Skip to main content

Capture WPA/WPA2-PSK 4 Way Handshake Using Kali Linux And Aircrack-ng

Namaste Hackers,

Today, I Am Going To Show You How To Capture 4 Way Handshake File Using Kali Linux And Aircrack-ng suite.

In Order to Crack Any WPA/WPA2 Wireless Encryption Without trying password directly against access point for hours of hours. We Can Use 4 Way Handshake Packets. 4 Way Handshake is a Process To Identify Clients Real Identities And Also To Exchange Their Pre-shared Keys , Responsible To Make Encrypted Connection Between Client And Access Point. So, Basically, We Will Try To Capture 4 Way Handshake Packets Of Target Access Point And Then We Can Directly Use Brute Force Attack To Find Real Passwords From Handshake file Of WPA/WPA2 Encryption.

Things We Will Need In Order To Complete Our Exercise

  • Enable Wireless Card Monitor Mode
  • Analyse All Wireless Traffic Using Airodump-ng
  • Focus Airodump-ng Sniffer On Specific Access Point And Save All Capture Packets in A .cap file
  • Now, Send De-authentication Packets To Force Currently Connected Clients In Order To Exchange Their Pre-Shared Keys
  • Capture 4 Way Handshake Packets
  • Ensure you successfully Captured 4 Way Handshake Packets. 

So, Let's Start Our tutorial Step By Step

Setup 1.

Enable Your Wireless Card Monitor Mode.

:~# sudo airmon-ng start [Interface_name]

Setup 2.

Run Airodump-ng To Capture All Traffic

:~# sudo airodump-ng [Interface_name] 

Setup 3.

From Airodump-ng Terminal, Note Your Target Access Point MAC address And Channel Number

Setup 4.

 Now, Focus Your Airodump-ng Sniffer To Capture Only Specific Target Packet And Save in a .cap file. 

:~# sudo airodump-ng -c [ch] --bssid [AP_MAC_ADDRESS] -w [FILE_NAME] [Interface_name]

Setup 5.

Now, Generate De-authentication Packet And Send To Access Point. Basically, These De-authentication Packets Will Break The Connection Between Client and Access Point. Then, To Connect Back Again Client And Access Point Will Needed To Do 4 Way Handshake Procedure. 

Open A Separate Terminal And Type :

:~# sudo aireplay-ng --deauth 2 -a [AP_MAC_ADDRESS]

Setup 6.

Our Airodump-ng Has Capture 4 Way Handshake Packets.

Setup 7.

To Ensure 4 Way Handshake Availability We Will Use Aircrack-ng.

Open Separate Terminal And Type : 

:~# sudo aircrack-ng [wpa_file.cap]

Now, You Can Try Various Techniques To Crack Captured Handshake Packets Files.


Written By:

Related Post

Top Visited

Create Simple Packet Sniffer Using Python

how to install burp suite in Linux/Ubuntu 16.04

List of Keyboard Shortcuts Keys for GNOME Desktop (Kali linux / Linux / Ubuntu/*nix )

How to create Phishing Page Using Kali Linux | Webpage Page Cloning Using Kali Linux Social Engineering Toolkit

Best 1000 User-agents List For Web Scraping

Big List Of Google Dorks For Sqli Injection

How To Install GDB Peda?

Latest Google Dorks List

How To Create Snake Game Using Python And Tkinter - Simple python games

2 Easiest Way To Enable Monitor Mode in Kali Linux | Airmon-ng | Iwconfig