How to Hack WPA/WPA2 Wi Fi with Kali Linux. Kali Linux can be used for many things, but it probably is best known for its ability to penetration test, or “hack,” WPA and WPA2 networks.
Warning..!! WIFI hacking is illegal. "This ppt is only for educational purposes. I am not responsible for any consequences."
1. WIFI HACKINGTHE IN DEPTH STORY OF WHAT ARE WE HACKING
Guided by:- Mrs. Hemangini Patel
Presented by:- Mehul Jariwala
2. Contents
1. Terminologies in WLAN.
2. Encryption in Wi-Fi
WEP
WPA
WPA2
3. Encryption Algorithm Works.
4. Tools For Hacking.
5. History of Kali Linux.
6. Feature of Kali Linux.
7. Steps to Hack Wi-Fi with Kali Linux.
3. Terminologies in WLAN
IEEE 802.11:- It is a set of media access control (MAC) and physical
layer (PHY) specifications for implementing wireless local area
network (WLAN).
3 Way Handshake:- It’s a cryptographic message exchange between
the AP and The client which authenticates the client to connect to the AP.
Access Point (AP):- An access point is a device, such as a wireless router,
that allows wireless devices to connect to a network
SSID (Service Set Identity):- It is also known as the "wireless network
name", the SSID is a 32 character, case sensitive name given to a Basic
Service Set established by an access point.
4. Encryption in Wi-Fi
1. Wired Equivalent Privacy (WEP)
IT is an easily broken security algorithm for IEEE 802.11.
WEP is the older form of encryption developed around
1997.
WEP, recognizable by the key of 10 or 26 hexadecimal digits.
Once this measure has been taken, other typical LAN
security mechanisms such as password protection, end-to-
end encryption, virtual private networks (VPNs),
and authentication can be put in place to ensure privacy.
5. Encryption in Wi-Fi
2. Wi-Fi protected access(WPA)
It was formally adopted in 2003, a year before WEP was
officially retired.
A 128-bit WEP key is usually entered as a string of 26
hexadecimal characters.
Attacker had captured or altered packets passed between
the access point and client and the Temporal Key Integrity
Protocol (TKIP).
TKIP employs a per-packet key system that was radically
more secure than fixed key used in the WEP system.
6. Encryption in Wi-Fi
3. Wi-Fi Protected Access II (WPA2)
One of the most significant changes between WPA and
WPA2 was the mandatory use of AES[Advance Encryption
Standard] algorithms.
WPA2 uses 256 bit AES algorithms for encryption which
makes it much more secure than the ones before it.
Although breaking into a WPA/WPA2 secured network
using this vulnerability requires anywhere from 5-14 hours
of sustained effort with a modern computer and not be
sure to hack the Successfully.
8. Tools For WI-FI Hacking
Air crack:- Air crack is the most popular and widely-known
wireless password cracking tools.
Air Snort:- Air Snort is another popular wireless LAN password
cracking tool.
Kismet:- Kismet is network sniffer and intrusion detection system.
Air jack:- Air jack is a Wi-Fi 802.11 packet injection tool.
Net Stumble:- Net Stumble is another wireless password cracking
tool available only for Windows platform.
Cloud Cracker :- Cloud Cracker is the online password
cracking tool for cracking WPA protected wi-fi networks.
Wep Crack:- Cracking WEP
9. History of Kali Linux
Kali Linux is a Debi an-based Linux distribution aimed at
advanced Penetration Testing and Security Auditing. Kali
contains several hundred tools aimed at various Information
Security tasks, such as Penetration Testing, Forensics and
Reverse Engineering.
Kali Linux is Developed, Funded and Maintained by Offensive
Security, a leading information security training company.
Kali Linux was released on the 13th March, 2013 as a
complete rebuild of Backtrack Linux.
Kali Linux is Named after a Hindu goddess.
11. Features of KALI LINUX
Open Source.
Developed in a secure environment.
Available in 32-bit and 64-bit images.
It’s first version of Kali 1.0 was Released on 13th March, 2013.
It’s newest version Kali 2.0 was released on 11th August, 2015.
Multi Language Support.
Rewritten to use Debian standards.
300+ pentesting applications.
Users can customize Kali Linux to suit their needs.
12. Steps for Wi-Fi Hacking
Step 1:-
Start Kali Linux and login, preferably as root.
Step 2:-
Plug-in your injection-capable wireless adapter, (Unless your native computer
wireless card supports it).
13. Steps for Wi-Fi Hacking
Step 3:-
Now you will display the kali Linux Home Screen.
14. Steps for Wi-Fi Hacking
Step 4:-
Open a terminal window by pressing the terminal icon at the top left.
Otherwise You Press the shortcut key Ctrl + t.
Terminal are open.
15. Steps for Wi-Fi Hacking
Step 5:-
Open Terminal and Find out the name of your wireless adapter.,
type ifconfig on a terminal. See the result. (here my wireless adapter is
‘wlan0’)
et0:- no wireless extensions.
l0:- no wireless extensions.
Wlan0:- it will Display the External Wi-Fi Adaptor Information.
16. Steps for Wi-Fi Hacking
Step 6:-
Next type in the command “airmon-ng”. see if your adapter is seen
by Kali Linux. It should show the interface, chipset, and driver.
n:- It will check the number of wlan0 adaptor
g:- It will check the wlan0 adaptor signal.
17. Steps for Wi-Fi Hacking
Step 7:-
Type airmon-ng start followed by the interface name of your wireless card.
mine is wlan0.
my command would be: airmon-ng start wlan0
18. Steps for Wi-Fi Hacking
Step 8:-
Start capturing packets. we’ll use airmon-ng to capture the packets in the
air.
You’ll see the name of the Wi-Fi you want to hack.
type command airodump – ng wlan0mon
19. Steps for Wi-Fi Hacking
Step 9:-
Now stop the capture packets Ctrl + C.
Type command:-airodump-ng –c [channel no] --bssid [id] –w
/root/Desktop/ wlan0mon.
This save the all .cap file into the Desktop.
20. Steps for Wi-Fi Hacking
Step 10:-
This means that the handshake has been captured, the password is in the
hacker’s hands, in some form or another. You can close the aireplay-ng –
deauth 10 –a [bssid] –c [station] wlan0mon.
21. Steps for Wi-Fi Hacking
Step 11:-
Actually, it’s the .cap one, that is important. Open a new Terminal, and type
in this command:
aircrack-ng -b [router bssid] -w [path to wordlist] /root/Desktop/ -
02.cap
-b stands for bssid, replace [router bssid] with the BSSID of the target
router, mine is 00:14:BF:E0:E8:D5.
-w stands for wordlist, replace [path to wordlist] with the path to a wordlist
that you have downloaded. I have a wordlist called “wpa.txt” in the root
folder.
aircrack-ng –b 00:14:BF:E0:E8:D5 –w /root/wpa.txt /root/Desktop/*.cap
22. Steps for Wi-Fi Hacking
Step 12:-
Aircrack-ng will now launch into the process of cracking the password.
However, it will only crack it if the password happens to be in the wordlist
that you’ve selected.
Cracking the password might take a long time depending on the size of the
wordlist.
Sometimes, it’s not. If this is the case, you can try other wordlists
24. Steps for Wi-Fi Hacking
Step 14:-
The passphrase to our test-network was “123mun3124bili79” and you can
see here that it was in the wordlist, and air crack found it.