![GTA - SA All [PC] Game Missions Save Files, [Bonus Cheats]](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEji0bTCRrJKO41LWRud2OPlWVNp3YFMWW6fTKYPF50ctp5sYt5M_qcqbP-ihCtn25AvOb0qr9pH05ktq0577U2U-ZSL8Vn1H3IoEu3pp8-r6zegrO_W1R2SpOiUU4B7HMzx3cBU2Llq7Rc/w680/10h875f.jpg)
![The Ultimate Social Media Image Size Guide for 2018 [Infographic]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_s-9sPUzKPRcnWUxB8AV3MpaRvR7F3oI-hRX9K_ge25HqWRh-m_lmb-DlzwbrxESgheYoMaMaauT-cWWVs08tnFagNfkvAL4UJLGwb2NCEze4UQid4FahjIEz4OQNfUzrphkwTEv0qRm5drU5eWJIU5=w680)
[TuT]Cracking WPA/WPA2 on Linux
Knowledge
If you look at the attacks closely, you'd think WPA was very easy to crack. Well, some people say it is,
some don't agree. The fact is, that if the password is in some sort of dictionary, the password can be cracked.
Just for the record: when it comes to cracking WPA(2), they are cracked the same way ;-).
you'll need a 4-way handshake from a client connecting to an AP.
The 4way handshake holds an encrypted algorithm which can be cracked by dictionary attack.
you'll need a huge list and some luck that the password is in the list,
or you can make a personal list created with a password tool of your choice (like john),
which will not be discussed in this tutorial ;-).For this tutorial, of course I'll be using the Aircrack-ng suite.
If you look at the attacks closely, you'd think WPA was very easy to crack. Well, some people say it is,
some don't agree. The fact is, that if the password is in some sort of dictionary, the password can be cracked.
Just for the record: when it comes to cracking WPA(2), they are cracked the same way ;-).
you'll need a 4-way handshake from a client connecting to an AP.
The 4way handshake holds an encrypted algorithm which can be cracked by dictionary attack.
you'll need a huge list and some luck that the password is in the list,
or you can make a personal list created with a password tool of your choice (like john),
which will not be discussed in this tutorial ;-).For this tutorial, of course I'll be using the Aircrack-ng suite.
!Optional: "lazyness"
you might need root access to run these applications. For example, if you are using Ubuntu and you
don't want to type "sudo" in front of every line, you could use this optional command.
Knowing what interface to use
first of all, you'll have to know what the name of your wireless interface is, thats why you type:
[img]http://webs.hogent.be/quintends/images/iwconfig.png[/img]
In my case, the interface was wlan0, as you can see that's the only one that can connect to anything..
Identifying your victim
you'd get a small message saying:
(monitor mode enabled on SPOOFEDINTERFACE ) //In my case, interface was "mon0"..
The next step would be choosing your victim. Obviously we would be looking for someone with wpa encryption now.
since you want to crack someone with wpa.
write down his BSSID and his CHANNEL.
[img]http://webs.hogent.be/quintends/images/airodump-ng.jpg[/img]
rebooting the network card to fit in the right Channel
Start the dumping of the file
This will start airodump-ng on your specific channel (-c). It will search handshakes
of the specifief bssid and will write this all to a capture file named psk (-w).
Notice! You might ask yourself, but how do I know when I captured a handshake?
-> Well, aircrack thought of that, if you managed to capture a handshake, a message appears in the upper
right corner.
[img]http://webs.hogent.be/quintends/images/handshake.jpg[/img]
!Optional, but very helpful when speeding up the process
So you need to capture a handshake, but the people who are connected of course won't be giving out the
handshake, since this event only takes place during authentication. If we could just boot them for a small second
off their network, so they could reconnect, that would be perfect!
This would do 10 "deauthentication" attacks (-0) with the AP being BSSID and client being booted CLIENTBSSID.
You can check if a client is connected by looking at your Airodump-ng screen again. If you see on the bottom of that
screen that someone is connected to the ESSID of your victim, simply use the STATION BSSID as CLIENTBSSID in this example.
This would crack the actual capture file that was being created by airodump-ng.
notice! You can only try to crack when a handshake actually took place.
Don't forget, -w needs the path to your wordlist, so remember where you saved it!
[img]http://webs.hogent.be/quintends/images/aircrack-ng.jpg[/img]
-> Aircrack-ng while attempting to crack a password
!Optional: "security"
As a scriptkiddy, you might want to remain a bit anonymous, so here's how you would change your mac..
Try to implement it yourself ;-)
Wordlists
If you ever needed some good wordlists, I suggest checking here first:
wordlists
Bye
thx for your time guys ;-)
Reactions
![BackTrack [TUT] Install Linux (Backtrack etc.) to USB[TUT]](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhClo6UTkhr8Q8JeJ_R9JZh8uFFYDzLeG7sU_HxK1m9K_i71xSCO0g9WoIF-9pNpOBWAVmjy9MN4tSzQoyrmGfMJSinlGu5PJaYGplUfEEfES_LN0ofjrDvj9gGFqN-ZWzlrrKC5GWJjw4/w680/nth.png)
Posts
0 Comments