In this activity, We’ll demonstrate cracking WPA/WPA2 wireless network security which uses pre-shared keys.
This is the approach used to crack the WPA/WPA2 Pre-shared key which will not have the statistical method compared then the WEP, where the statical methods can be used to speed up the cracking process, only plain brute force technique can be used against WPA/WPA2.
What is Wifite?
To attack multiple WEP, WPA, and WPS encrypted networks in a row. This tool is customizable to be automated with only a few arguments. Wifite aims to be the “set it and forget it” wireless auditing tool.
Features:
- sorts targets by signal strength (in dB); cracks closest access points first
- automatically de-authenticates clients of hidden networks to reveal SSIDs
- numerous filters to specify exactly what to attack (WEP/WPA/both, above specific signal strengths, channels, etc)
- customizable settings (timeouts, packets/sec, etc)
- “anonymous” feature; changes MAC to a random address before attacking, then changes back when attacks are complete
- all captured WPA handshakes are backed up to wifite.py’s current directory
- smart WPA de-authentication; cycles between all clients and broadcast deauths
- stop any attack with Ctrl+C, with options to continue, move on to the next target, skip to cracking, or exit
- displays session summary at exit; shows any cracked keys
- all passwords saved to cracked.txt
Important:
You should have to use a compatible wifi adapter that can support the monitor mode.
What is Monitor mode?
Monitor mode or RFMON (Radio Frequency Monitor) mode, enables a device with a wireless network interface controller to monitor all traffic received from the wireless network.
For checking, you have to use the command: # airmon-ng ( or ) # lsusb
[+] Select the wireless interface (1-2): < id >
[+] Scanning. Found 25 target(s), 14 client(s). Ctrl+C when ready
[+] Select target(s) (1-15) separated by commas, dashes, or all: < NUM >
It started to attack the target with the various methods shown below
after waiting for a couple of minutes, successfully cracked the password by cracking the WPA handshake by running aircrack-ng with the wordlist file as “wordlist-probable.txt”
the password we found was “01234567“
Note: As this password was simple, didn’t take more time to Crack, If you try to Crack a more complex password a combination of the different upper and lower case with the special character can take a longer time.
once done with the attack, we should have to change the mode of the WIFI adapter to use normal purposes as usual, so we change back into managed mode by the below step.
I hope you’ve learned and enjoyed this Walkthrough.
So, You can connect with me on “LinkedIn & Twitter“ for more updates on Information Security.
Disclaimer:
We believe that these Practices will educate everyone about ethical hacking, and We do not promote, encourage, support, or excite any illegal activity or hacking.
We will not be responsible for your illegal actions.
