Skip links

WPA/WPA2 Crack Demo – Live – Part 1

Yeah yeah…its an old topic…but something interesting….WPA/WPA2 Cracking……using Dictionary Brute Force and Brute Force using GPU and CPU. There’s many info about this outside there, unfortunately, there no single Straight Forward or Real GUIDE to reproduce those DEMO, so I’ve decided to relay this clearly… yeah… CLEARLY! and straight to the POINT!  ( hopefully it would benefit some ) 

A brief Intro: 
Wireless is currently used as part of our home/business/entertainment internet infrastructure, hence, security and securing the infrastructure is very Important, unless, you don’t mind your neighbour using your bandwidth to Download and Upload or even eavesdropping on your traffic, then, LEAVE this BLOG NOW!…  or if YOU want to secure your infrastructure, take a look at the Possibilites and work towards Secure Wireless… we called this “ Security Through Scrutiny

I’ve put in some structure to this GUIDE:

 

  • PART 1 
    1. The Understandings 
    2. The requirements
    3. The Gathering 
  • PART 2
    1. The Cracking 

So, lets begin the PART 1, 

1. The Understanding

  1. Wireless: The traveling of data in an unseen world, as water, that has no taste, no flavour, no colour, but we need it everyday, Wireless works with AIR.. or space… or whatever you would name it, as technology evolve, we need it everyday… same like Water…
  2. Data Travelling in Air, requires frequency, like our radio, therefore its requires Radio Frequency and a Channel.
  3.  Wireless technology or known as WiFi has a predefined  Channel and Frequency that created and controlled by IEEE
  4. Each Wireless infrastructure requires an AP ( Access Point ) and Wireless Client ( Laptop, SmartPhone, Tablets  and etc )
  5. To Protect the Data Exchange between Wireless AP and Client, a Security Mechanism/Protocol is created, Known as WEP , WPA , WPA2-Personal and WPA2-Enterprise
  6. Commonly used Wireless Security Protocol today in our everyday life is WPA-Personal for Home/Small Businesses and WPA-Enterprise for Enterprises.
  7. WPA/WPA2 requires min 8 Char as the shared code ( Shared Code is like a password to Access the Wireless Service ), each client required to insert the passcode in order to join a wireless access point.
  8. Each Wireless Access Point broadcast a name known as BSSID ( or SSID )
  9. A little understanding of Linux operating system and the way to use the command
  10. A little understanding of Virtualization Technology and How to Setup a Virtual Machines

And that the understanding. Please refer to all this links to get more Information about the UNDERSTANDING:
( You really need to UNDERSTAND this part, and by just reading these links, you may not Understand, that’s why we have Hand’s On Lab, Books, Trainers, Security/Wireless Certified Guys… and so on, try to use them as well…  )

  1. http://en.wikipedia.org/wiki/IEEE_802.11
  2. http://en.wikipedia.org/wiki/Wireless_security
  3. http://en.wikipedia.org/wiki/List_of_WLAN_channel
  4. http://www.tldp.org/LDP/intro-linux/html/
  5. http://en.wikipedia.org/wiki/Comparison_of_platform_virtualization_software


2. The Requirements

A. Hardware:

    • A Laptop with at least 4GB RAM or more
    • A Wireless Card that supports “Packet Injection” (usb)
    • USB Port

The WIRELESS Card i used for this DEMO : 

alfa1     image-2
Add to the Wireless card, a good powerful antenna would be an added advantage…

B. Software:

    • Any O.S that is capable of running Linux as Virtual Machines
    • VMWare Workstation [ Windows ] or VMWare Fusion [ recommended to reproduce the DEMO ]   —> http://vmware.com
    • Kali Linux 64bit latest release    —>  http://www.kali.org

3. The Gathering

Well, if you are still reading this, then, I assume, you do know what is virtualisation and how to setup and etc…, so, we take a straight deep dive to the Gathering Part inside kali linux, if you still stuck in setting up, drop a comment, if i’m free, I’ll help.

 

Firstly, start the KALI Linux VM, then attach the USB wireless device and make sure the Kali Linux detect it…. run this following commands to verify the setup…
Debian_7-Kali

if the card is detected, then, run check to see is there any process that can cause trouble, if there is, kill it!
Debian_7-Kali 2

Then, Next would be, Check again and Start the wireless card in monitor mode
Debian_7-Kali 3

Then, perform a Air Dump, means DUMP all available DATA travelling in the air to your console….
Debian_7-Kali 4 

The result of the dump should look like this, from there, pick you target and write down the  target information, e.g : BSSID & Channel 
Debian_7-Kali 5

Then, stop the AIR DUMP and Start over again the dump, but this time using the Target information and set the command to Collect the DATA in a text files defined by option  [ -w ] 
Debian_7-Kali 6

Following, while its collecting DATA from the DUMP, proceed to next step, 
Debian_7-Kali 7

Next, start a new console and perform DoS [  Denial of Service ] to force all the client connected to perform a reconnection, when the reconnection happens, a WPA HANDSHAKE will take place, the whole gathering is depends on the WPA HANDSHAKE… follow this…. 
Debian_7-Kali 8

and then, go back to view the gathering of WPA HANDSHAKE, 
Debian_7-Kali 9

If you see the WPA HANDSHAKE, you may stop all you activity and proceed to part 2….. Well… based on the comments and likes I get in this article, I would construct the part 2, in Part 2, I will DEMO on how to Crack the HANDSHAKE using Dictionary, GPU and CPU… See you guys in next round…. Have Fun “Gathering” 

*all this DEMO was done in a Controlled environment, no DOGS or CATS were harmed during  the production of this DEMO. 
*all the  gathered NETWORK belongs to Steven.Com.My,  WE do NOT crack others NETWORK,  unless we have a Written permission to do so. 

View
Drag