Food

Living

Outside

Play

Technology

Workshop

How to Hack Wifi (and how to avoid being hacked): WEP/WPA/WPA2

by techdls on September 27, 2011 Table of Contents How to Hack Wifi (and how to avoid being hacked): WEP/WPA/WPA2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Intro: How to Hack Wifi (and how to avoid being hacked): WEP/WPA/WPA2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Step 1: What you Need. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Step 2: Hack WEP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Step 3: Hack WPA/WPA2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Step 4: Secure Your Own Wireless Network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Step 5: Passwords . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Related Instructables . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 2 2 2 3 4 5 5

http://www.instructables.com/id/How-to-Hack-Wifi-and-how-to-avoid-being-hacked-/

Intro: How to Hack Wifi (and how to avoid being hacked): WEP/WPA/WPA2
This guide is meant to show how easy it is to hack wireless networks if the proper security measures are not in place. First I will show how to hack a WEP or WPA/WPA2 Network and then I will give tips on how to avoid getting hacked. This is important information in our techno-savy culture. If your Wireless network is compromised you can be liable for any illegal activity on it. There are numerous stories of child pornographers and black-hat hackers using other peoples wireless networks. NOTE: Hacking your neighbours or anyone else's Wifi without their permission is ILLEGAL. Be smart!

Step 1: What you Need.

-A Computer. (A Laptop works best) -A Wireless Card capable of packet injection. -If your laptop wireless card can't do packet injection you can purchase a wireless adapter such as the Netgear WG111 v2 for around $8-$12 on eBay. -A Live installation of BackTrack either on a CD or USB stick. -BackTrack 5 Can be found Here -Create a Live USB Install Here

Step 2: Hack WEP

WEP has been hacked for the past 5+ years yet people continue to use it. With the instructions below we can crack WEP in under 15 minutes. You can crack WEP from the command line but there is an easy GUI interface in backtrack which makes it a much less painful experience for those who are scared of command prompts. 1. Boot into BackTrack 2. Click on the Backtrack applications menu -> Backtrack -> Exploitation tools -> Wireless exploitation -> WLAN Exploitation -> gerix-wifi-cracker-ng (This will open up the GUI interface seen in the picture.) 3. Go to the configuration menu and select the wireless interface wlan0 -click on Enable/Disable Monitor Mode. (this will put the wireless card into monitor mode) -Select the newly created mon0 interface. 4. Now click on the WEP tab at the top of the window.

http://www.instructables.com/id/How-to-Hack-Wifi-and-how-to-avoid-being-hacked-/

-Click on "Start sniffing and logging" and leave the terminal open. -Once the wireless network you want to crack* shows up (has to be WEP encryption of course) select the WEP Attacks (with clients). *note that the PWR has to be high enough to work so the closer you can get, the better. -There you click on Associate with AP using fake auth, wait a few seconds and click on ARP request replay. 5. Once the Data number reaches over 10,000 you are ready to try and crack the key, but don't close any windows yet. -Go to the cracking tab and click on Aircrack-ng Decrypt WEP password under Wep Cracking. It will take a few seconds to minutes to crack the password and then you are good to go.

Step 3: Hack WPA/WPA2

At least WPA and WPA2 are safe right? Wrong. WPA and WPA2 are both crackable but the time it takes to crack depends on the strength of their password. WPA2 takes longer than WPA as well to crack. -Boot into BackTrack -Open up Konsole which is a command line utility built into BackTrack. It is the Black Box in the Lower-Left Hand Corner (See Image). We will now be entering the following commands into the command line noted by Bold as well as explanations as to what they do: -The following commands stop the wireless interface so you can change your mac address, this is important because your mac address is a unique identifier so faking one is a good idea if you are accessing a network you don't have permission to. (which by the way I wholly condemn) 1: airmon-ng stop wlan0 ifconfig wlan0 down macchanger --mac 00:11:22:33:44:55 wlan0 airmon-ng start wlan0 2: -Now we will put the airodump-ng tool into monitor mode, this will allow us to see all of the wireless networks around us (See the first Picture). airodump-ng mon0 Now choose the network you want to hack and take note of the BSSID, and the Channel it is one as well as the ESSID. The PWR has to be fairly high to be able to hack it, this is determined by how close you are to the wireless router. The closer you are, the better. Once you have chosen the wireless network enter the following into the terminal: This will write capture packets and put them into the "filename" file, we are trying to capture the handshake between the router and wireless connection which will give us the key we need to crack. 3: airodump-ng mon0 --channel * --bssid **:**:**:**:**:** -w filename The following step is optional but is highly recommended as it will speed up the process a great deal. Once WPA handshake: **:**:**:**:**:** appears in the top right-hand corner we can move on. If you are having trouble getting the WPA handshake to occur then do step 4. 4: aireplay-ng -0 1 -a **:**:**:**:**:** -c **:**:**:**:**:** mon0 What this step (4) does is it deauthorizes a wireless connection and trie to re-establish it so it will generate a new handshake to capture. This step ends once you have captured the handshake.

http://www.instructables.com/id/How-to-Hack-Wifi-and-how-to-avoid-being-hacked-/

5: aircrack-ng w wordlist.lst -b **:**:**:**:**:** filename.cap Step 5 is now trying to crack the password in "filename.cap" using a dictionary, here called "wordlist.lst" you can download a good 200 million word dictionary here (128MB but unzipped is 800MB). 6. If the password isn't found in the dictionary you can try and brute-force the password with this command: (Note this could take a very long time depending on their password strength). /pentest/password/jtr/john --stdout --incremental:all | aircrack-ng -b **:**:**:**:**:** -w - filename.cap

Step 4: Secure Your Own Wireless Network

Hopefully you gained some insight into how to not get your own wireless connection hacked: 1. Use WPA2 and by all means never use WEP. 2. Don't base your password on a dictionary word. The next section focuses on passwords in general) 3. In your router settings you can usually hide your ESSID (the name of the wireless network) this will add a small layer of security. 4. In your router there is probably a mac-address filtering where you can specify the mac addresses that are allowed to connect.

http://www.instructables.com/id/How-to-Hack-Wifi-and-how-to-avoid-being-hacked-/

Step 5: Passwords
You have to have good passwords in this day and age. If not your credit card information, your personal information and identity are available to those who want to use it and abuse it. Here are some guidelines to coming up with a secure password: 1. At least 8 characters. 2. At least one number, letter and special character ie: $ # % ^ @ ! 3. NOT based on a dictionary word 4. Multiple transitions: ie: aaa111aaa111 not aaaa11111. How can I remember these passwords? Come up with a word such as: calculus and substitute numbers and other characters for letters ie: c@1cu1u$ This is still based on a dictionary word so append something to it such as your favorite number: 37 Also, use a different password for every website, how can you do this easily? Remember random variables in algebra? Have a random variable in your password that is based on the website or some other information. IE: XpasswordY where the first X is the last letter of the website name and the last Y is the first letter of the website name: So the Instructables website password would be SpasswordI or your facebook password would be KpasswordF and your hotmail password will be LpasswordH. It might seem like a lot but it's not and it's worth the time not having your identity stolen and your life ruined.

Related Instructables

Wifi security by Goosen

Ipod Touch Wifi Wont Connect WEP by Josco

How to find out your WEP/WPA key by awang8

Multi-LED 7 segment iPhone WiFi control (Photos) by granitepenguin

Homebrew sonos music box, sort of... by miga03

Caffeine Boost Your WIFI (video) by biink

http://www.instructables.com/id/How-to-Hack-Wifi-and-how-to-avoid-being-hacked-/