Hng Dn Hack Wifi M Ha Dng WPA/WPA2

Tm tt cc lnh 1: airodump-ng // kim tra interface ca card wireless 2: airmon-ng start wlan0 // khi ng card wireless 3: airodump-ng start mon0 // chuyn sang ch nghe ngng-gim st. 4: airodump-ng -c 1 bssid xx:xx:xx:xx:xx:xx -w capture mon0 //bt gi tin AP xx.. l mac AP cn tn cng. 5: aireplay-ng -0 1 -a xx:xx:xx:xx:xx:xx -c yy:yy:yy:yy:yy:yy mon0 / lm client rt mng nhanh chng ly c gi tin cha thng tin xc thc. yy l MAC ca client ang kt ni n AP. 6: aircrack-ng -c /root/capture-01.cap -w /mnt/IT/wordlist/keys.txt // so snh thng tin m ha pass vi b t in ly tm pass, /root/capture-01.cap l file cha gi xc thc bt c, /mnt/IT/wordlist/keys.txt l ng dn ch n ni cha file dictionary. 1.B t in mnh, hoc dng ca Back track cng c. T in th cc bn c th ti trn mng rt nhiu, nu c thi gian th mnh s hng dn lm t in ring cho mnh v ci khng th thiu l h iu hnh Back Track . 2. 1 ci USB (>=4G) bung h iu hnh Back track boot trn USB thay v dng my o, hoc bn burn OS ra a DVD cng c. 3. Nu dng USB th phi cn n phn mn ny unetbootin-windows-575 mc ch l to file boot USB cho OS Linux, nu khng c n s khng boot c bng USB.

Nu Boot bng HHD th bn ch cn chn ch Type l hard disk,ch vi dung lng gn 2g th cng ca bn c th chy hng chc HDH ny trn mt cng l bnh thng. xong khi ng li s c menu cho bn chn l khi ng vo windown bnh thng hay vo Backtrack 4. Khi ng li my boot vo USB 4.Chn ch graphic d khai thc (exploit). tm tt cc lnh cn dng. 1: airodump-ng > kim tra interface ca card xem c h tr hack khng. google seach xem cc loi card h tr(support) khng nh. bit card wifi c h tr khng bn lm n bc th 3 tip theo sau y.

2: airmon-ng start wlan0 > khi ng card wireless 3: airodump-ng start mon0 > chuyn sang ch nghe ngng gim st, nu m hin nh hnh sau l card c h tr hack.

4. airodump-ng wlan0 >xem cc thng tin v AP ly thng tin khai thc(exploit) cho cc bc sau.

 y chng ta cn ly l MAC ca AP v Client ang kt ni vi n. AP Chng ta cn tn cng l NguyenTrongTien dng m ha l WPA2 CCMP/AES l mt c ch m ha rt mnh v phc tp. 4. M thm mt shell na g lnh : airodump-ng -c 9 bssid 00:27:19:D5:6D:c4 -w wpa mon0 > thc hin bt gi tin ca AP vi knh ct CH l 9 (-c 9) MAC AP 00:27:19:D5:6D:C4 v MAC Client 00:55F:BF:7F:EA . wpa l tn t cho gi tin bt c bn mun t tn th no cng c. mc ch ca gi tin ny l cha cc thng tin m ha ca password ly n so snh vi dictionary. sau khi enter bn thy nh sau: vn cn ch fixed channel wlan0 (gc phi trn cng) l cha bt c gi tin cn thit nu bt tay thnh cng 4 ln th s c ch WPA Handshake. n hiu qua nhanh hn chng ta m shell mi g lnh tip theo (5).

5. M thm mt shell mi ri g lnh nhn m tn i ln v enter nhiu ln c hiu qu nhanh nht : aireplay-ng -0 1 -a 00:27:19:D5:6D:c4 -c 00:22:5F:BF:7F:EA mon0 > -0 bt client xc thc li v khi xc thc li ta s ly c thng tin m ha pass qu trnh ny khng phi ngi dng nhp li mt khu u m b rt mng trong giy lt v my s t ng kt ni li,(trong lc ny m c client no kt ni th cng thnh cng trong vic bt gi tin xc thc) nh vy ta s ly c thng tin. ch lm lin tc lnh ny c kt qu nhanh nht. 1 is the number of deauths to send

Kt qu nh ni bc 4 l nh sau , thy ch WPA Handshake ngha l bt tay thnh cng 4 ln( ai hc mng khng dy s hiu r qu trnh ny)

Bc tip theo l so snh thng tin bt c vi dic tm pass 6 aircrack-ng -w pass.txt wpa-01.cap pass.tx > y l file dic m bn ti v c dng *.txt, wpa-01.cap l gi tin m bn bt bc 4. tm li dng lnh ny l gii m pass. ch l phi ng ng dn n file dic nh, phi g bn m ni cha file dic ri ko th vo mn hnh shell sau ch -w nh hnh sau :

Hoc c th dng t in c sn ca Back Track vi ng dn bn di g my ch u ri nhn tab th bn phi g c th v OS Linux h tr iu ny VD: /pent >nhn tab th chng ta khng phi g thm ch est/ ng sau,c tng t nh ng dn n file hay th mc (wpa*.cap ngha l tt c cc file c tn wpa..cap, file ny thng c dng *-01.cap,*-02.cap)

By gi th ngi ch nh, y l kt qu.

S thnh cng hay tht bi ph thuc vo nhng yu t sau: 1. file dic ca bn mnh c th c c pass. 2. My cu hnh cng mnh th cng nhanh nh hnh trn l 352.03 k/s (chm lm) bo cng phi trn mb/s th mi ok. Tm li :Nu l m ha dng Web th 100% ly c pass 1. Dictionary attack ch yu l hn xui. 2. Bruteforce attack cch ny th perfect ,pass c no tra cng ra b li thi gian th khi phi ni . 3. RAT+Wirelesskeyview combo attack cch ny th ta nh l ci Keylogger vo my victim, m con RAT ny li hi hn KeyLog ch l mnh c th iu khin my victim => ly cp pass rt d) . 4. Rogue AP attack d ly pass nht .Nhng cch ny di hi phi c kin thc nhiu v mng, v cch thc hot ng l to mt AP gi mo ,sau Victim kt ni vo v n require password again ,sau khi victim type vo th pass s chuyn v cho mnh.