Please Login or 1 2 3 4 5 1 Votes - 5 Average Register to get rid of this message.

[Tut]How to crack WPA/2-PSK w/ BT4 [Tut]

Search

Members

Awards

Help

Contact

Affiliates

Upgrade

Hello There, Guest! (Login Register)

Current time: 04-21-2011, 04:30 AM

Visual Basic Board / Hacking / Wifi Wireless Hacking / [Tut]How to crack WPA/2-PSK w/ BT4 [Tut]

[Tut]How to crack WPA/2-PSK w/ BT4 [Tut]

Threaded Mode | Linear Mode Post: #1

11-28-2010, 05:15 PM (This post was last modified: 11-28-2010 05:24 PM by Algorithm.)

Algorithm
Registered

(_) Let's Hack!

Posts: 88 Joined: Aug 2010 Reputation: 22

http://www.vb-board.com/showthread.php?tid=1218 (1 of 11) [20/04/2011 01:41:10 p.m.]

[Tut]How to crack WPA/2-PSK w/ BT4 [Tut]

[Tut]How to crack WPA/2-PSK w/ BT4 [Tut]

All right another tutorial on how to hack a wireless network. Today we will be learning how to do a dictionary attack on a router that has a WPA/2-PSK password. We will go over two ways to do this, one is with just using aircrack-ng the other is with cowpatty. There are like 5 ways to crack a wpa-psk password I do believe, but for now we will go over the two that are the easiest. We will need two things for this pentest: backtrack and a really good dictionary file. You can find some good dictionary files on the net, just google. So lets get started and boot up with backtrack. *Disclaimer: Cracking anybodies router password is ILLEGAL. You can get convicted of a crime for doing so. So only do this on your own router. This tutorial is for educational use only.* We need to find out what kind of wireless card we have so open a console window and type: Code: airmon-ng Spoiler (Click to Hide)

http://www.vb-board.com/showthread.php?tid=1218 (2 of 11) [20/04/2011 01:41:10 p.m.]

[Tut]How to crack WPA/2-PSK w/ BT4 [Tut]

Now we have to set our wireless card to monitor mode to monitor the network so type this in to the console window: Code: airmon-ng start wlan0 Oh yeah make sure its your's and not what I have in the pic. Spoiler (Click to Hide)

http://www.vb-board.com/showthread.php?tid=1218 (3 of 11) [20/04/2011 01:41:10 p.m.]

[Tut]How to crack WPA/2-PSK w/ BT4 [Tut]

Ok we have our cards in monitor mode now lets scan the network for some connections type this in the console window: Code: airodump-ng You should see something like this: Spoiler (Click to Hide)

http://www.vb-board.com/showthread.php?tid=1218 (4 of 11) [20/04/2011 01:41:10 p.m.]

[Tut]How to crack WPA/2-PSK w/ BT4 [Tut]

Take note of all these things cause we will need all these things about the network so open Kate and type all this info in. Another note, you will always need some connected to the network you are trying to penetrate. So press ctrl + c to stop airmon-ng and copy all the info. Now we need to focus only on the specfied network and get the rest of the clutter out of the way. By now your screen is probably nice and full so type in "clear" w/ out the parentheses to clear the screen. We will now use the following code: example: Code: airodump-ng -c (c) --bssid (bssid) -w (captureFileName) mon0 The -c = channel of the network. The --bssid = the bssid of the network example: 00:11:22:33:44:55 The -w = write to a file that is saved with a .cap extension
http://www.vb-board.com/showthread.php?tid=1218 (5 of 11) [20/04/2011 01:41:10 p.m.]

[Tut]How to crack WPA/2-PSK w/ BT4 [Tut]

actual code example: Code: airodump-ng -c 6 --bssid 00:23:97:F5:22:F7 -w dump mon0 Spoiler (Click to View) Now that we got that going it is time to open a second konsole window to Deauth the user that is connected. We need to knock the user off line temporary to make them reconnect so we can intercept the router's creditials. This is called getting the four-way handshake. This is why we always need someone connected. Now we need the info that we copied to kate or notepad. Here is the example code: Code: aireplay-ng -0 1 -a (bssid) -c (station) mon0 The The The The The -0 = the deauth paremeter for aireplay-ng 1 = is how many times we send the deauth command -a = bssid number -c = the station number "connected computer" mon0 = our card of course

actual code example: Code: aireplay-ng -0 10 -a 00:23:97:F5:22:F7 -c 00:C0:A8:CF:19:09 mon0 For tutorial sake put a 10 for how many times to deauth. Now If we are successful with the deauth in the airodump-ng console you will see at the top right corner "WPA Handshake". Spoiler (Click to Hide)

http://www.vb-board.com/showthread.php?tid=1218 (6 of 11) [20/04/2011 01:41:10 p.m.]

[Tut]How to crack WPA/2-PSK w/ BT4 [Tut]

Now I would maybe deauth them like a couple of times just to be safe that you got the handshake. If successful stop all your processes with ctrl + c in each window. Now clear a console window its time to crack that PSK. First we will use aircrack-ng. For the purpose of the tutorial I put the actual password in a password list that I found, to show you what a successful crack would look like. Have your password list on the desktop so there is no confusion on location. Now lets start with a example: Code: aircrack-ng -w (filename) youcapfile-01.cap The -w = a password text file The yourcapfile-01.cap is your cap file. actual code:
http://www.vb-board.com/showthread.php?tid=1218 (7 of 11) [20/04/2011 01:41:10 p.m.]

[Tut]How to crack WPA/2-PSK w/ BT4 [Tut]

Code: aircrack-ng -w pass dump-01.cap The dump-01.cap is the dump file we made in airodump-ng. Now the successful message if you have the password in your dictionary file. Spoiler (Click to Hide)

Now for the cowpatty method it is really slow and I wouldnt recommend using this way unless you used gen-pmk to create a hash file which I write a tutorial on next. So clear out your code window and type the following: example code: Code:
http://www.vb-board.com/showthread.php?tid=1218 (8 of 11) [20/04/2011 01:41:10 p.m.]

[Tut]How to crack WPA/2-PSK w/ BT4 [Tut]

cowpatty -r (capfile) -f (dictionaryfile) -s (essid) actual code: Code: cowpatty -r dump-01.cap -f pass -s 10FX0697705 As you can see it is slow. Spoiler (Click to View) Spoiler (Click to View) Well that is it for now. Next we will use gen-pmk to make a hashfile and make the cracking process for big dictionary files fast. Hope this helps someone here. Happy hacking! Goals here at VB-Board: Get 20 rep [x] Make a 100 posts[] Get 50 rep [] Make a 1000 posts [] Make 20+ tutorials or more []

11-29-2010, 09:39 AM

Post: #2

Owner

Posts: 1,626 Joined: Jul 2010 Reputation: 143

Administrators
RE: [Tut]How to crack WPA/2-PSK w/ BT4 [Tut]

yet another impressive tutorial, nice - Spend $5 to become VIP on Vb-Board to access tons of great downloads and other perks Affiliate With VB-Board to gain traffic to your website
http://www.vb-board.com/showthread.php?tid=1218 (9 of 11) [20/04/2011 01:41:10 p.m.]

[Tut]How to crack WPA/2-PSK w/ BT4 [Tut]

11-29-2010, 09:58 AM

Post: #3

Algorithm
Registered

(_) Let's Hack!

Posts: 88 Joined: Aug 2010 Reputation: 22

RE: [Tut]How to crack WPA/2-PSK w/ BT4 [Tut]

Wrote: yet another impressive tutorial, nice Thanks I should have some more going up very soon. Goals here at VB-Board: Get 20 rep [x] Make a 100 posts[] Get 50 rep [] Make a 1000 posts [] Make 20+ tutorials or more []

(11-29-2010 09:39 AM)

Next Oldest | Next Newest

View a Printable Version Send this Thread to a Friend Subscribe to this thread

Forum Jump: -- Wifi Wireless Hacking

Go

http://www.vb-board.com/showthread.php?tid=1218 (10 of 11) [20/04/2011 01:41:10 p.m.]

[Tut]How to crack WPA/2-PSK w/ BT4 [Tut]

Contact Us | Visual Basic Board | Return to Top | Return to Content | Lite (Archive) Mode | RSS Syndication Powered By MyBB, 2002-2011 MyBB Group.

Copyright CrunkleSticks 2011. All rights reserved.

http://www.vb-board.com/showthread.php?tid=1218 (11 of 11) [20/04/2011 01:41:10 p.m.]