Learn From Professionals

<div dir="ltr" style="text-align: left;" trbidi="on">
<h2 style="text-align: center;">
Breaking WPA2-PSK with Kali Linux </h2>
<h2 style="text-align: left;">
 WPA2-PSK may not be as safe as you think. There are a few attacks 
against WAP2-PSK. One of the most common attacks is against WPA2 is 
exploiting a weak passphrase.</h2>
Below you will find a few easy steps on how to break WPA2 with a weak passphrase.<br />
<h2 style="text-align: left;">
 </h2>
<h3 style="text-align: left;">
<b><em>Breaking the Wireless Hacker VeerNetwork:</em></b></h3>
I set up a test network for this blog article. The client box is 
logging into my Hacker Veer test network. This is the network we will 
break.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjJ91hnC_6AGfrIskWaa-PFsJ1BS1Av-r1VSRKJqQnTkLl57BHu22z6VjZ193oawGvAfj70QwoHO6LT25uViws3GoJSJuU9ijHjR0qvYQlHVpTY5WIc8BvFJOlM5UbCAysOwnNK6WVv4M-H/s1600/Selecting-Wireless-Network-300x274.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjJ91hnC_6AGfrIskWaa-PFsJ1BS1Av-r1VSRKJqQnTkLl57BHu22z6VjZ193oawGvAfj70QwoHO6LT25uViws3GoJSJuU9ijHjR0qvYQlHVpTY5WIc8BvFJOlM5UbCAysOwnNK6WVv4M-H/s1600/Selecting-Wireless-Network-300x274.png" /></a></div>
<br />
<br />
<br />
<em>Step 1:</em><br />

The first step is to verify the router configuration. Normally in a 
real penetration test we would not have this option, but since this is a
 home lab I have a little more flexibility.<br />

In this case the lab access point is securing the wireless network Hacker Veer  with WPA2-PSK. It using the passphrase Cisco123. You can 
use any wireless router to setup your wireless lab.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgQvOhUctj3PNQCChmXOKTKc5ZNNkV9P7uylF-vroWdXy9zOVDaY5T3jDpT8F7FpAZEUFHtFmOKmooEhtMlbdx3EraDNxAmzYa-6ryV8qZwCzt_y7DlWkjoz6QyRoXctuu42_Ul9PzPbxRR/s1600/Wireless-Lab-156x300.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgQvOhUctj3PNQCChmXOKTKc5ZNNkV9P7uylF-vroWdXy9zOVDaY5T3jDpT8F7FpAZEUFHtFmOKmooEhtMlbdx3EraDNxAmzYa-6ryV8qZwCzt_y7DlWkjoz6QyRoXctuu42_Ul9PzPbxRR/s1600/Wireless-Lab-156x300.png" /></a></div>
<br />
<br />
<br />
<em> Step 2:</em><br />

We will be using Kali Linux to complete this task. Kali will need a 
wireless card configured before it can be used by the operating system. I
 am using the Alfa AWUS051NH adapter. Almost any Alfa wireless adapter 
will work. I am a big fan of the AWUS051NH adapter because it a duel 
band adapter. However, this card is very difficult to obtain since it is
 no longer sold.<br />
<br />
<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjaRfH8xpzpjLHrriCmKC771zPAWo5GmREJ6ASzFIyvPSWJu2qZgbqPeb_vjril1prw8gRyPjP0kHx279Q-w31vQE2L7JtNvDzw9F2hTfwi6ARtdLeRrI2AMdkWT6PtLQWCgBdKXcHj11KI/s1600/Alfa-228x300.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjaRfH8xpzpjLHrriCmKC771zPAWo5GmREJ6ASzFIyvPSWJu2qZgbqPeb_vjril1prw8gRyPjP0kHx279Q-w31vQE2L7JtNvDzw9F2hTfwi6ARtdLeRrI2AMdkWT6PtLQWCgBdKXcHj11KI/s1600/Alfa-228x300.png" /></a></div>
The <strong>iwconfig</strong> command will show any wireless cards in
 the system. I am using a RealTek wireless card. Linux ships with the 
RealTek drivers, making it a Linux plug and play wireless card.<br />

The operating system recognizes a  wireless interface named <strong>wlan0</strong>.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiE8xZ_J8SBt4hvKtWOUAq6WavAXVXaOFBUan7kzjKvC2Wx4vhEQmymu_XXz2yS5fV8TDDY7pM8HRfRGK-fyHm9Bqt_qjSjNwv8RzRQHd_uLDmPotZ-eoOWOaAdOuDc0Al7XOIQDVQ5IcjX/s1600/IWconfig1.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="196" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiE8xZ_J8SBt4hvKtWOUAq6WavAXVXaOFBUan7kzjKvC2Wx4vhEQmymu_XXz2yS5fV8TDDY7pM8HRfRGK-fyHm9Bqt_qjSjNwv8RzRQHd_uLDmPotZ-eoOWOaAdOuDc0Al7XOIQDVQ5IcjX/s1600/IWconfig1.png" width="640" /></a></div>
<br />
<em>Step 3:</em><br />

My next step will be to enable the wireless interface. This is accomplished issuing the <strong>ifconfig wlan0 up </strong>command.<br />
 <br />
<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiehsPnpVAWPeFsyfcgViLeQ0Y77gcCUO8bygcX6SnRxHtexLUxQvB0lDf3m709z2EIM4nxKd7Ro0D7F_7ghexVUXmpPJ98z8f6Vcyi6N4g97EvSVYOeIAfsjvkKOoEd1xRwrh1VJdXEXML/s1600/ifconfig-up.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="114" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiehsPnpVAWPeFsyfcgViLeQ0Y77gcCUO8bygcX6SnRxHtexLUxQvB0lDf3m709z2EIM4nxKd7Ro0D7F_7ghexVUXmpPJ98z8f6Vcyi6N4g97EvSVYOeIAfsjvkKOoEd1xRwrh1VJdXEXML/s1600/ifconfig-up.png" width="640" /></a></div>
<br />
<br />
<br />
<br />
<br />
<em>Step 4:</em><br />

I need to understand what wireless networks my wireless card sees. I issue the <strong>iwlist wlan0 scanning </strong>command.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi-txxU7COw-8kbfZQDHGsuhW-X4LdB7lXFLUSXVz_HaavH5eqIuTH7E5bffs8glS-pGkpdaDfRK7E0_gNNHraAGB58nYPtFKYMH1sRpbS3TadD5OljnhkRKBGa5gm6wblWU1wWNyn81VwQ/s1600/iwlist-scanning.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="82" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi-txxU7COw-8kbfZQDHGsuhW-X4LdB7lXFLUSXVz_HaavH5eqIuTH7E5bffs8glS-pGkpdaDfRK7E0_gNNHraAGB58nYPtFKYMH1sRpbS3TadD5OljnhkRKBGa5gm6wblWU1wWNyn81VwQ/s1600/iwlist-scanning.png" width="640" /></a></div>
<br />
This command forces the wireless card to scan and report on all wireless networks in the vicinity.<br />

You can see from this example it found my target network: Wireless Lab. It also found the MAC address of my access point: <em><strong>0E:18:1A:36:D6:22</strong></em>.
 This is important to note because I want to limit my attack to this 
specific access point (to ensure we are not attacking or breaking anyone
 else’s password).<br />

Secondly, we see the AP is transmitting on <em>channel 36</em>.This 
is important because it allows us to be specific on what wireless 
channel we will want our wireless card to monitor and capture traffic 
from.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjPyX5ST4cMFvEZor6iXHoEkV1aaFFNVEN-Vn-1skgIVLkld1kxUU7lB1m8RDwLIKEioDW477zj5G_NLKlRLcKUoh3-T1muXE8cpcftOVhRAoLWNjNlY1RUXjyN5gbvds3cDTZNxH2snYMB/s1600/Wireless-Lab2-1024x613.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="382" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjPyX5ST4cMFvEZor6iXHoEkV1aaFFNVEN-Vn-1skgIVLkld1kxUU7lB1m8RDwLIKEioDW477zj5G_NLKlRLcKUoh3-T1muXE8cpcftOVhRAoLWNjNlY1RUXjyN5gbvds3cDTZNxH2snYMB/s1600/Wireless-Lab2-1024x613.png" width="640" /></a></div>
<br />
<br />
<em>Step 5:</em><br />

The next step is to change the wireless card to <em>monitoring mode</em>. This will allow the wireless card to examine all the packets in the air.<br />

We do this by creating a <em>monitor interface</em> using <strong>airmon-ng.</strong> Issue the <strong>airmon-ng</strong> command to verify airmon-ng sees your wireless card. From that point create the monitor interface by issuing the command: <strong>airmon-ng start wlan0</strong><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg0HYLz4-CLV_J-rnR9HiGuh-x4giNkHVMeIg60yMszAPjmwh95tcWfizqtZ4YrK2cNSWfryigsjN9-0ciV-BxxNJZNXWPfDZHBhNnXzkQ3hhJShsP85LHnJPhLKnEr_IBvT6B3laAd0LHI/s1600/airmon-ng-start-1024x599.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="374" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg0HYLz4-CLV_J-rnR9HiGuh-x4giNkHVMeIg60yMszAPjmwh95tcWfizqtZ4YrK2cNSWfryigsjN9-0ciV-BxxNJZNXWPfDZHBhNnXzkQ3hhJShsP85LHnJPhLKnEr_IBvT6B3laAd0LHI/s1600/airmon-ng-start-1024x599.png" width="640" /></a></div>
<br />
 Next, run the <strong>ifconfig</strong> command to verify the monitor interface is created. We can see <strong>mon0</strong> is created.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhbK6y5b-BhskP6YYeGjDlgN9SrPc5skxIo2IZKxg16_xYl_18G-Tt7ksYMgGnZsM1zcXdzEoJV8DjoEfkYS2LOS1nU8yD6NSmqGv_ApuDth0psptJa7i6c2PiBOQXybzwHF8TidAQIQSlO/s1600/ifcofig-2.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="66" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhbK6y5b-BhskP6YYeGjDlgN9SrPc5skxIo2IZKxg16_xYl_18G-Tt7ksYMgGnZsM1zcXdzEoJV8DjoEfkYS2LOS1nU8yD6NSmqGv_ApuDth0psptJa7i6c2PiBOQXybzwHF8TidAQIQSlO/s1600/ifcofig-2.png" width="640" /></a></div>
<br />
<br />
<br />
<br />
Now verify the interface <em>mon0</em><strong> </strong>has been created. <br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiWs0WNhcHO4WKqD7M6rHMFVC2iUN9o1wX5TdccJhJ1rzmISFLLGew1n3Ftv0pA0pWE2gkneJ-ekNRBpk-ZG9I39X96iCjLrpAVaOIUsvsREzHY783yG2ge3bCyrPRrDsQcxBjhK-2jPyw/s1600/mon01-1024x196.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="122" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiiWs0WNhcHO4WKqD7M6rHMFVC2iUN9o1wX5TdccJhJ1rzmISFLLGew1n3Ftv0pA0pWE2gkneJ-ekNRBpk-ZG9I39X96iCjLrpAVaOIUsvsREzHY783yG2ge3bCyrPRrDsQcxBjhK-2jPyw/s1600/mon01-1024x196.png" width="640" /></a></div>
<br />
<br />
<em>Step 6:</em><br />

Use <strong>airodump-ng</strong> to capture the WPA2 handshake. The attacker will have to catch someone in the act of authenticating to get a valid capture. <strong>Airodump-ng</strong> will
 display a valid handshake when it captures it. It will display the 
handshake confirmation in the upper right hand corner of the screen.<br />

<em>Note: We will manually connect to the wireless network to force a
 handshake. In a future post I will show you how to force 
a reauthorization to make a device automatically disconnect and 
reconnect without any manual intervention.</em><br />

We used the following command: <strong>airodump-ng mon0 – -bssid 20:aa:4b:1f:b0:10 </strong>(to capture packets from our AP) – -<strong>channel 6</strong> (to limit channel hopping) – -<strong>write BreakingWPA2</strong> (the name of the file we will save to)<br />

<strong>airodump-ng mon0 – -bssid <strong>0E:18:1A:36:D6:22</strong> – -<strong>channel 36 – -<strong>write BreakingWPA2</strong></strong></strong><br />
<br />
(make sure there is no space between “- -“)<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj_QL91jCFlaC_ANF7gExl9rAP5VWtOWyzGhR8USymcjUJwWMPagNerHMGcu2tK0Ov8Mjm_mzbaVLAJPl8a4OS93PxWjQPMp1yxJ2TZsMFlQMddiuvs3ocxyLDfZYJnxyMQjpvJ0Gui-9ls/s1600/Airodump-command-1024x671.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="417" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj_QL91jCFlaC_ANF7gExl9rAP5VWtOWyzGhR8USymcjUJwWMPagNerHMGcu2tK0Ov8Mjm_mzbaVLAJPl8a4OS93PxWjQPMp1yxJ2TZsMFlQMddiuvs3ocxyLDfZYJnxyMQjpvJ0Gui-9ls/s1600/Airodump-command-1024x671.png" width="640" /></a></div>
<br />
<br />
To capture the handshake you are dependent on monitoring a legitimate
 client authenticate to the network. However, it does not mean you have 
to wait for a client to legitimately authenticate. You can force a 
client to re-authenticate (which will happen automatically with most 
clients when you force a deauthorization).<br />

When you see the <strong>WPA Handshake Command you know you have captured an valid handshake</strong><br />

<br />

example:<br />
<br />
<br />

We will use <strong>aircrack-ng</strong> with the dictionary file to crack the password. Your chances of breaking the password are dependent on the password file.<br />

<br />

The command on  is: <strong>aircrack-ng “<em>name of cap file you created”</em> -w “<em>name of your dictionary file”</em></strong><br />
<br />

The <strong>BreakingWPA2-01.cap</strong> file was created when we ran the <strong>airodump-ng</strong> command. The valid WPA2 handshake airodump captured is stored in the <strong>BreakingWPA2-01.cap</strong> file.<br />

Backtrack 5 ships with a basic dictionary. The dictionary file <strong>darkc0de.lst </strong>is a popular worldlist that ships with BackTrack5. We added our password <em>Cisco123</em> in this file to make the test run a little smoother.<br />
<br />
<br />
<br />
<br />
In this blog we created a file named “sample.lst” and added the word Cisco123 in it.<br />

<em>Success:</em><br />

If the password is found in the dictionary file then Aircrack-ng will crack it.<br />
<br />
<br />
<br />

Hack WEP,WPA2 Wifi In Kali Linux

Breaking WPA2-PSK with Kali Linux WPA2-PSK may not be as safe as you think. There are a few attacks against WAP2-PSK. One of the most ...

<div dir="ltr" style="text-align: left;" trbidi="on">
<i>Revelations</i> debuted on the Nintendo 3DS last year. The game was set between <i>Resident Evil 4</i> and <i>Resident Evil 5</i>.
 The newly formed BSAA must stop a terrorist organization named Il 
Veltro who has unleashed a new mutative plague. Players take on the role
 of long-time series vets Jill Valentine and Chris Redfield.<br>
<br>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgn5Jhy4N_G8SUXLYd9hEPthKvLxA5hLtJ1z0hfcoBDb0jVV382JYDw9bg_d0cJqXpxNmW1txnY8sbFjxom9RpEeLHFgygVeyyZ9YLNpUtt7mtWmlp85n9ucUQ0leUYcwudaJyGpHjWNYDl/s1600/Resident+Evil+Revelations+-+Unveiled+Edition.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="360" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgn5Jhy4N_G8SUXLYd9hEPthKvLxA5hLtJ1z0hfcoBDb0jVV382JYDw9bg_d0cJqXpxNmW1txnY8sbFjxom9RpEeLHFgygVeyyZ9YLNpUtt7mtWmlp85n9ucUQ0leUYcwudaJyGpHjWNYDl/s1600/Resident+Evil+Revelations+-+Unveiled+Edition.jpg" width="640"></a></div>
<br>
<br>
<br>
<br>
<br>
</div>