What is Aircrack-ng?
Aircrack-ng is a Wi-Fi safety auditing tool specifically 802.11 WEP. It is also used for cracking the WEP and WPA keys for getting access to a network. Aircrack-ng is used by learning persons and safety professionals to test the safety, reliability of wireless networks.
What are the steps to hack wifi?
- The first step is to open your Kali Linux terminal
- The second step is to enter the Aircrack-Ng command
- The next step is to enter the password
- The next important step is to install Aircrack-ng
- Ok then, Turn on Airmon-ng
- Next is to find the monitor name
- The next step is to start monitoring the network
- Next is to enable a monitor mode interface
- Next to kill any processes that return errors
- Next is to review the monitor interface name
- Next is to tell your computer to listen to nearby routers
- Next is to find the router that you want to hack
- Make sure the router is using WPA security
- Next is you have to note the MAC address and channel number of the routers
- The next step is to monitor your selected networks for a handshake
- The next step is you have to wait for a handshake to appear
- Next is to exit airodump-ng, Then open the desktop
- Next is to Rename your “.cap” file
- Covert the “.cap” file into “.hccapx” format
- Installnaive-hash cat
- Run naive-hashcat
- Next is to wait for the network password to be cracked
How to Open your Kali Linux computer's Terminal?
Find and click the Terminal app, which resembles a black box with a white symbol on it.
You can also just click keypress+Alt+Ctrl+T to open the Terminal.
How to Enter the Aircrack-ng installation command?
Type in the below command, then press keypress+Enter
sudo apt-get install aircrack-ng
How to Enter your password when prompted?
Type in the password you use to log into your computer, then press keypress+Enter. This includes root access for any other commands run in the Terminal.
If you open another Terminal window, you may have to run a command with the prefix and/or enter your password again.
How to install Aircrack-ng?
Press keypress+Y when prompted, then wait for the program to finish installing.
How to Turn on Airmon-ng?
Type in the following command, then press keypress+Enter.
airmon-ng
How to Find the monitor name?
You'll find this in the user Interface column.
If you're hacking the network that you own, it will usually be named "wlan0".
If you don't see a name, your Wi-Fi card doesn't support it.
How to Begin monitoring the network?
.You can do so by typing in the below command and pressing keypress+Enter
airmon-ng start wlan0
Make sure you change "wlan0" with the name of your aimed network if it is variant.
How to Enable a monitor mode interface?
Enter the following command
iwconfig
How to Kill any processes that return errors?
In some situations, the Wi-Fi card will conflict with services on your computer. You can kill these processes by typing the following command
airmon-ng check kill
How to Review the monitor interface name?
In majority situations, the name will be something like "mon0" or "wlan0mon".
How to Tell your computer to listen to nearby routers?
To get a list of routers, enter the following command:
airodump-ng mon0
Make sure to change "mon0" with whatever your monitor interface name was in the last step.
How to identify the router you want to hack?
At the end of each string, you'll see a name, find the one belonging to the network you want to hack into.
How to Make sure the router is using WPA or WPA2 security?
If you see "WPA" or "WPA2" immediately to the left of the network's name, you can proceed, otherwise, you cannot hack the network.
How to Note the MAC address and channel number of the router?
This collection of information is to the left of the network's name
''MAC address'' — This is the line of numbers on the far-left side of your router's line. ''Channel'' — This is the number directly to the left of the WPA or WPA2 tag.
How to Monitor your selected network for a handshake?
A handshake was happening when an item connects to a network. Enter the below code, making sure to replace the suggested components of the command with your network's information
airodump-ng -c channel --bssid MAC -w /root/Desktop/ mon0
Replace "channel" with the number that you found in the last step.
Replace "MAC" with the address you found in the last step.
Remember to replace "mon0" with whatever your interface name was.
Here's an example address:
airodump-ng -c 3 --bssid 1C:1C:1E:C1:AB:C1 -w /root/Desktop/ wlan0mon
How to Wait for a handshake to appear?
Once you see a line with the tag "WPA handshake:" followed by a MAC address in the upper-right corner of the screen, you can proceed.
If you're not in a waiting mood, you can, before continuing with this part.
How to Exit airodump-ng, then open the desktop?
Press keypress+Ctrl+C to quit, then make sure you can see the ".cap" file on your computer's desktop.
How to Rename your '''".cap" file.''?
While not strictly necessary, this will make it easier to work with later. Enter the below command to change the name, making sure to replace "name" with whatever you want to name the file:
mv ./-01.cap name.cap
If your ".cap" file isn't named "-01.cap", replace "-01.cap" with whatever your ".cap" file's name is.
How to Convert the '''".cap" file into ".hccapx" format.'''?
You can do this by using a converter. Enter the below command, making sure to replace "name" with the file's name:
cap2hccapx.bin name. cap name.hccapx
upload the ".cap" file to the converter by clicking '''Choose File''' and selecting your file. Once the file is uploaded, click '''Convert''' and then download it back onto your desktop before proceeding.
How to Install naive-hashcat?
This is the way you'll use to crack the password. Enter the following commands in order:
sudo git clone https://github.com/brannondorsey/naive-hashcat
cd naive-hashcat
curl -L -o dicts/rockyou.txt
https://github.com/brannondorsey/naive-hashcat/releases/download/data/rockyou.txt
If your computer doesn't have a GPU, you'll need to use Aircrack-ng instead.
How to Run naive-hashcat?
Once it finishes, enter the below command:
HASH_FILE=name.hccapx POT_FILE=name.pot HASH_TYPE=2500 ./naive-hashcat.sh
How to Wait for the network password to be cracked?
Once the password is hacked, its string will be added to the "name. pot" file found in the "naive-hashcat", the word after the last colon in the string is the password.
It can take anywhere from a bit hours to a few months for the password to be hacked.
How do we use Aircrack-Ng for Non-GPU computers?
- First, you have to download a directory file
- Second has to tell aircrack-ng to begin cracking the password.
- Last Step you have to wait for the terminal to display the result.
How to Download a dictionary file?
The most used dictionary file is "Rock You". You can download it by typing the below command:
curl -L -o rockyou.txt
Remember that aircrack-ng will not be able to crack the WPA or WPA2 password if the password isn't in the word list.
How to Tell Aircrack-ng to begin cracking the password?
Enter the following command, making sure to use the necessary network information when doing so:
`aircrack-ng -a2 -b MAC -w rockyou.txt name.cap
If you're cracking a WPA network instead of a WPA2 network, replace "-a2".
Replace "MAC" with the address you identify in the last section.
Replace "name" with your ".cap" file's name.
How to Wait for Terminal to display the results?
When you see a "KEY FOUND!" appears, Aircrack-ng has found the password. You'll see the password in brackets to the right of the "KEY FOUND!".
How do we use a deauth attack to force a handshake?
- The first is to understand what a deauth attack does
- The second step is to monitor your network
- Next is to wait for something to connect to the network
- Open a new terminal window
- Next is to send the deauth packets
- Last is to Re-open the original terminal window
How to Understand what a deauth attack does?
Deauth attacks send malicious de-authentication packets to the router you're trying to break into, causing the Internet to disconnect and ask the Internet user to log back in. Once the user logs back in, you will be provided with a handshake.
How to Monitor your network?
Enter the below command, making sure to enter your network's information where it suggested’
airodump-ng -c channel --bssid MAC
For example:
airodump-ng -c 1 --bssid 9C:5C:8E:C9:AB:C0
How do we Wait for something to connect to the network?
Once you see two MAC addresses appear next to each other, you can proceed.
This indicates that a client is now connected to the network.
How to Open a new Terminal window?
You can just press keypress+Alt+Ctrl+T to do this. Make sure airodump-ng is still running in the background.
How do Send the deauth packets?
Enter the below command, making sure to change your network's information:
aireplay-ng -0 2 -a MAC1 -c MAC2 mon0
The number refers to the number of packets to send. You can change this number, but keep in mind that sending more than two packets can cause a noticeable security breach.
Replace "MAC1" with the address at the bottom of the background Terminal window.
Replace "MAC2" with the address at the bottom of the background Terminal window.
Remember to change "mon0" with your name that you found when your computer initially looked for routers.
An example command looks like this:
aireplay-ng -0 3 -a 9C:5C:8E:C9:AB:C0 -c 64:BC:0C:48:97:F7 mon0
How to Re-open the original Terminal window?
Go back to the Terminal window when you're done sending the packets.
Look for a handshake. Once you see the "WPA handshake: "the address next to it.
If you have any queries about the above topic or have to get services and consultations against every serious cyber threat. Feel free to contact us. AIR ZERO SEC will be your strong cyber partner. E-mail id: [email protected].
Author - Johnson Augustine
Ethical Hacker and Data Security Researcher
Founder: Airo Global Software Inc
LinkedIn Profile: www.linkedin.com/in/johnsontaugustine/