Crack WiFi Password With Aircrack-ng Suite:
Hi,
In this blog we will lean how to crack WiFi password with ‘Aircrack-ng Suite’, so lets see how to do that……
Disclaimer : This is only for educational purpose do not try to hack anyone without their permission. Hacking is illegal do it in your own lab environment.
Requirements :-
(1). A good WiFi Adapter( A WiFi that supports monitor mode & packet injection.(get some best WiFi adapters here”)
(2). Good password lists ( such as rockyou.txt , SecLists or your custom password-lists or Other )
(3). Aircrack-ng suite should be installed in your system(click here for installation guide)
“Lets understand how its works, password share between WiFi(AP) and client devices in hashed form so we will capture that hash and crack it, the hashed verify in form of handshake, for capture that handshake we will perform Deauthentication Attack during this period when the client try to connect back we will capture the handshake and save into a file then we will crack it.”
Step1:Enabling Monitor Mode
Now connect you WiFi adapter to the system you can see it by the command:
~$iwconfig
Here you can see my WiFi Adapter is connected (in my PC its named as wlan0mon in your PC it could be different ) and its in ‘Managed Mode’ for capture the near by WiFi traffic we need to put it in ‘Monitor Mode’ for do so you can run the following command:(fig-3.0)
~$sudo iwconfig {adapter interface} mode Monitor
OR
~$sudo airmon-ng start {WiFi Interface}
In the above image(fig-4.0) we can see that out adapter is in ‘Monitor Mode’ now we are able to capture all the near by packets that transmits by WiFi.
Step2:Capturing Handshake
Now we are able to see all near by devices on which we can perform the attack, you can do it by following command:(fig-5.0)
~$sudo airodump-ng {WiFi Interface}
OR
~$sudo airodump-ng {WiFi Interface} -a || {SCAN FOR 5GHz}
After running the above command we will se something like that(fig-6.0) here we can see all near by WiFi devices with BSSID, Channel, ESSID, and other things.
Now we need to capture all the packets of our victim WiFi and save into a file for do so we need to specify the BSSID, Channel and a file on which we will shave the output, we can run the following command for do so:(fig-7.0)
~$ sudo airodump-ng {WiFi interface} --bssid {vitime bssid} -c {channel NO.} -w { output file}
- wlan0mon is the interface of wireless adapter
- F8:C4:F3:84:F8:F1 is the BSSID of the victim WiFi
- 11is the channel the AP is operating on
- handshake is the file you want to write to
- 0 mean unlimited de-authenticate frames(also can be 100 , 2000 ,what ever you want)
Run the above command and it will start capturing traffic of the victim WiFi.(fig-8.0)
Now open a new Terminal and start Deauthentication Attack by ‘Aireplay-ng’ by following command.(fig-9.0)
~$sudo aireplay-ng {WiFi Interface} -a {victim BSSID} --deauth 0
- wlan0mon is the interface of wireless adapter
- -a used for specify the BSSID of the victim WiFi
- - -deauth 0 is used for specify deauth attack
As soon as you run the following command all the clients get disconnected and try to connect back at this moment ‘airodump-ng’ capture the handshake you can see it in image below:(fig-10.0,fig-11.0)
Now we have the captured handshake.
Step3:Cracking Password
Now we will crack the password by ‘aircrack-ng’ by following command:(fig-12.0)
~$sudo aircrack-ng {handshake file} -w {wordlist}
After running the above command the aircrack-ng start cracking the password if the password is present in the password list it will crack it.
