Capture WPA/WPA2-PSK 4 Way Handshake Using Kali Linux And Aircrack-ng

Namaste Hackers,



Today, I Am Going To Show You How To Capture 4 Way Handshake File Using Kali Linux And Aircrack-ng suite.

In Order to Crack Any WPA/WPA2 Wireless Encryption Without trying password directly against access point for hours of hours. We Can Use 4 Way Handshake Packets. 4 Way Handshake is a Process To Identify Clients Real Identities And Also To Exchange Their Pre-shared Keys , Responsible To Make Encrypted Connection Between Client And Access Point. So, Basically, We Will Try To Capture 4 Way Handshake Packets Of Target Access Point And Then We Can Directly Use Brute Force Attack To Find Real Passwords From Handshake file Of WPA/WPA2 Encryption.


Things We Will Need In Order To Complete Our Exercise

  • Enable Wireless Card Monitor Mode
  • Analyse All Wireless Traffic Using Airodump-ng
  • Focus Airodump-ng Sniffer On Specific Access Point And Save All Capture Packets in A .cap file
  • Now, Send De-authentication Packets To Force Currently Connected Clients In Order To Exchange Their Pre-Shared Keys
  • Capture 4 Way Handshake Packets
  • Ensure you successfully Captured 4 Way Handshake Packets. 


So, Let's Start Our tutorial Step By Step

Setup 1.

Enable Your Wireless Card Monitor Mode.


:~# sudo airmon-ng start [Interface_name]





Setup 2.

Run Airodump-ng To Capture All Traffic

:~# sudo airodump-ng [Interface_name] 


Setup 3.

From Airodump-ng Terminal, Note Your Target Access Point MAC address And Channel Number


Setup 4.

 Now, Focus Your Airodump-ng Sniffer To Capture Only Specific Target Packet And Save in a .cap file. 

:~# sudo airodump-ng -c [ch] --bssid [AP_MAC_ADDRESS] -w [FILE_NAME] [Interface_name]



Setup 5.


Now, Generate De-authentication Packet And Send To Access Point. Basically, These De-authentication Packets Will Break The Connection Between Client and Access Point. Then, To Connect Back Again Client And Access Point Will Needed To Do 4 Way Handshake Procedure. 

Open A Separate Terminal And Type :

:~# sudo aireplay-ng --deauth 2 -a [AP_MAC_ADDRESS]


Setup 6.

Our Airodump-ng Has Capture 4 Way Handshake Packets.



Setup 7.

To Ensure 4 Way Handshake Availability We Will Use Aircrack-ng.

Open Separate Terminal And Type : 

:~# sudo aircrack-ng [wpa_file.cap]


Now, You Can Try Various Techniques To Crack Captured Handshake Packets Files.


Done!


Written By:
                  SSB

Share this

Related Posts

Previous
Next Post »