How To Hack WI-FI Password Using Aircrack-ng And Kali Linux

Posted by Suraj Singh on July 24, 2017 · 7 mins read
hii Hackers,

Today, I Am Going To Show You How To Crack WPA/WPA2 Wireless Encryptions Using Kali Linux And Aircrack-ng suite.

In Order to Crack Any WPA/WPA2 Wireless Encryption Without trying password directly against access point for hours of hours. We Can Use 4 Way Handshake Packets. 4 Way Handshake is a Process To Identify Clients Real Identities And Also To Exchange Their Pre-shared Keys , Responsible To Make Encrypted Connection Between Client And Access Point. So, Basically, We Will Try To Capture 4 Way Handshake Packets Of Target Access Point And Then We Can Directly Use Brute Force Attack To Find Real Passwords From Handshake file Of WPA/WPA2 Encryption.

Things We Will Need In Order To Complete Our Exercise

  • Enable Wireless Card Monitor Mode
  • Analyse All Wireless Traffic Using Airodump-ng
  • Focus Airodump-ng Sniffer On Specific Access Point And Save All Capture Packets in A .cap file
  • Now, Send De-authentication Packets To Force Currently Connected Clients In Order To Exchange Their Pre-Shared Keys
  • Capture 4 Way Handshake Packets
  • Ensure you successfully Captured 4 Way Handshake Packets. 
  • Crack Password Using Aircrack-ng

So, Let's Start Our tutorial Step By Step

Setup 1.

Enable Your Wireless Card Monitor Mode.

:~# sudo airmon-ng start [Interface_name]

Setup 2.

Run Airodump-ng To Capture All Traffic

:~# sudo airodump-ng [Interface_name] 

Setup 3.

From Airodump-ng Terminal, Note Your Target Access Point MAC address And Channel Number

Setup 4.

 Now, Focus Your Airodump-ng Sniffer To Capture Only Specific Target Packet And Save in a .cap file. 

:~# sudo airodump-ng -c [ch] --bssid [AP_MAC_ADDRESS] -w [FILE_NAME] [Interface_name]

Setup 5.

Now, Generate De-authentication Packet And Send To Access Point. Basically, These De-authentication Packets Will Break The Connection Between Client and Access Point. Then, To Connect Back Again Client And Access Point Will Needed To Do 4 Way Handshake Procedure. 

Open A Separate Terminal And Type :

:~# sudo aireplay-ng --deauth 2 -a [AP_MAC_ADDRESS]

Setup 6.

Our Airodump-ng Has Capture 4 Way Handshake Packets.

Setup 7.

To Ensure 4 Way Handshake Availability We Will Use Aircrack-ng.

Open Separate Terminal And Type : 

:~# sudo aircrack-ng [wpa_file.cap]

Setup 8.

Now, We Will Again Use Aircrack-ng To Try All Passwords From Provided Dictionary To Crack Handshake File Encryption.

Type : 

:~# sudo aircrack-ng [wpa_file.cap] -w [dictonery_file_path]

To Create Password Dictionary Using Crunch In Kali Linux.. Check Here

Setup 9.

 Wait... wait.... and wait.  let aircrack-ng to try all passwords from provided dictionary to crack handshake file encryption.

Note: To Crack Wifi Password Successfully, Having Real password in Our Word List is Necceary.


You Can Also Try Various Techniques To Crack Captured Handshake Packets Files.