Using Kali to hack wifi connections

by

Important Foreword:

HACKING SOMEONE’S WIFI IS A CRIME IN MOST COUNTRIES.

THIS IS FOR EDUCATIONAL PURPOSE ONLY, I AM NOT RESPONSIBLE FOR ANY ILLEGAL ACTIVITIES DONE BY VISITORS, THIS IS FOR LEARNING AND  ETHICAL PURPOSES ONLY

Issue a

airmon-ng

find the interface (normally wlan0) then try starting monitoring

airmon-ng start wlan0

before putting the wifi card in monitor mode you need to kill other processes that keep an hold on the wifi card by issuing

airmon-ng check kill

now you can start monitoring with

airodump-ng wlan0

Now, you have a complete list of wifi beacons in the nearby.

Choose one of those and copy & paste the BSSID MAC address and CHANNEL.

Issue the command

airodump-ng -c [channel] --bssid [bssid] -w /root/Desktop/ [monitor interface]

Some file will be created on the desktop. Don’t delete them!

Airodump is now monitoring  only the target network, allowing us to capture specific information about it.

What we’re really doing now is waiting for a device to connect or reconnect to the network, forcing the router to send out the four-way handshake that we need to capture in order to crack the password.

But we’re not really going to wait for a device to connect, no, that’s not what impatient hackers do. We’re actually going to use another cool-tool that belongs to the aircrack suite called aireplay-ng, to speed up the process. Instead of waiting for a device to connect, hackers can use this tool to force a device to reconnect by sending deauthentication (deauth) packets to one of the networks devices, forcing it think that it has to reconnect with the network.

Please consider that, in order for this tool to work, there has to be someone else connected to the network first, so watch the airodump-ng and wait for a client to show up. It might take a long time, or it might only take a second before the first one shows.

If none show up after a lengthy wait, then the network might be empty right now, or you’re to far away from the network.

Now it is time to deauth:

Leave airodump-ng running and open a second terminal. In this terminal, type this command:

aireplay-ng –0 2 –a [router bssid] –c [client bssid] wlan0

The –0 (zero)  is a short cut for the deauth mode and the 2 is the number of deauth packets to send.

-a indicates the access point/router’s BSSID, replace [router bssid] with the BSSID of the target network.

-c indicates the client’s BSSID (the STATION in the output), the device we are trying to deauth. Replace the [client bssid] with the BSSID of the connected client.

And of course, wlan0 merely means the monitor interface, change it if yours is different.

 

http://lewiscomputerhowto.blogspot.com/2014/06/how-to-hack-wpawpa2-wi-fi-with-kali.html

Leave a Comment