SocialFish to Hack Credentials
- Social Engineering Toolkit Credentials Phishing
- Lockphish V2.0 PIN phishing attack
- Evil Twin WiFi Attack with Airgeddon
- Browser-in-the-Browser Attack
- Install Caine OS for Forensic Analysis
- Install Metasploit Framework
- Install OWASP Juice Shop
- Install DVWA
- Install Tor Browser
- Install Pyrit
- Embed payload in PDF File
- Embed Metasploit Payload on APK
- Payload Injection — Shellter
- Obfuscate Android Payload — ApkBleach
- Create windows undetectable payload — Technowlogger
- Learn hacking with Metasploitable
- Network Reconnaissance with Nmap
- BEeF Hacking Framework
- Intercept Network Traffic
- Track IP Address using Image
- Find Hidden Endpoints
- Using WiFi Honeypot for Ethical Hacks
- Hack Wi-Fi password
- Encode message in image — Steganography
- Shodan — The Search Engine for Hackers
- L3MON — Hack Android Mobile Remotely
- Torshammer — Perform DDoS attack
- Local File Inclusion Attack
- Using Xerosploit
- Using Arpspoof
- DVWA SQL Injection Exploitation
- DVWA Exploits
- Kali Vulnerability Scanner Tools
- WPScan: WordPress Vulnerability Scanner
- The Best 5 OSINT Tools
- Using Infooze Tool
- Using Mitaka Tool
- Create Reverse Shell
- WordPress Reverse Shell
- Subdomain Enumeration Tools
- SMTP Enumeration Tools
- DNS Enumeration Tools
- Wordlist Generator using Crunch
- Automate SSH Brute Force Attack
- Fuzzing Tools for Web Application Pentesting
- Bypass CSRF Protection
- Password Cracker — John The Ripper (JTR)
- Crack Hashed Password — Hashview
- Attack Login Forms with Burpsuite and THC-Hydra
- Perform Postgres DB Brute Force Attack
- Perform VNC Brute Force Attack