After performing the SQL injection, I can bet that now you have the endless curiosity to explore more about the ethical hacking. And as according to your need now in this article we are going to perform a hardcore hack using Backtrack Linux. we are going to learn that how to crack the WI-FI using Backtrack.one more thing I want to add here that all these stuff I am sharing with you is only for study purpose .if you have the black intentions just leave the book now. If you are performing this article on your computer, you will be responsible for any damage occurred by you.
So let s start the article -
Now let us start with the Wi-Fi cracking. But before starting the tutorial let me give you a small introduction to what Wi-Fi hacking is and what is the security protocols associated with it.
In a secured wireless connected the data on internet is sent via encrypted packets. These packets are secured with network keys.
There are basically 2 types of security keys:-
WEP (Wireless Encryption Protocol):- This is the most basic form of encryption. This has become an unsafe option as it is vulnerable and can be cracked with relative ease. Although this is the case many people still use this encryption.
WPA (WI-FI Protected Access) : This is the most secure wireless encryption. Cracking of such network requires use of a wordlist with common passwords. This is sort of brute force attack. This is virtually uncrackable if the network is secured with a strong password
So let s begin the actual Wi-Fi Hacking tutorial!
In order to crack Wi-Fi password, you require the following things: For the Wi-Fi hacking you need to install the Backtrack on your computer. I am assuming that you have already installed the Backtrack on your pc. If not it s very easy to install by making bootable live CD DVD For installing processes you can just Google it. You will get it easily.
Now open the console from the taskbar, Click on the icon against the dragon like icon in the taskbar in the above screenshot.
You will have a Command Prompt like Shell called as console terminal.
1)Let's start by putting our wireless adapter in monitor mode. It allows us to see all of the wireless traffic that passes by us in the air. Type airmon-ng in the console terminal and press Enter. You will have a screen like this, note down the name of interface, in this case the name is wlanO.
2) Now type ifconfig wlanO down and hit enter.
This command will disable your wireless adapter; we are doing this in order to change your MAC address.
Now, you need to hide your identity so that you will not be identified by the victim.to do this you need to type ifconfig wlanO hw ether OO:11:22:33:44:55 and hit enter. This command will change your MAC address to OO:11:22:33:44:55.
3) Now the next work is to type airmon-ng start wlanO and press enter. This will start the wireless adapter in monitor mode. Note down the new interface name, it could be ethO or monO or something like that.
The above command in the console has started your network adapter in monitor mode as monO:
4) Now that our wireless adapter is in monitor mode, we have the capability to see all the wireless traffic that passes by in the air. We can grab that traffic by simply using the airodump-ng command.
This command grabs all the traffic that your wireless adapter can see and displays critical information about it, including the BSSID (the MAC address of the AP), power, number of beacon frames, number of data frames, channel, speed, encryption (if any), and finally, the ESSID (what most of us refer to as the SSID).
Let's do this by typing:
airodump-ng monO
In the above screenshot there is a list of available networks, Choose l network and note the BSSID and channel of it.
5.) Type airodump-ng -c channel no bssid BSSIDNl monO -w filename and hit enter. Replace channel no. and BSSIDNl with the data from step 4. Replace the monO with network interface name from step 3. In place of filename write any name and do remember that. Better use filename itself.
This command will begin capturing the packets from the network. You need to capture more and more packets in order to crack the Wi-Fi password. This packet capturing is a slow process.
6.) To make the packet capturing faster, we will use another command. Open a new shell, don t close the previous shell In new shell type aireplay-ng -1 0 -a BSSIDN1 -h 00:11:22:33:44:55 mon0 and hit enter. Replace the BSSIDN1 with the data from step 4 and mon0 from step 3. This command will boost the data capturing process. The -1 tells the program the specific attack we wish to use which in this case is fake authentication with the access point. The 0 cites the delay between attacks, -a is the MAC address of the target access point, -h is your wireless adapters MAC address and the command ends with your wireless adapters device name.
7.) Now wait for few minutes, let the DATA in the other console reach a count of 5000.
8.) After it reaches 5000, open another console and type aircrack-ng filename-01.cap and hit enter. Replace the filename with the name you used in step 5. Add -01.cap to it. .cap is the extension of file having captured data packets. After