There are basically 2 types of security keys :
WEP( Wireless Encryption Protocol) : This is the most basic form of encryption. This has become an unsafe option as it is vulnerable and can be cracked with relative ease. Although this is the case many people still use this encryption.WPA( Wi-FI Protected Access) : This is the most secure wireless encryption. Cracking of such network requires use of a wordlist with common passwords. This is sort of brute force attack. This is virtually uncrackable if the network is secured with a strong password.So lets begin the actual Wifi Hacking tutorial!
In order to crack wi-fi password, you require the following things :
1.A Desktop or Laptop having a Wireless Adapter
2.Backtrack Live DVD : This DVD is used to boot into backtrack OS, Backtrack OS is a hacking OS and will be used in my further hacking tutorials that is why I am asking to download it. It can be downloaded at : Download Backtrack to hack wifi Passwords
3.Brain! ( The most important part)
These are the things you require now let us proceed with the steps to crack wifi passwords easily.
1.Download the Backtrack OS ISO image and burn it to a DVD. Boot from that DVD ( Insert that DVD into CD-ROM and restart your PC.) You will see backtrack starting. Choose “Backtrack Default text version”. After that it will start executing some commands. Wait till you see something like in the following screenshot :
You will see root@bt:’# , Type startx and hit enter.
The color of the screen will be different as the screenshot is of the earlier version of backtrack. You will get a red-black screen of backtrack. Wait for few minutes, after it is done, you will get a desktop like version of backtrack.
Now Open the Konsole from the taskbar, Click on the icon against the dragon like icon in the taskbar in the above screenshot.You will have a Command Prompt like Shell.
2).Type airmon-ng and hit Enter. You will have a screen like this, note down the name of interface, in our case the the name is wlan0.
3.Now type ifconfig wlan0 down and hit enter.
This command will disable your wireless adapter, we are doing this in order to change your MAC address.
3.Now type ifconfig wlan0 hw ether 00:11:22:33:44:55 and hit enter.
This command will change your MAC address to 00:11:22:33:44:55 in order to hide your identity.
4.Now type airmon-ng start wlan0 and hit enter.
This will start the network adapter in monitor mode. Note down the new interface name, it could be eth0 or mon0 or something like that.
The above command has started our network adapter in monitor mode as mon0, note down this name.
5.After this type airmon-ng mon0 and hit enter
Replace the mon0 with interface name you discovered in step 4. This command will show you the list of available networks. Press Ctrl+C to stop the airmon to search for more networds. Copy the BSSID of the wireless network which you want to hack.
In the above screenshot there is a list of available networks, Choose 1 network and note the BSSID andchannel of it.
6.Type airodump-ng -c channelno –bssid BSSIDN1 mon0 -w filename and hit enter.
Replace channelno and BSSIDN1 with the data from step 5. Replace the mon0 with network interface name from step 4. In place of filename write anyname and do remember that. Better use filename itself.
This command will begin capturing the packets from the network.You need to capture more and more packets in order to crack the wifi password. This packet capturing is a slow process.
7.To make the packet capturing faster, we will use another command. Open a new shell, don’t close the previous shell. In new shell type aireplay-ng -1 0 -a BSSIDN1 -h 00:11:22:33:44:55 mon0 and hit enter.
Replace the BSSIDN1 with the data from step 5 and mon0 from step 4. This command will boost the data capturing process.The -1 tells the program the specific attack we wish to use which in this case is fake authentication with the access point. The 0 cites the delay between attacks, -a is the MAC address of the target access point, -h is your wireless adapters MAC address and the command ends with the your wireless adapters device name.
8.Now wait for few mins, let the DATA in the other console reach a count of 5000.
The data in above screenshot is 1, wait for that to reach 5000.
9.After it reaches 5000, open another console and type aircrack-ng filename-01.cap and hit enter.
Replace the filename with the name you used in step 6. Add -01.cap to it. .cap is the extension of file having captured data packets.After typing this command, aircrack will start trying to crack the Wi-FI password. If the encryption used is WEP, it will surely crack the password within few minutes.
In case of WPA use the following command instead of the above aircrack-ng -w /pentest/wireless/aircrack-ng/test/password.lst -b BSSIDN1 filename-01.cap
Replace BSSIDN1 and filename with data you used. /pentest/wireless/aircrack-ng/test/password.lst is the address of a file having wordlist of popular passwords. In case of WPA aircrack will try to brute force the password. As I explained above that to crack WPA you need a file having passwords to crack the encryption. If you are lucky enough and the network owner is not smart enough, you will get the password.
I hope that you will get what I have explained above, to make the explanation even more clear, I have made a sample video for you guys. I hope you will love this video :
Well that is all for this Wi-Fi Cracking Tutorial. I hope now you will know how to hack a wifi password easily.