Beruflich Dokumente
Kultur Dokumente
Contents
Primarily, we will be going to discover targeted Wi-Fi (Access Point) through monitoring the Wi-Fi signals.
Then, it is essential on our part to send de-authentication packets to the AP which will compel the clients
connected to the access point to obtain disconnect from the AP.
When the client will attempt to reconnect to the AP, we will grab the 4-way handshake le which
comprises the password in encrypted form.
After that, to get the password, we will be going to use aircrack-ng to crack the handshake le
Make sure you have an external Wi-Fi adapter that supports packet injection and monitor mode, If you
want to use a virtual machine.
If you don’t have an external Wi-Fi adapter, install kali as dual-boot on your PC or laptop.
/
1. Open the terminal window in Kali
Use keyboard shortcut Ctrl+alt+t or type terminal in the search box to open a terminal window in Kali.
ifconfig
Contact us
/
I am going to perform all the following commands on this adaptor as you can see, I have a single Wi-Fi
adaptor(wlan0).
Now to put this adaptor into monitor mode type the subsequent command in the terminal.
Contact us
/
While your Wi-Fi is in monitor mode, notice that you can’t use your internet. And my adeptor name is changed
from wlan0 to wlan0mon.
We are required to kill background processes, before we start monitoring Wi-Fi signals. So that they will not be
able to interrupt while we are working in monitoring mode, for that type following command in the terminal
window.
Contact us
/
You can start monitoring the Wi-Fi signals near you, after putting your Wi-Fi into monitor mode.
airodump-ng wlan0mon
On the upper part of the screen, all the visible access points (APs) are shown and all the clients which are
connected to the APs are listed below.
Now open up a new terminal window (don’t close the present window) because we required to copy bssid and
channel from the current window.
Contact us
/
Type the following command in the terminal window.
Formet: airodump-ng --bssid <your target bssid> -c <channel no. of your target AP> --write <file
name where you want to store hand-shake file> <name of your wifi adptor with mon>
5. Capture hand-shake
In order to capture the hand-shake which contains the encrypted password, we need to disconnect the
connected clients from the AP. For that open new terminal window and type the following command.
This command will send 10 de-authentication packets to the AP which will cause the clients to disconnect from
the AP.
And when they will try to reconnect to the AP we will get the le containing the encrypted password. As you can
see in the following image we got a message saying “WPA Handshake: BSSID of target” this message means our
attack is successful, and we are able to capture the handshake le.
We can nd a capture le on the location we speci ed in the 4th step, in my case it’s root/WP le-01.cap.
/
Type following command.
4.1 / 5 ( 10 votes )
Search …
Your Name
Email ID
Please use this button
to contact us!
Mob-no
/
Inquiry
Inquiry
SIGN UP
Contact us