how to hack wifi
HOW TO HACK A WIFI NETWORK =>
Courtesy : Computer Expert
So.. Here’s how we do it..
1) First we need to scan for
available wireless networks.
Theres this great tool for
windows to do this.. called
“NetStumbler” or Kismet for
Windows and Linux and KisMac
for Mac
It’ll also show how the Wi-fi
network is secured..
The two most common
encryption types are:
1. WEP
2. WAP
WEP i.e Wire Equivalent Privacy
is not consideres as safe as WAP
i.e Wireless Application
Protocol.
WEPhave many flaws that
allows a hacker to crack a WEP
key easily.. whereas
WAPis currently the most
secure and best option to
secure a wi-fi network..
It can’t be easily cracked as WEP
because the only way to retreive
a WAP key is to use a brute-force
attack or dictionary atack.
Here I’ll tell you how to Crack
WEP
To crack WEP we will be using
Live Linux distribution called
BackTrack to crack WEP.
BackTrack have lots of
preinstalled softwares for this
very purpose..
Thetools we will be using on
Backtrack are:
Kismet – a wireless network
detector
airodump – captures packets
from a wireless router
aireplay – forges ARP requests
aircrack – decrypts the WEP keys
1. First of all we have to find a
wireless access point along with
its bssid, essid and channel
number. To do this we will run
kismet by opening up the
terminal and typing in kismet. It
may ask you for the appropriate
adapter which in my case is
ath0. You can see your device’s
name by typing in the command
iwconfig.
2.To be able to do some of the
later things, your wireless
adapter must be put into
monitor mode. Kismet
automatically does this and as
long as you keep it open, your
wireless adapter will stay in
monitor mode.
3. In kismet you will see the flags
Y/N/0. Each one stands for a
different type of encryption. In
our case we will be looking for
access points with the WEP
encryption. Y=WEP N=OPEN
0=OTHER(usually WAP).
4.Once you find an access point,
open a text document and paste
in the networks broadcast
name (essid), its mac address
(bssid) and its channel number.
To get the above information,
use the arrow keys to select an
access point and hit <ENTER> to
get more information about it.
5. The next step is to start
collecting data from the access
point with airodump. Open up a
new terminal and start
airodump by typing in the
command:
airodump-ng -c [channel#] -w
[filename] –bssid [bssid]
[device]
In the above command
airodump-ng starts the
program , the channel of your
access point goes after -c , the
file you wish to output the data
goes after -w , and the MAC
address of the access point goes
after –bssid. The command ends
with the device name. Make sure
to leave out the brackets.
6. Leave the above running and
open another terminal. Next we
will generate some fake packets
to the target access point so that
the speed of the data output will
increase. Put in the following
command:
aireplay-ng -1 0 -a [bssid] -h
00:11:22:33:44:55:66 -e [essid]
[device]
In the above command we are
using the airplay-ng program.
The -1 tells the program the
specific attack we wish to use
which in this case is fake
authentication with the access
point. The 0 cites the delay
between attacks, -a is the MAC
address of the target access
point, -h is your wireless
adapters MAC address, -e is the
name (essid) of the target
access point, and the command
ends with the your wireless
adapters device name.
7. Now, we will force the target
access point to send out a huge
amount of packets that we will
be able to take advantage of by
using them to attempt to crack
the WEP key. Once the following
command is executed, check
your airodump-ng terminal and
you should see the ARP packet
count to start to increase. The
command is:
aireplay-ng-3 -b [bssid] -h
00:11:22:33:44:5:66 [device]
In this command, the -3 tells the
program the specific type of
attack which in this case is
packet injection, -b is the MAC
address of the target access
point , -h is your wireless
adapters MAC address, and the
wireless adapter device name
goes a
if you have any problem now sent me message
https://m.facebook.com/profile.php?id=932744286752242
