Intro to lớn Wirelesss HackingPeople developed wireless facility khổng lồ provide mạng internet connection in 1990s under the type of WEP( Wired Equivalent Privacy) but nope , geniuses lượt thích you created number of ways lớn crack it. So after so much of grinding over the encryption concept by the computer scientist và cybersecurity analyst và researchers they came up with the concept of of WPA2-PSK.
Bạn đang xem: Hướng dẫn hack wifi theo chuẩn bảo mật wpa2
WPA2-PSK is WiFi Protected Access 2 along with a pre-shared key for wireless security, now here , WPA2 holds a stronger encryption algorithm and AES which is very tough to crack but again geniuses lượt thích you love to tear apart each và every obstacle coming up in their way, then who the hell is stopping you, we have the solution here , read it step by step and finish off this mountain too.
But yes, one has to be purely technical to lớn get this obstacle done because penetrating và getting access khổng lồ someone’s network isn’t small stuff. Once you’re done getting in, you can tap, track, or access any of the devices connected khổng lồ that network.
Basic Algorithm behind the hack
The vulnerability or loophole in a WPA2-PSK system is that the password which is encrypted is embedded in the 4-way handshake. When a user authenticates lớn the access point( for kiddos: when you try khổng lồ connect to a wifi), the user & the access point(AP) go through a password matching session or in a technical language we can say, a 4 step- process to authenticate the user to lớn the access point. At that point of time our machine using a hardware tool which we will discuss next , tries khổng lồ grab the password by matching it through our own các mục of words.
Just a WiFi adapter with monitor mode enabled such as Leoxys 150N, ,Alpha 150 mbps(recommended one) & Alpha 1900(best one).
our wlan0 adapter will be renamed as wlan0mon by the airmon-ng
Step 2: Capturing wireless traffic
This is done in order lớn capture all the traffic in the air that passes by, it is done by our adapter. For this we take help from the command airodump-ng.
This command collects all the critical information of the wireless traffic in that particular area such as BSSID, number of beacon frames, power, channel , speed và encryption.
Step 3: Targeting the AP we want
In this step we have to target the access point that we want or capture the critical data. For this we will be needing the BSSID & channel of the targetted access point(AP) to do this. This is carried out by opening an another terminal and processing the below command:
$: airodump-ng –bssid C4:9F:4C:F8:0F:7F -c 11 –write WPAcrack mon0
-c 11 is the channel of the AP we are working upon
WPAcrack is the tệp tin in which our pass will be saved
mon0 is the name of the adapter
Now in the above image , we can see , it has started focussing on only one AP which we want to lớn crack and get its password..
Step 4: Using Airplay-Ng for Deauth
Now, to capture the encrypted password, we need lớn have the user to authenticate against the access point. If they’re already authenticated then we can just de-authenticate them & their device will automatically re-authenticate, meanwhile we can grab their encrypted password in the process. For this, we have xuất hiện another terminal and execute the below command:
$> aireplay-ng –deauth 100 -a C4:9F:4C:F8:0F:7F mon0
100 is the frames of de-authentication which we are sending
C4:9F:4C:F8:0F:7F is the BSSID of the access point
mon0 is the name of our adapter
Step 5: Capturing the handshake
Now, in the previous step we made the user to disconnect from their wifi network to reconnect và now while reconnection by the user’s device to lớn the AP or WiFi , airodump-ng will attempt lớn grab the wifi password. For this lets get back to lớn our airodump-ng terminal & right there we would be able to see WPA handshake. This is signal that we were successfull in getting the password which is in an encrypted form.
Step 6: Decrypting the encrypted password
Now, we will be again using our main weapon command aircrack-ng to decrypt the encrypted password which we grabbed from the re-authenticatoin between the user và the AP. Now, this process depends upon how strong is our dictionary file or wordlist file. In easy words, we can say a menu of different combination of words. This can be done by executing the below command
here , WPAcrack-02.cap is the file name in which we wrote the airodump-ng command
-w rockyou.txt is our file containing list of passwords
After this process, it all depends upon our system processing speed, GPU , the wifi adapter we are using và the most important the password length and character types used in it. Password with more than 8 length including possible combinations of upper case, lower case & special symbols+numbers take alot of time. After this process a message on the terminal appears with the password.
Getthe latest tech news and updates,ethical hacking tutorialsandcybersecurity tips & tricks. Kiểm tra outecole.vnfor more.
Sometimes we include links to online retail stores and/or online campaigns. If you click on one & make a purchase we may receive a small commission.