Wifi Hacking – Cracking WPA2 Password
1. Open our terminal (CTRL+ALT+T) and type airmon-ng
2. The next step we need to stop our wireless monitor mode by running airmon-ng stop wlan0
3. Now we ready to capture the wireless traffic around us. By running airodump-ng wlan0 our wireless interface will start capturing the data
4.select the victim point
Information:
BSSID (Basic Service Set Identification): the MAC address of access point
PWR: Signal level reported by the card.
Beacons: Number of announcements packets sent by the AP
#Data: Number of captured data packets (if WEP, unique IV count), including data broadcast packets.
#/s: Number of data packets per second measure over the last 10 seconds.
CH: Channel number (taken from beacon packets).
MB: Maximum speed supported by the AP. If MB = 11, it's 802.11b, if MB = 22 it's 802.11b+ and higher rates are 802.11g.
ENC: Encryption algorithm in use.
CIPHER: The cipher detected. TKIP is typically used with WPA and CCMP is typically used with WPA2.
AUTH: The authentication protocol used.
ESSID: Shows the wireless network name. The so-called “SSID”, which can be empty if SSID hiding is activated.
From the step 3 above, we can find access point with encryption algorithm WPA2 and note the AP channel number. Now we will find out whether target AP has WPS enabled or not.
wash -i wlan0 -c 8 -C -s
if the WPS Locked status is No, then we ready to crack and move to step 5.
5. The last step is cracking the WPA2 password using reaver.
reaver -i <your_interface> -b <wi-fi victim MAC address> –fail-wait=360
Because we already get the information from step 3 above, so my command look like this:
reaver -i wlan0 -b E0:05:C5:5A:26:94 –fail-wait=360
Conclusions:
1. WPA and WPA2 security implemented without using the Wi-Fi Protected Setup (WPS) feature are unaffected by the security vulnerability.
2. To prevent this attack, just turn off our WPS/QSS feature on our access point.
0 comments: