- Jul 23, 2017 - Crack WPA/WPA2 Wi-Fi Routers with Airodump-ng. Sudo apt-get install aircrack-ng. Remember the BSSID MAC address and channel ( CH ) number as displayed. Before you run the attack you need a wordlist.
- Your reason for cracking a Wi-Fi password are no doubt noble (we trust you); here's. To use those, or Aircrack-ng on the Mac, you need to install them using.
Aircrack-ng is free to download for Windows, Linux, Mac OS X, FreeBSD, and OpenBSD. Since I’m running Kali Linux 2018.1, Aircrack-ng comes already pre-installed. Aircrack-ng includes a long list of features, which I’ll grab right off the program’s Wikipedia page.
Airodump - ng wlan0mon we get a complete list of all reachable Access points with their BSSID Channel and Signal Strength, Type of Encryption. We are intrested only in BSSID and Chanel because rest we are going to crack. In th command above wlan0mon is the monitor mode interface we created in step 3. Choose your Victim based on Signal Strength which is in PWR Cloumn. When you got your Victim Access Point ( Router) you can stop this process by Ctrl+ C 5- Now we start packet capturing from th Victim by the following command. Aireplay - ng - deauth 1000 - a F4: F2: 6D: 4E: 3D: 8E - c 9C: 99: A0: F2: 05: 19 wlan0mon This will disconnect a particular clinet on Access Point ( Router ) to get Handshake Quickly. 7- After a few Successful handshake Capture we are ready to Crack the password and get it in Plain Text.
Here we can see in Hilighted that Handshake from a Particular Client Captured. We can also check our present Working Directory for the Captured handshake File 8- Lets Crack this using Bruteforce Attack with aircrack-ng the default synatx for aircrack-ng is. Aircrack - ng - w 'wordlist.txt' WPAcrack - 01.cap The Passowrd when crackd will be on you screen in Plaintext anytime soon. DONE, Password here is 0, Higlighted in Pic. Depending on the CPU and other hardwaer Specifications of your System this process will take some time as it may have to go through testing millions of passwords, So make a good but short wordlist to cut sort the number attempts and time taken. On We need a Dictionary or Wordlist file to use Sample Pawwords from, How to Create a good wordlist with crunch– How To Make Good Wordlist using Crunch Default Wordlist in Backtrack is at – /pentest/passwords/worldlists/darkc0de.lst Default Wrdlist in Kali can be located and coppied in current working directory with the command below cp /usr/share/wordlists/rockyou.txt.gz. Unzip / Extract the wordlist file from the compressed file with this command gunzip rockyou.txt.gz Get the number of passwords in this wordlist file rock wc -l rockyou.txt 14344392 passwords in this.
NOTE: A good wordlist should be short in case you know the person very well and can guess the password, so a wordlist can be generated consisting of his house number, name, love affairs, mobile number, date of birth and similar info. It may also be very random in that case you need a much bigger wordlist to try your patience. It may take even 10 Hours of time in that case. You may also download wordlists available on net or try the Dictionary for whole words. How To Disable monitor mode wlan0mon.
In this post I will tell you how to crack wpa/wpa2 wi-fi in kali linux using aircrack-ng. To do this, first you should install kalinux or you can use live kali linux. To make a kali-linux bootable.
To crack Wi-Fi, first, you need a computer with kali linux and a wireless card which supports monitor/injection mode. If your wireless card is not able to do this, you need to get an external wireless card which is capable of monitor/injection mode.
Apart from these tools, you need to have a word-list to crack the password from the captured packets. First you need to understand how Wi-Fi works. Wi-Fi transmits signal in the form of packets in air so we need to capture all the packets in air so we use airodump to dump all the packets in air.After that we should see that if any one is connected to the victim Wi-Fi. If anyone is not connected the Wi-Fi, cracking is not possible as we need a wpa handshake. We can capture handshake by sending deauthentication packets to client connected to Wi-Fi.
Password List Download For Aircrack For Mac Windows 10
Aircrack cracks the password. Step-1:- First open terminal. We need to know the name of the wireless adapter connected to the computer because computer has many adapters connected. Command for this is iwconfig. In my case, my wireless adapter is with the name wlan0. In your case, it may be different. If connected to an external wireless card, it may be wlan1or2.
Step-2:- For some wireless cards, it gives error messages to enable monitor mode on wireless cards. For that, you should use airmon-ng check kill.
Step-3:- In this step, you need to enable the monitor mode on the wireless card. The command is as follows: airmon-ng start wlan0(interface of wireless card). Now this command will enable the monitor mode on the wifi card. So while using interface in any terminal or command line use wlan0mon.
Note:You should use the interface which is indicated with red mark. Step-4:- We need to use the command airodump-ng wlan0mon, this will display all the access points in your surroundings and also the clients connected to that access points.
Now this command captures the packets in the air. This will gather data from the wireless packets in the air. Note:Do not close this terminal. This will be used to know wpa has been captured or not.
Step-5:- In this step we will add some parameters to airodump-ng. Command is airodump-ng -c channel –bssid bssid of wifi -w path to write the data of packets wlan0moninterface.bssid in my case bssid is indicated with red mark.c channel is the channel of victim wifi in my case it is 10(see in previous screenshot for channel number) -w It is used to write the captured data to a specified path in my case it is ‘ /root/Desktop/hack’.
Interface in my case is wlan0mon. In the above command the path /root/Desktop/hack hack is the name of the file to be saved. Above command displays this terminal. Step-6 In this step we deauthenticate the connected clients to the Wi-Fi.
The command is aireplay-ng –deauth 10 -a router bssid interface In the above command it is optional to give the client mac address it is given by -c This will disconnects the client from access point. Screen shot of a client connected to access point. After this the client tries to connect to the Wi-Fi again. At that time, we will capture the packets which sends from client. From this result, we will get wpa handshake. Step-7:- Now we should start cracking the Wi-Fi with captured packets command for this is aircrack-ng -b bssid of router -w path to word list path to capture packets -w path to word list in my case it is ‘ /root/Desktop/wordlist.txt’ If you did not have word list, get one. If you want to generate your custom wordlist, you can visit our other post: How generate word list using crunch.
Now press enter aircrack will start cracking the Wi-Fi. Aircrack cracked Wi-Fi and key found. Note:To use this method you need to have wordlist compulsory there are many wordlists available in internet you can download them. This is my previous post on How To Create the Word list Click Here Leave a comment below in comment section if you have any related queries.