Kali Linux wifi password hack

Source: Internet
Author: User
Tags kali linux bssid

0x01 Preparation Tool

1.Kali Linux 2.0

2. Wireless Card (compatible with Kali or installed drivers)

3. Dictionary-Http://www.qqtn.com/down/80787.html#szdz

0x02 Method One: aircrack dictionary brute force hack

1. Enter terminal input: Airmon-ng View network card information

2. Enter in Terminal: Airmon-ng start Wlan0 (NIC name) to turn on NIC promiscuous mode

Then enter Iwconfig to see if the network card name becomes Wlan0mon (here My network card is wlan0, so is Wlan0mon, the discriminant method is the NIC name +mon)

3. Enter: Airodump-ng Wlan0mon (nic name +mon) starts scanning WiFi signal,

4. Open a new terminal, enter: Airodump-ng-w Test(Handshake package Save name) -C CH --bssid bssid Wlan0mon -- Ignore-negative-one

PS: Here The Bold font is the parameter value we need to change, the handshake package name can be arbitrary, CH (channel) and BSSID (MAC address) can be seen in the third step, Wlan0mon or NIC name +mon (turn on promiscuous mode will be like this)

Then executes, will enter a constantly refreshed interface (here will show the user under this router), station is the MAC address of the router, where the interface appears bssid refers to the user's MAC address of the local area network, and the third step of the LAN MAC address bssid different

5. Open a new terminal, enter:aireplay-ng--deaut -a capture package user MAC address -C router (WiFi) MAC address Wlan0mon --ignore-negative-one

Here we should note that the number after the--deaut parameter (which is written here is 20) refers to the number of capture packets, the capture will temporarily cause the user to seize the packet network interruption , so here we set the number of capture packets, in case forget to stop grabbing the packet caused the user network has been interrupted (this is a prank), Then the grab user mac address after the-a parameter is the BSSID mentioned in the fourth step (the MAC address of the user under the LAN), and the router MAC address after the-c parameter is the third step we get the Wifimac address , Wlan0mon is the name of the original NIC +mon

6. After the clutch is complete, we can view the generated handshake package in the terminal input LS

Because I previously entered the-w Test command, I generated the handshake package named Test-*.cap, and then we dragged the prepared dictionary into the same directory

Execute in Terminal:aircrack-ng-w dictionary name test-*.cap (Handshake package name)

And then wait for the completion of the hack, if the successful hack out of the WiFi password, the interface will appear key found!, if the failure is the opposite.

Summary: This method and dictionary test is not reliable, good character has great inevitable factors, in other words, if you do not have a strong dictionary, estimated in the current security situation, it is difficult to crack out a WiFi, because now the majority of users set WiFi password is the letter + number of such a combination, For example, last name + mobile phone number, name + birthday This type of password, crack difficulty greatly improved, of course, do not rule out some weak password Wi-Fi presence.

0x03 method two: Reaver crack pin Code

1. In terminal input:wash-i Wlan0mon (Turn on promiscuous mode wireless card name) Scan open wps WiFi, if not turn on NIC Promiscuous mode reference method Step two

2. Open a new terminal input:reaver-i Wlan0mon -b target WiFi mac -a-s-vv-c CH (channel) and wait for the break to complete

Some routing pins can be calculated by: Tengda and Lei ke products if the routing MAC address starts with "c8:3a:35" or "00:b0:0c", you can calculate the pin value directly.

Kali Linux wifi password hack

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.