CRACKING WIFI NETWORK—ALL IN ONE
THIS PAGE IS ONLY FOR AWARENESS AMONG
THE PEOPLES ABOUT THE CYBERS ATTACK
AND HOW TO DEFEND THEM.
HERE EVERY POST NOT TO SPREAD CRIME ON
PLEASE DON'T MAKE ANY CRIMINAL
DO IT AT YOUR OWN RISK.THIS PAGE IS NOT
RESPONSIBLE FOR ANY CRIMINAL ACTIVITY.
WIFI CRACKING IS ALWAYS IN CRAZE FOR EVERY ONE ....
EVERY ONE WANT AN FREE WIFI NETWORK....
SO HAVE COME WITH SSOLUTION......
WHAT ARE THINGS REQUIRED FOR WIFI CRACKING----
1. KALI LINUX // IT ALSO CAN BE DONE BY OTHER OS
2. WIFI CARD CAPATIBLE OF MONITOR MODE // i am using currently...
'' NETGEAR N150 WIFI ADAPTER” ON FLIPCARD RS. 735 ONLY IT SUPPORT ON KALI 1.1.0 //CURRENTLY I AM WORKING ON IT...
U CAN USE ANOTHER WIFI CARD....
----use ALFA AWUS036H
3.AIRCRACK-NG WHICH CAME ALONG WITH KALI-LINUX
there are mainly three type of security...
a.WEP (wiered encypted privacy)
b.WPA(wifi protected acess)
---------------CRACKING WEP NETWORK---------------
actually in WEP the password is encrypted with string have random charecter evry time...
called IV(initial vector)
so encryption in WEP is like that----
PASSWORD +IV = ENCRYPTE TEXT
also in WEP password length are----
PASSWORD IV ENCRYPTION
40 bit 24 bit 64 bit
104 bit 24 bit 128 bit
so as u see in both type the IV lenth remain same 24 bit wich countinoiusly change
in every second.
SO THE MAIN WEAKNESS IN THE WEP IS THAT ITS IV LENGTH REMAIN SAME.
So our main target is to catch the IV'S from that network.
connect your wifi card to the kali and open up the terminal and type
check ur wifi interface in last....mine is wlan0
type .....airmon-ng start wlan0 //interface name
this command used for turn on monitor mode ur wifi card
without connecting to them
to check whether monitor mode on or not....
it will now show another interface name ...mine is mon0
airodump-ng mon0 // new interface name which is in monitor mode
now this will show all the wifi network in ur area
like bssid , mac adress ,channel number
BEFORE WE GO FHURTHER...WE HAVE TO LEARN SONE BASIC TERMS MEANING......
BSSID (Basic Service Set Identification): the MAC address of access point
PWR: Signal level reported by the card.
Beacons: Number of announcements packets sent by the AP
#Data: Number of captured data packets (if WEP, unique IV count), including data broadcast packets.
#/s: Number of data packets per second measure over the last 10 seconds.
CH: Channel number (taken from beacon packets).
MB: Maximum speed supported by the AP. If MB = 11, it's 802.11b, if MB = 22 it's 802.11b+ and higher rates are 802.11g.
ENC: Encryption algorithm in use.
CIPHER: The cipher detected. TKIP is typically used with WPA and CCMP is typically used with WPA2.
AUTH: The authentication protocol used.
ESSID: Shows the wireless network name. The so-called “SSID”, which can be empty if SSID hiding is activated.
now to start capturing IV'S.....
airodump-ng -c (channel number) --bssid (mac adress) -w dump mon0//interface nameBut notice one thing below..it shows some colum name STATION ..and NAME OF NETWORK..
actually these are the mac adress of the connected computers in the network right now.
NOW SELECT ANY NETWORK HAVING WEP SECURITY ,,AND WRITE DOWN ALL THE DETAILS....
this will start capturing IV'S ....wait untill it capture 25000 IV's.
More number of the IV'S more possibility to crack password .
So after this its time to crack the password using the captured IV'S ..by dictionary
But, sometimes due to ....long complex password or due to low traffic on the victim network...new genration of IV'S is very slow.....
so cracking WEP can take 5 minute or 5 hours........depend on traffic on the network....
more traffic more IV'S generated...so easy to crack the password........
but u know......hacker quetes......HACKER CAN'T WAIT ........
there is solution to create traffic on the network.....by aireplay-ng command......
But ,before check wether ur wifi card...support the arp injection or not by this command
aireplay-ng -9 mon0
where -9 represent the testing of wifi card..
aireplay-ng -1 -0 -a (mac address) -c (connected computer mac address) mon0 //new interface
-a ---represent the mac addresss of the target
-c------ this is the mac address of the client which is already connected to the network...
but how u will gain this mac addresss.......remember while u dump on the network u will get
another tabvle name 'STATION' WHICH LIST THE CONNECTED CLIENTS........
tjis will list all the available network in the area along with it dump the clients mac addresss ,who are connected currently in thye network.....
aircrack-ng -b (mac adress) dump*.cap
aircrack-ng -k -b (mac adress) dump*.cap // FMS/KOREK technique
both are the pretty same...use any
BOOM.....U GOT THE F***ING WIFI PASSWORD..........
AWARE...SECURE.. AND SAFE....UNTIL NEXT BLOG
THIS IS ZEROCOOL.......sign out