API tools faq
paste
Hacker-Afridi

Hack Wifi Password by Afridi's Technoworld

Hacker-Afridi
Jun 28th, 2013
173
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.37 KB | None | 0 0
raw download clone embed print report
  1. To Hack Wifi Password
  2. Method 1 :
  3. First of all you need to scan for available wireless networks.
  4. you can use“NetStumbler” or “Kismet” for Windows and Linuxand KisMac for Mac.
  5. It’ll also show how the Wi-fi network is encrypted. The two most common encryption techniques are:
  6. 1) WEP (Wire Equivalent Privacy )
  7. 2) WAP(Wireless Application Protocol)
  8. WEP allows a hacker to crack a WEP key easily whereas WAP is currently the most secure and best option to secure a wi-fi network
  9. It can’t be easily cracked as WEP because the only way to retreive a WAP key is to use a brute-forceattack or dictionary atack.
  10. How toCrack WEP
  11. To crack WEP we will be using Live Linux distribution called BackTrack to crack WEP.
  12. BackTrack have lots of preinstalled softwares but for this time
  13. The tools we will be using on Backtrack are:
  14. a)Kismet – a wireless network detector
  15. b)airodump – captures packets from a wireless router
  16. c)aireplay – forges ARP requests
  17. d)aircrack – decrypts the WEP keys
  18. Follow the steps One by One
  19. 1) First of all we have to find a wireless access point along withits bssid, essid and channel number. To do this we will run kismet by opening up the terminal and typing in kismet. It may ask you for the appropriate adapter which in my case is ath0.You can see your device’s name by typing in the command iwconfig.
  20. 2) To be able to do some of the later things, your wireless adapter must be put into monitormode. Kismet automatically does this and as long as you keep it open, your wireless adapter will stay in monitor mode.
  21. 3) In kismet you will see the flags Y/N/0. Each one stands for a different type of encryption. In our case we will be looking for access points with the WEP encryption. Y=WEP N=OPEN 0=OTHER(usually WAP).
  22. 4) Once you find an access point,open a text document and pastein the networks broadcast name(essid), its mac address (bssid) and its channel number. To get the above information, usethe arrow keys to select an access point and hit to get more information about it.
  23. 5) The next step is to start collecting data from the access point with airodump. Open up a new terminal and start airodump by typing in the command:
  24. airodump-ng -c [channel#] -w [filename] –bssid [bssid] [device]
  25. In the above command airodump-ng starts the program, the channel of your access point goes after -c , the file you wish to output the data goes after -w , and the MAC address of the access point goesafter –bssid. The command endswith the device name. Make sureto leave out the brackets.
  26. 6) Leave the above running and open another terminal. Next we will generate some fake packets to the target access point so thatthe speed of the data output willincrease. Put in the following command:
  27. aireplay-ng -1 0 -a [bssid] -h 00:11:22:33:44:55:66 -e [essid] [device]
  28. In the above command we are using the airplay-ng program. The -1 tells the program the specific attack we wish to use which in this case is fake authentication with the access point. The 0 cites the delay between attacks, -a is the MAC address of the target access point, -h is your wireless adapters MAC address, -e is the name (essid) of the target accesspoint, and the command ends with the your wireless adapters device name.
  29. 7) Now, we will force the target access point to send out a huge amount of packets that we will be able to take advantage of by using them to attempt to crack the WEP key. Once the following command is executed, check yourairodump-ng terminal and you should see the ARP packet count to start to increase. The command is:
  30. aireplay-ng -3 -b [bssid] -h 00:11:22:33:44:5:66 [device]
  31. In this command, the -3 tells the program the specific type of attack which in this case is packet injection, -b is the MAC address of the target access point, -h is your wireless adapters MAC address, and the wireless adapter device name goes at the end.
  32. Once you have collected around 50k-500k packets, you may beginthe attempt to break the WEP key.The command to begin the cracking process is:
  33. aircrack-ng -a 1 -b [bssid] -n 128 [filename].ivs
  34. In this command the -a 1 forces the program into the WEP attack mode, the -b is the targets MAC address,and the -n 128 tells the program the WEP key length. If you don’t know the -n , then leave it out. This should crack the WEP key within seconds. Themore packets you capture, the bigger chance you have of cracking the WEP key.
  35.  
  36. For more visit
  37. www.afridi-d-hacker.blogspot.com
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!